[CLSA-2026:1784190453] skopeo: Fix of CVE-2026-27145
Type:
security
Severity:
Moderate
Release date:
2026-07-16 08:27:55 UTC
Description:
- CVE-2026-27145: rebuild against golang >= 1.25.7-1.el9_6.tuxcare.els12 to fix denial-of-service in crypto/x509 certificate hostname verification, where the candidate hostname was split once per SAN inside the loop instead of once outside it
CVEs fixed:
Updated packages:
  • skopeo-1.18.1-2.el9_6.tuxcare.els5.x86_64.rpm
    sha:e66bd30252b35539f9be707d28022b547958c517cb429272bdefb738091631e9
  • skopeo-tests-1.18.1-2.el9_6.tuxcare.els5.x86_64.rpm
    sha:cd10011db7c941352e2df81bda7e52ad89175d41d3201e0fe306cd017338b896
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.