[ALSA-2024:3831] Moderate: containernetworking-plugins security and bug fix update
Type:
security
Severity:
moderate
Release date:
2024-06-13
Description:
The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. Security Fix(es): * golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290)
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 containernetworking-plugins-1.4.0-3.el9_4.aarch64.rpm 3378ab0c66f51c65f5853ca20cdc2fd0c86cf46ed1eed76f86a5340eb9899e63
ppc64le containernetworking-plugins-1.4.0-3.el9_4.ppc64le.rpm deba55790c2514874656406849e5fa46e5f8dff1894e35cf01f2446e3e6c40eb
s390x containernetworking-plugins-1.4.0-3.el9_4.s390x.rpm 36b0f4160d2a7b56f4bf364e477997f585b1b2576b9125bd490abb34be6a3dff
x86_64 containernetworking-plugins-1.4.0-3.el9_4.x86_64.rpm db983cfabf7e7a95a55324b67815afe4b0c8bbfc188676ca9e19eb9d29fdde30
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.