Описание
Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer
This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues:
Update to version 1.51.0
Security issues fixed in vendored dependencies:
-
CVE-2022-1996: Fixed CORS bypass (bsc#1200528)
-
Include additional tools used by cdi-importer: cdi-containerimage-server cdi-image-size-detection cdi-source-update-poller
-
Pack only cdi-operator and cdi-cr release manifests
-
Install tar for cloning filesystem PVCs
Список пакетов
SUSE Linux Enterprise Module for Containers 15 SP4
openSUSE Leap 15.4
Ссылки
- Link for SUSE-SU-2022:3334-1
- E-Mail link for SUSE-SU-2022:3334-1
- SUSE Security Ratings
- SUSE Bug 1200528
- SUSE CVE CVE-2022-1996 page
Описание
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.
Затронутые продукты
Ссылки
- CVE-2022-1996
- SUSE Bug 1200528