SUSE-SU-2024:1166-1

Опубликовано: 08 апр. 2024

Источник: suse-cvrf

Описание

Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues:

Upgrade from v1.26.9 to v1.26.14
CVE-2024-0793: Fixed a DoS caused via a malformed HPA v1 manifest. (bsc#1219964)

Список пакетов

SUSE Linux Enterprise Module for Containers 15 SP5

kubernetes1.26-client-1.26.14-150400.9.6.1

kubernetes1.26-client-common-1.26.14-150400.9.6.1

openSUSE Leap 15.5

kubernetes1.26-client-1.26.14-150400.9.6.1

kubernetes1.26-client-common-1.26.14-150400.9.6.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20241166-1/
Link for SUSE-SU-2024:1166-1
https://lists.suse.com/pipermail/sle-updates/2024-April/034898.html
E-Mail link for SUSE-SU-2024:1166-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1219964
SUSE Bug 1219964
https://www.suse.com/security/cve/CVE-2024-0793/
SUSE CVE CVE-2024-0793 page

Описание

A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn.

Затронутые продукты

SUSE Linux Enterprise Module for Containers 15 SP5:kubernetes1.26-client-1.26.14-150400.9.6.1

SUSE Linux Enterprise Module for Containers 15 SP5:kubernetes1.26-client-common-1.26.14-150400.9.6.1

openSUSE Leap 15.5:kubernetes1.26-client-1.26.14-150400.9.6.1

openSUSE Leap 15.5:kubernetes1.26-client-common-1.26.14-150400.9.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-0793.html
CVE-2024-0793
https://bugzilla.suse.com/1219964
SUSE Bug 1219964

SUSE-SU-2024:1166-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Containers 15 SP5

openSUSE Leap 15.5

Ссылки

Уязвимость: CVE-2024-0793

Описание

Затронутые продукты

Ссылки