[ALSA-2022:7950] Low: Image Builder security, bug fix, and enhancement update
Type:
security
Severity:
low
Release date:
2022-11-18
Description:
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fix(es): * golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 weldr-client-35.5-4.el9.aarch64.rpm d6c2f676650099b342cae167b0701f70cbcb26c727d64f69390713330a994b34
ppc64le weldr-client-35.5-4.el9.ppc64le.rpm 2399e22775018a59092bd7d244177a51f1221ec82f62f1a53e6e6b7fd5471f7e
s390x weldr-client-35.5-4.el9.s390x.rpm 8ddc566887b0c2bae85d85f10d3baec7045bc9002feec2a801d2349221b9f98a
x86_64 weldr-client-35.5-4.el9.x86_64.rpm 89a8ded9a65be524146fd974c00c90628076e2d1f5d49ed4d05827471aa8d285
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.