SUSE-SU-2022:3335-1

Описание

This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues:

Update to version 1.43.2

• Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.43.2

Security issues fixed:

• CVE-2022-1996: Fixed CORS bypass in go-restful vendored dependency (bsc#1200528)

Other fixes:

• Include additional tools used by cdi-importer: cdi-containerimage-server cdi-source-update-poller
• Pack only cdi-{cr,operator}.yaml into the manifests RPM
• Install tar package (used for cloning filesystem PVCs)