[ALSA-2022:7548] Low: Image Builder security, bug fix, and enhancement update
Type:
security
Severity:
low
Release date:
2022-11-12
Description:
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): * golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 weldr-client-35.5-4.el8.aarch64.rpm 9d6cc66b83d72879f85205c081c635251665df5a00741881cb453c9cdb8601c1
ppc64le weldr-client-35.5-4.el8.ppc64le.rpm 5dd1c58a887c9228d5ea5ed721349d8be66392256da1246b78b7ed3c682fd7ff
s390x weldr-client-35.5-4.el8.s390x.rpm 24c1cf0ea1902a1787c2b9068a7749f2357a242b809d5680a6ed46a506abee47
x86_64 weldr-client-35.5-4.el8.x86_64.rpm 1d41da7c3a44d1ff530c740cba5b48f3f2fa991a51ec1279fe825da7f7538f1c
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.