[ALSA-2026:4177] Important: opentelemetry-collector security update
Type:
security
Severity:
important
Release date:
2026-03-13
Description:
Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fix(es): * golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726) * crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 opentelemetry-collector-0.144.0-1.el9_7.aarch64.rpm ac103d242c74825d90bf225ae0730c4609a957e05f170128e43a67bdcb6078b6
ppc64le opentelemetry-collector-0.144.0-1.el9_7.ppc64le.rpm 7a5330ad5208932d06ace46ee6f65e56a280dbadb7b6823c213ab3ec83ab2882
s390x opentelemetry-collector-0.144.0-1.el9_7.s390x.rpm 4287c2a5ee4a5468e5f4244b4ee3831a89e3723f6164319094749e8e58b1e08b
x86_64 opentelemetry-collector-0.144.0-1.el9_7.x86_64.rpm 45cb85c28b8df9d245b0034496802ba6b143f0bca7f2037bee4e25d1c1e50310
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.