Описание
Security update for kubernetes1.23
This update for kubernetes1.23 fixes the following issues:
- Upgrade from v1.25.14 to v1.25.16
- CVE-2024-0793: Fixed a DoS caused via a malformed HPA v1 manifest. (bsc#1219964)
Список пакетов
SUSE Linux Enterprise Module for Containers 15 SP5
kubernetes1.25-client-1.25.16-150400.9.6.1
kubernetes1.25-client-common-1.25.16-150400.9.6.1
openSUSE Leap 15.5
kubernetes1.25-client-1.25.16-150400.9.6.1
kubernetes1.25-client-common-1.25.16-150400.9.6.1
Ссылки
- Link for SUSE-SU-2024:1165-1
- E-Mail link for SUSE-SU-2024:1165-1
- SUSE Security Ratings
- SUSE Bug 1062303
- SUSE Bug 1219964
- SUSE CVE CVE-2024-0793 page
Описание
A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn.
Затронутые продукты
SUSE Linux Enterprise Module for Containers 15 SP5:kubernetes1.25-client-1.25.16-150400.9.6.1
SUSE Linux Enterprise Module for Containers 15 SP5:kubernetes1.25-client-common-1.25.16-150400.9.6.1
openSUSE Leap 15.5:kubernetes1.25-client-1.25.16-150400.9.6.1
openSUSE Leap 15.5:kubernetes1.25-client-common-1.25.16-150400.9.6.1
Ссылки
- CVE-2024-0793
- SUSE Bug 1219964