RHSA-2023:2236-01 -- Redhat toolboxID: oval:org.secpod.oval:def:507672 | Date: (C)2023-05-22 (M)2024-06-18 |
Class: PATCH | Family: unix |
Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fix: * golang: net/http: handle server errors after sending GOAWAY * golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests * golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section.
Platform: |
Red Hat Enterprise Linux 9 |