Name of the Vulnerable Software and Affected Versions skopeo versions 1.13.0 through 1.14.1

Description This update for skopeo fixes several issues, including updates to various modules and dependencies, such as github.com/containers/common, github.com/containers/image/v5, and golang.org/x/term. The update also includes fixes for libsubid detection, ENTRYPOINT documentation, and RPM builds. Additionally, the update adds support for zstd:chunked and updates the Go version requirement.

Recommendations To resolve the issue, update skopeo to version 1.14.2 or later. For versions prior to 1.14.2, consider temporarily disabling the vulnerable modules or dependencies until a patch is available. Restrict access to the vulnerable API endpoints and parameters to minimize the risk of exploitation. Avoid using the vulnerable functions or variables until the issue is resolved.