[ALSA-2026:36317] Important: skopeo security update
Type:
security
Severity:
important
Release date:
2026-07-08
Description:
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fix(es): * net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) * crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries (CVE-2026-27145) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 skopeo-tests-1.22.2-7.el9_8.aarch64.rpm 4696a5c172b8e2aef24a7b2a1b17c9ef1a4b6436f56a6808484f0f1b9d60df8f
aarch64 skopeo-1.22.2-7.el9_8.aarch64.rpm 5677ec8281452f1b9b1aceb2b3b8935e2e56f1678ee247b46ec0b63b641c9bc7
ppc64le skopeo-tests-1.22.2-7.el9_8.ppc64le.rpm d4a876f0d12888e28d4005aba6faf33f7e0b18ea1912ad1717e0501134bbbbc0
ppc64le skopeo-1.22.2-7.el9_8.ppc64le.rpm e0de5080c857c96ea7672717bc012f79108815fb3dc2bdd5626abc453b9502cb
s390x skopeo-1.22.2-7.el9_8.s390x.rpm b1872ab419100c3851eb54d8a9878a7a0f25c0e261911a28e0941f3e8bfa402a
s390x skopeo-tests-1.22.2-7.el9_8.s390x.rpm b23ccf71c61bab59b755840a507379b37fa4f5896c9e80055f9efc429501700e
x86_64 skopeo-tests-1.22.2-7.el9_8.x86_64.rpm 5720b101162905fd53eccc2c9d7f5dd07fffcd4ebb39407cf79cf3e2734e747a
x86_64 skopeo-1.22.2-7.el9_8.x86_64.rpm 5cdeb2f433160e0e9882e562533d0fccf743e202f55b4163485280eae9ce11db
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.