Hello!
A vulnerability scanner has flagged our Rocky8 installation, namely the container-selinux package, as vulnerable to CVE-2025-22869, a Go crypto/ssh DoS vulnerability. Indeed, RedHat has issued a security advisory (RHSA-2025:3210) and updated packages in the container-tools module.
I have been looking for a corresponding errata for Rocky 8, but the search did not yield any results. I would like to ask if the latest build of container-tools contains the fix and it’s just an issue with the errata (the package changelog’s latest entry is from January, which would suggest the issue is not fixed), or perhaps the CVE has been reviewed and the Rocky8 builds were deemed not vulnerable, or does the issue need to be remediated by a new rebuild?
Thank you!
Slawek