Description:
The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.
Security Fix(es):
* golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788)
* net/[http:](http:) Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
containernetworking-plugins-1.5.1-2.el9.aarch64.rpm |
88f25353880b42f704dc229f580a5c27d1f861c8d1c0367a016ab668f512fc60 |
| ppc64le |
containernetworking-plugins-1.5.1-2.el9.ppc64le.rpm |
2fb7a48eaf1d2e6109cce8b81e94c02e54af52f296bd9c432c4d909978122609 |
| s390x |
containernetworking-plugins-1.5.1-2.el9.s390x.rpm |
86c7d7cdb15f05680cb1a719eed92defc3f50b3e6d4b4a006cfa8935293c7664 |
| x86_64 |
containernetworking-plugins-1.5.1-2.el9.x86_64.rpm |
48edce7944c0f9318c986cb0841f3ccca18a39063af3220c0a766fd6a3bccae3 |
