QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size.

QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size.

QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size.

QUIC connections do not set an upper bound on the amount of data buffe ...

QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size.

ELSA-2023-7763: runc security update (MODERATE)

Security update for go1.21

ELSA-2023-7766: containernetworking-plugins security update (MODERATE)

ELSA-2023-7765: podman security update (MODERATE)

ELSA-2023-7764: buildah security update (MODERATE)

ELSA-2023-7762: skopeo security update (MODERATE)

ELSA-2025-7256: git-lfs security update (MODERATE)

ELSA-2024-0121: container-tools:4.0 security update (MODERATE)

Security update for go1.21-openssl

ELSA-2024-2988: container-tools:ol8 security update (MODERATE)