SUSE-SU-2023:0871-1 -- SLES container-suseconnectID: oval:org.secpod.oval:def:89048544 | Date: (C)2023-04-11 (M)2024-05-09 |
Class: PATCH | Family: unix |
This update of container-suseconnect fixes the following issue: * container-suseconnect was rebuilt against the current go1.19 release, fixing security issues and other bugs fixed in go1.19.7. * CVE-2022-41723: Fixed quadratic complexity in HPACK decoding . * CVE-2022-41724: Fixed panic with arge handshake records in crypto/tls . * CVE-2022-41725: Fixed denial of service from excessive resource consumption in net/http and mime/multipart . * CVE-2023-24532: Fixed incorrect P-256 ScalarMult and ScalarBaseMult results . * CVE-2022-41720: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows .
Platform: |
SUSE Linux Enterprise Server 15 SP2 |
SUSE Linux Enterprise Server 15 SP3 |
SUSE Linux Enterprise Server 15 SP1 |
Product: |
container-suseconnect |