Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP4
patchinfo.35415
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.35415
<patchinfo incident="35415"> <issue tracker="cve" id="2023-44487"/> <issue tracker="cve" id="2024-24786"/> <issue tracker="cve" id="2023-39325"/> <issue tracker="cve" id="2023-45288"/> <issue tracker="bnc" id="1229869">VUL-0: kubernetes1.28: x/net affected by CVE-2023-44487,CVE-2023-39325,CVE-2023-45288</issue> <issue tracker="bnc" id="1229867">VUL-0: CVE-2024-24786: kubernetes1.24,kubernetes1.25,kubernetes1.26,kubernetes1.27,kubernetes1.28: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON</issue> <issue tracker="bnc" id="1229858">VUL-0: kubernetes1.28: built against EOL of GO</issue> <packager>psaggu</packager> <rating>important</rating> <category>security</category> <summary>Security update for kubernetes1.27</summary> <description>This update for kubernetes1.27 fixes the following issues: Update kubernetes to version 1.27.16 - CVE-2024-24786: Fixed infinite loop in protojson.Unmarshal in golang-protobuf (bsc#1229867) - CVE-2023-39325: Fixed a flaw that can lead to a DoS due to a rapid stream resets causing excessive work. This is also known as CVE-2023-44487. (bsc#1229869) - CVE-2023-45288: Fixed denial of service due to close connections when receiving too many headers in net/http and x/net/http2 (bsc#1229869) - CVE-2023-44487: Fixed HTTP/2 Rapid Reset attack in net/http (bsc#1229869) Other fixes: - Update go to version v1.22.5 (bsc#1229858) </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
