[ALSA-2022:8098] Moderate: toolbox security and bug fix update
Release date:
Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fix(es): * golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705) * golang: io/fs: stack exhaustion in Glob (CVE-2022-30630) * golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631) * golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 toolbox-tests- 5a7dbb7577025725ed04679a45df55a5e21f5f42985c05eb8533668226bf1c2b
aarch64 toolbox- 90826184d3e2d3a72b2b934cd74508f7aae17de1c73b5d141b199434870c6513
ppc64le toolbox- b6dcda39c5c21d98916d7d39e91de307d0429ee7eb9110219e6f7c5f9469e684
ppc64le toolbox-tests- b9639f2bc8db4f4bcb958ff6ff5c66ce23437bd09e73a9a5a301a9f8d33c2aa0
s390x toolbox- 2edbcdb27866b5758291c55206e31ede8a0d7b097dcace6acd0b81f304de2965
s390x toolbox-tests- 7ec4fafe667dbcc6ca2e8b2c7a412e8a7ba4c2773a99a79d185b69e9ec505e6a
x86_64 toolbox-tests- 87a82a8017d67c56e751dcf9f216f2203fafb1650ae3f94cbe58b0c02e106287
x86_64 toolbox- e03ca338e92ceaa677c403e2d45021d711a1d132a5e019a4bfe24824e4985315
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.