cockpit-composer-45-1.el8, osbuild-composer-75-1.el8.ML.1, osbuild-81-1.el8.ML.1, weldr-client-35.9-2.el8

エラータID: AXSA:2023-6087:04

Release date: 
Tuesday, June 20, 2023 - 09:53
cockpit-composer-45-1.el8, osbuild-composer-75-1.el8.ML.1, osbuild-81-1.el8.ML.1, weldr-client-35.9-2.el8
Affected Channels: 
Asianux Server 8 for x86_64

Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood.

Security Fix(es):

* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)
* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)
* golang: net/[http:](http:) handle server errors after sending GOAWAY (CVE-2022-27664)
* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)
* golang: net/[http:](http:) An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Asianux Server 8.8 Release Notes linked from the References section.

In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB.
Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged.
Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.
An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.


Update packages.

Additional Info: 



  1. cockpit-composer-45-1.el8.src.rpm
    MD5: f12ebeccb75ac9feb35707c23d51cb7a
    SHA-256: 5c39430dfed0ce4af7a48931c3d3b5ad5ff52767c0766149f511aaa597ae5443
    Size: 3.13 MB
  2. osbuild-composer-75-1.el8.ML.1.src.rpm
    MD5: 62a9abfc64c722f1a3a0e65831464ed5
    SHA-256: 7b9a5c8059943b699451d345362761ca8307d07ba6ed88bc60a6550dd0c78957
    Size: 91.86 MB
  3. osbuild-81-1.el8.ML.1.src.rpm
    MD5: 6b6236e43ec868450069aa309be4cfc8
    SHA-256: 3482bda5e3fd57048573887adf1444cbf7e411bd03f44ea0ef1280660b5a94da
    Size: 4.55 MB
  4. weldr-client-35.9-2.el8.src.rpm
    MD5: d67abfac366a81763135560526b71847
    SHA-256: 0e45e12efc8e11fc2fe9f0e4e5b6cd35f8515f6d877fc4d6b4f0eadadf4e8947
    Size: 431.63 kB

Asianux Server 8 for x86_64
  1. cockpit-composer-45-1.el8.noarch.rpm
    MD5: eac6778a33d618ae1861cbb91e250cde
    SHA-256: 35156d4aa1011f6310aa08518e9784e9b300a5b7b5634e1c3b5d5ea26c3983eb
    Size: 2.12 MB
  2. osbuild-81-1.el8.ML.1.noarch.rpm
    MD5: 748838120d1d71a72fdf9cc32ddbd256
    SHA-256: bd0ca0f07c22cc74144f537c8f17b8cb23a97c7e7ea95484cc804d60265db48a
    Size: 131.20 kB
  3. osbuild-composer-75-1.el8.ML.1.x86_64.rpm
    MD5: e0750514156c19a3209e511f810f3fdc
    SHA-256: 4949fc49a67d692f34aa5b97af5d52e261e5b59c121ab00c9cedb2dbb24552e8
    Size: 20.21 kB
  4. osbuild-composer-core-75-1.el8.ML.1.x86_64.rpm
    MD5: 3fb1f85820ffb526665b0ccd013e2fdf
    SHA-256: 9ec99c3f3968cdbe9cf8a601d55ca4bddf6bc57551181eff1257a65a8d31a2b7
    Size: 7.60 MB
  5. osbuild-composer-dnf-json-75-1.el8.ML.1.x86_64.rpm
    MD5: 30ce11b5af6483bf33ce9c9be33925b8
    SHA-256: 6b1a3250f14163806b0752b08634cb589056ab97d1b0ce3e2341c7d2bec50087
    Size: 15.09 kB
  6. osbuild-composer-worker-75-1.el8.ML.1.x86_64.rpm
    MD5: c51f2c921fbc67a01ed38647449dd4af
    SHA-256: faf727e572883eeae8d83dbb80b32410a51556fb4c5992a69cb88a86b632f8d0
    Size: 11.63 MB
  7. osbuild-luks2-81-1.el8.ML.1.noarch.rpm
    MD5: b946a4f4cf242f63aa95d83e1978dee4
    SHA-256: 9e56aa12e4471f2504139c62f41169d8e6638d0e16d0d20d86f24d50937690b0
    Size: 18.16 kB
  8. osbuild-lvm2-81-1.el8.ML.1.noarch.rpm
    MD5: 5ab3a997f728d91e40de03151b3eb0b9
    SHA-256: 50b95e2b91d1d1a22a0dd7f32234d65e63f347740fce3025c025be1680119cdd
    Size: 17.77 kB
  9. osbuild-ostree-81-1.el8.ML.1.noarch.rpm
    MD5: 6798852c5a67a2015ff6878edaf165b0
    SHA-256: 70124a8499e87888ac4a1de01dcaeee27603af0e0c8cd7315be459e191dafd79
    Size: 29.01 kB
  10. osbuild-selinux-81-1.el8.ML.1.noarch.rpm
    MD5: 6208ebc66ba87c0c2d5a4d28230916a5
    SHA-256: e35c991ef82a6214855fd9c1851eb5910b34d479819f51287255fd18836f9f4b
    Size: 30.00 kB
  11. python3-osbuild-81-1.el8.ML.1.noarch.rpm
    MD5: a202926a90d3761eaa7082244301fa86
    SHA-256: 8b3e30cbecd4ed0a85f4230ce3bf230837339b525914d4bd37afb70365a6e327
    Size: 191.96 kB
  12. weldr-client-35.9-2.el8.x86_64.rpm
    MD5: 8bc84e1fd084b69536c91b9ea864750a
    SHA-256: cdce78a73825078b912d142b4e9e09ba4c2ac91b87ae06c934f99a4b9ae8ee6e
    Size: 2.96 MB