ALT-BU-2020-3930-3
Branch p9 update bulletin.
Package strongswan updated to version 5.8.4-alt5 for branch p9 in task 255160.
Closed bugs
Конфликт между pki & strongswan.
Package alterator-browser-qt5 updated to version 3.2.2-alt1 for branch p9 in task 255169.
Closed bugs
FR: Просьба увеличить размер шрифта в инсталляторе
Closed vulnerabilities
Modified: 2024-11-21
CVE-2019-14891
A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management (conmon) processes being killed if a workload process triggers an out-of-memory (OOM) condition for the cgroup. An attacker could abuse this flaw to get host network access on an cri-o host.
Modified: 2024-11-21
CVE-2022-0532
An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. The sysctls from the list of "safe" sysctls specified for the cluster will be applied to the host if an attacker is able to create a pod with a hostIPC and hostNetwork kernel namespace.
Modified: 2022-02-24
GHSA-jqmc-79gx-7g8p
Incorrect Permission Assignment for Critical Resource in CRI-O
- https://nvd.nist.gov/vuln/detail/CVE-2022-0532
- https://github.com/cri-o/cri-o/pull/5610
- https://bugzilla.redhat.com/show_bug.cgi?id=2051730
- https://github.com/cri-o/cri-o
- https://github.com/cri-o/cri-o/releases/tag/v1.23.1
- https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/#enabling-unsafe-sysctls