Описание
Security update for kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-operator-container
This update for kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-operator-container fixes the following issues:
- CVE-2021-43565: Fixes a vulnerability in the golang.org/x/crypto/ssh package which allowed unauthenticated clients to cause a panic in SSH servers. (bsc#1193930)
Список пакетов
Container suse/sles/15.3/virt-api:0.45.0
kubevirt-virt-api-0.45.0-8.7.1
Container suse/sles/15.3/virt-controller:0.45.0
kubevirt-virt-controller-0.45.0-8.7.1
Container suse/sles/15.3/virt-handler:0.45.0
kubevirt-container-disk-0.45.0-8.7.1
kubevirt-virt-handler-0.45.0-8.7.1
Container suse/sles/15.3/virt-launcher:0.45.0
kubevirt-container-disk-0.45.0-8.7.1
kubevirt-virt-launcher-0.45.0-8.7.1
Container suse/sles/15.3/virt-operator:0.45.0
kubevirt-virt-operator-0.45.0-8.7.1
SUSE Linux Enterprise Module for Containers 15 SP3
kubevirt-manifests-0.45.0-8.7.1
kubevirt-virtctl-0.45.0-8.7.1
Ссылки
- Link for SUSE-SU-2022:0040-1
- E-Mail link for SUSE-SU-2022:0040-1
- SUSE Security Ratings
- SUSE Bug 1190587
- SUSE Bug 1190839
- SUSE Bug 1193930
- SUSE CVE CVE-2021-43565 page
Описание
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
Затронутые продукты
Container suse/sles/15.3/virt-api:0.45.0:kubevirt-virt-api-0.45.0-8.7.1
Container suse/sles/15.3/virt-controller:0.45.0:kubevirt-virt-controller-0.45.0-8.7.1
Container suse/sles/15.3/virt-handler:0.45.0:kubevirt-container-disk-0.45.0-8.7.1
Container suse/sles/15.3/virt-handler:0.45.0:kubevirt-virt-handler-0.45.0-8.7.1
Ссылки
- CVE-2021-43565
- SUSE Bug 1193930