Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:Update
patchinfo.35646
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.35646
<patchinfo incident="35646"> <issue tracker="bnc" id="1216109">VUL-0: CVE-2023-39325: go1.20,go1.21: net/http: rapid stream resets can cause excessive work</issue> <issue tracker="bnc" id="1216123">VUL-0: CVE-2023-44487: TRACKER-BUG: HTTP/2 Rapid Reset Attack</issue> <issue tracker="bnc" id="1221400">VUL-0: CVE-2023-45288: go1.21,go1.22: net/http, x/net/http2: close connections when receiving too many headers</issue> <issue tracker="bnc" id="1226136">VUL-0: CVE-2024-24786: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON</issue> <issue tracker="bnc" id="1229858">VUL-0: kubernetes1.28: built against EOL of GO</issue> <issue tracker="bnc" id="1229867">VUL-0: CVE-2024-24786: kubernetes1.24,kubernetes1.25,kubernetes1.26,kubernetes1.27,kubernetes1.28: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON</issue> <issue tracker="bnc" id="1229869">VUL-0: kubernetes1.24,kubernetes1.25,kubernetes1.26,kubernetes1.27,kubernetes1.28: x/net/http2 affected by CVE-2023-44487,CVE-2023-39325,CVE-2023-45288</issue> <issue tracker="bnc" id="1230323">VUL-0: CVE-2023-39325: TRACKERBUG: golang.org/x/net/http2: rapid stream resets can cause excessive work</issue> <issue tracker="cve" id="2024-24786"/> <issue tracker="cve" id="2023-39325"/> <issue tracker="cve" id="2023-44487"/> <issue tracker="cve" id="2023-45288"/> <packager>psaggu</packager> <rating>important</rating> <category>security</category> <summary>Security update for kubernetes1.25</summary> <description>This update for kubernetes1.25 fixes the following issues: - CVE-2023-45288: golang.org/x/net: excessive CPU consumption when processing unlimited sets of headers. (bsc#1229869) - CVE-2023-44487: google.golang.org/grpc, kube-apiserver: HTTP/2 rapid reset vulnerability. (bsc#1229869) - CVE-2024-24786: github.com/golang/protobuf: infinite loop when unmarshaling invalid JSON. (bsc#1229867) Bug fixes: - Update go to version 1.22.5 in build requirements. (bsc#1229858) </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
