[ALSA-2024:3830] Moderate: gvisor-tap-vsock security and bug fix update
Type:
security
Severity:
moderate
Release date:
2024-06-13
Description:
A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fix(es): * golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290)
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 gvisor-tap-vsock-0.7.3-3.el9_4.alma.1.aarch64.rpm a0c7c4c9342470ed29b299e6360f5dde0edcec5ba5465fba0ba26e971806dd18
ppc64le gvisor-tap-vsock-0.7.3-3.el9_4.alma.1.ppc64le.rpm 2c15d41ff75b880c513f5f00492a799cb19c1ec66880af28a5e81952a58e98ce
s390x gvisor-tap-vsock-0.7.3-3.el9_4.alma.1.s390x.rpm 00ca7400713cbfd5e6e50125d4b9dc5761409323d22f7587215c1002f6592926
x86_64 gvisor-tap-vsock-0.7.3-3.el9_4.alma.1.x86_64.rpm eb415374858059252f28eafcf43dae2e93a22a69b8e173e85cf6a64d7e225305
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.