Description:
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.
Security Fix(es):
* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
skopeo-1.20.0-3.el9_7.aarch64.rpm |
c9c8dd22eaf338958cc51c53241a2deb459e4a00fa940aedf45a177f6c2cc594 |
| aarch64 |
skopeo-tests-1.20.0-3.el9_7.aarch64.rpm |
e1579273d27a9837bc8616dc0189fc9ef0649c54754585d9aafedf4c7b0e07c1 |
| ppc64le |
skopeo-1.20.0-3.el9_7.ppc64le.rpm |
66a9bfffaecda854ca0ecb76c23519f4182f9e983715215d3ca1dbdac019df08 |
| ppc64le |
skopeo-tests-1.20.0-3.el9_7.ppc64le.rpm |
81e6dd701c88d69417d61748ff80ed24a6664c17af7cf25f3af002c7eda33d6f |
| s390x |
skopeo-1.20.0-3.el9_7.s390x.rpm |
37c5350f690775dc4d6aa23e2383a34dac09b01f3a428961473d5ce4dd04686b |
| s390x |
skopeo-tests-1.20.0-3.el9_7.s390x.rpm |
5a4235b59b002005c4c1a2346fd8dd222e86ba7016c44010e28675c652d9efba |
| x86_64 |
skopeo-1.20.0-3.el9_7.x86_64.rpm |
f2bdd7dc2778c7a307e6f6927ecdf041157af40a4def0cfa1f3528b35a3c78ce |
| x86_64 |
skopeo-tests-1.20.0-3.el9_7.x86_64.rpm |
fe2a787a3d0f1e1cb2ff7269d950d1e6d03e22220ffaaf5cce976bce552f874e |
