Rocky Enterprise Software Foundation Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fix: * golang: net/http, x/net/http2: rapid stream resets can cause excessive work * HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS att ...
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fix: * golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests * golang: crypto/tls: session tickets lack random ticket_age_add For more details about the security issue, including the impact, a CVSS score, ack ...
Conmon is an OCI container runtime monitor. Security Fix: * golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, ...
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Security Fix: * golang: net/http: An attacker can cause exc ...
Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fix: * golang: net/http: handle server errors after sending GOAWAY * golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests * golang: math/big: de ...
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix: * golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests * golang: crypto/tls: session tickets lack random ticket_age_add For more details about the security issue, ...
The Container Network Interface project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. Security Fix: * golang: net/http: An attacker can cause excessive me ...
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * golang: net/http: improper sanitization of Transfer-Encoding header * golang: go/parser: stack exhaustion in all Parse* functions * golang: net/http: handle server errors after sending GOAWAY * golang: encoding/xml: stack exhaustion in Decoder.Skip * golang: io/fs: ...
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * golang: net/http: improper sanitization of Transfer-Encoding header * golang: go/parser: stack exhaustion in all Parse* functions * golang: net/http: handle server errors after sending GOAWAY * golang: encoding/xml: stack exhaustion in Decoder.Skip * golang: io/fs: ...
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix: * pcs: webpack: Regression of CVE-2023-28154 fixes in the Rocky Linux * rubygem-rack: Denial of service in Multipart MIME parsing * rubygem-rack: denial of service in header parsing For more details about the security issue, including the impact, a CVSS score, acknowledgments, an ...