Description:
Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI.
Security Fix(es):
* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)
* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)
* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)
* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
toolbox-tests-0.0.99.3-5.el9.aarch64.rpm |
5a7dbb7577025725ed04679a45df55a5e21f5f42985c05eb8533668226bf1c2b |
| aarch64 |
toolbox-0.0.99.3-5.el9.aarch64.rpm |
90826184d3e2d3a72b2b934cd74508f7aae17de1c73b5d141b199434870c6513 |
| ppc64le |
toolbox-0.0.99.3-5.el9.ppc64le.rpm |
b6dcda39c5c21d98916d7d39e91de307d0429ee7eb9110219e6f7c5f9469e684 |
| ppc64le |
toolbox-tests-0.0.99.3-5.el9.ppc64le.rpm |
b9639f2bc8db4f4bcb958ff6ff5c66ce23437bd09e73a9a5a301a9f8d33c2aa0 |
| s390x |
toolbox-0.0.99.3-5.el9.s390x.rpm |
2edbcdb27866b5758291c55206e31ede8a0d7b097dcace6acd0b81f304de2965 |
| s390x |
toolbox-tests-0.0.99.3-5.el9.s390x.rpm |
7ec4fafe667dbcc6ca2e8b2c7a412e8a7ba4c2773a99a79d185b69e9ec505e6a |
| x86_64 |
toolbox-tests-0.0.99.3-5.el9.x86_64.rpm |
87a82a8017d67c56e751dcf9f216f2203fafb1650ae3f94cbe58b0c02e106287 |
| x86_64 |
toolbox-0.0.99.3-5.el9.x86_64.rpm |
e03ca338e92ceaa677c403e2d45021d711a1d132a5e019a4bfe24824e4985315 |
