ALSA-2026:3337

[ALSA-2026:3337] Important: podman security update

Type:

security

Severity:

important

Release date:

2026-02-26

Description:

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.  

Security Fix(es):  

  * crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
  * golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)
  * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
  * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	podman-remote-5.6.0-14.el9_7.aarch64.rpm	25592d00b73bbdbadd2c6bee3a6725c1c980023ce52b04342b1027fc296b4950
aarch64	podman-tests-5.6.0-14.el9_7.aarch64.rpm	350d49cd2cabb59d30e6c847a461aaa506d5f15cfeacf3daf8c93ea479f4231d
aarch64	podman-5.6.0-14.el9_7.aarch64.rpm	377eee7f26d2b54fbdde6f600f73b2aa209a0adac800809f17e3aac605925102
aarch64	podman-plugins-5.6.0-14.el9_7.aarch64.rpm	477d07d4c3d1380d548fe78a973e51a168d0cc67e9a33c6b922c8a0c942f6e17
noarch	podman-docker-5.6.0-14.el9_7.noarch.rpm	90f0d253f84790d17063d4dde9ddda5ef355f2c3aa527a2d188e91000b803229
ppc64le	podman-plugins-5.6.0-14.el9_7.ppc64le.rpm	32bb6128d18cbe1b5094c1863c10f202f70190094f301c2d1f3538a11cc18b6a
ppc64le	podman-tests-5.6.0-14.el9_7.ppc64le.rpm	41d686991ba474a2c183c0d12f775ce01a129e06456eccfa69697c78b6bf13a5
ppc64le	podman-5.6.0-14.el9_7.ppc64le.rpm	b3422503220c469f7c3797c3b9eed18e6d0a93cf3c4c51c40776965c038ff268
ppc64le	podman-remote-5.6.0-14.el9_7.ppc64le.rpm	edd81f7a4dd23db3a86e97fa38802270715c546f7f7bec76f658f4348d82bb43
s390x	podman-tests-5.6.0-14.el9_7.s390x.rpm	2c6111d75251288d1b2e818e6f5e00bce3bab6b7dd1d9199eed15116b7589682
s390x	podman-remote-5.6.0-14.el9_7.s390x.rpm	722351c4ba7fdf36973c1f2bcda5fbcb4bb6dbcdf4abf50cbc2191b25d2f88a5
s390x	podman-plugins-5.6.0-14.el9_7.s390x.rpm	861f1be97e9bbcd8376c59df39773d0252fac10694a18019c3717c8757683a63
s390x	podman-5.6.0-14.el9_7.s390x.rpm	afa91cdc1f78a470e0bf3369612038f74f999a076af6a7d77fdf1ee767c55b15
x86_64	podman-5.6.0-14.el9_7.x86_64.rpm	3c4ba48f136f021d6fe6a36b81d251dd6fb2557fd5b1713aadb048f25a63052a
x86_64	podman-plugins-5.6.0-14.el9_7.x86_64.rpm	54ee34bddd5ac68865fdf2eb1df1ddd330d2db5f67d6ad39807fe97b654e3214
x86_64	podman-tests-5.6.0-14.el9_7.x86_64.rpm	826ebe0cbb71f02a84b63bcb651f60ed447e00cd8516ae3c4df726ffe461b4c4
x86_64	podman-remote-5.6.0-14.el9_7.x86_64.rpm	adb5933f22640587194105963c43a50258554d04b4143174f4260043f136ff7f

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.