ELSA-2025-4669

ULN >
Oracle Linux Errata repository >
ELSA-2025-4669

ELSA-2025-4669 - osbuild-composer security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2025-05-08

Description

[118.2-1.0.1]
- jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204)

Related CVEs

CVE-2025-30204

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	osbuild-composer-118.2-1.0.1.el9_5.src.rpm	502008397277c73088595ce1a4254afe0a0ab28e556982d053a95fc452eb1840	-	ol9_aarch64_appstream
	osbuild-composer-118.2-1.0.1.el9_5.aarch64.rpm	005b162de4efd0926615523e76d35e9248710b4cdf3822b1470e97b40e648898	-	ol9_aarch64_appstream
	osbuild-composer-core-118.2-1.0.1.el9_5.aarch64.rpm	298a7773460da7b27d4ab97c17ad83711b0a8e83668d6e137b730d9d808923f8	-	ol9_aarch64_appstream
	osbuild-composer-worker-118.2-1.0.1.el9_5.aarch64.rpm	69d26eaa56222d7827f78b15134d1252d3581e77b3fd1e1ece62186fba5e03d9	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	osbuild-composer-118.2-1.0.1.el9_5.src.rpm	502008397277c73088595ce1a4254afe0a0ab28e556982d053a95fc452eb1840	-	ol9_x86_64_appstream
	osbuild-composer-118.2-1.0.1.el9_5.x86_64.rpm	a087a86ae834c25a58b8d7f8cf7786d0157a88a51d02ac6ee1bf7cbacdd57567	-	ol9_x86_64_appstream
	osbuild-composer-core-118.2-1.0.1.el9_5.x86_64.rpm	370c51112f3770c4b53d6f5e9b0fcd61c28d4e0af70c4ce9ddc2bb6cd7701de0	-	ol9_x86_64_appstream
	osbuild-composer-worker-118.2-1.0.1.el9_5.x86_64.rpm	2f018aaa6bd45f2dde9dd6ca1df90877e18300daa59c34f0bee26dadeeedfd20	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691