Описание
Security update for kubernetes1.27
This update of kubernetes1.27 fixes the following issues:
- rebuild the package with the current go 1.23 security release (bsc#1229122).
Список пакетов
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
kubernetes1.27-client-1.27.16-150400.9.12.1
kubernetes1.27-client-common-1.27.16-150400.9.12.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
kubernetes1.27-client-1.27.16-150400.9.12.1
kubernetes1.27-client-common-1.27.16-150400.9.12.1
SUSE Linux Enterprise Module for Containers 15 SP5
kubernetes1.27-client-1.27.16-150400.9.12.1
kubernetes1.27-client-common-1.27.16-150400.9.12.1
SUSE Linux Enterprise Module for Containers 15 SP6
kubernetes1.27-client-1.27.16-150400.9.12.1
kubernetes1.27-client-common-1.27.16-150400.9.12.1
SUSE Linux Enterprise Server 15 SP4-LTSS
kubernetes1.27-client-1.27.16-150400.9.12.1
kubernetes1.27-client-common-1.27.16-150400.9.12.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
kubernetes1.27-client-1.27.16-150400.9.12.1
kubernetes1.27-client-common-1.27.16-150400.9.12.1
openSUSE Leap 15.5
kubernetes1.27-client-1.27.16-150400.9.12.1
kubernetes1.27-client-common-1.27.16-150400.9.12.1
openSUSE Leap 15.6
kubernetes1.27-apiserver-1.27.16-150400.9.12.1
kubernetes1.27-client-1.27.16-150400.9.12.1
kubernetes1.27-client-bash-completion-1.27.16-150400.9.12.1
kubernetes1.27-client-common-1.27.16-150400.9.12.1
kubernetes1.27-client-fish-completion-1.27.16-150400.9.12.1
kubernetes1.27-controller-manager-1.27.16-150400.9.12.1
kubernetes1.27-kubeadm-1.27.16-150400.9.12.1
kubernetes1.27-kubelet-1.27.16-150400.9.12.1
kubernetes1.27-kubelet-common-1.27.16-150400.9.12.1
kubernetes1.27-proxy-1.27.16-150400.9.12.1
kubernetes1.27-scheduler-1.27.16-150400.9.12.1
Ссылки
- Link for SUSE-SU-2024:3455-1
- E-Mail link for SUSE-SU-2024:3455-1
- SUSE Security Ratings
- SUSE Bug 1229122
- SUSE Bug 1230252
- SUSE Bug 1230253
- SUSE Bug 1230254
- SUSE CVE CVE-2024-34155 page
- SUSE CVE CVE-2024-34156 page
- SUSE CVE CVE-2024-34158 page
Описание
Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.12.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.12.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.12.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.12.1
Ссылки
- CVE-2024-34155
- SUSE Bug 1230252
Описание
Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.12.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.12.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.12.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.12.1
Ссылки
- CVE-2024-34156
- SUSE Bug 1230253
Описание
Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.12.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.12.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.12.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.12.1
Ссылки
- CVE-2024-34158
- SUSE Bug 1230254