containernetworking-plugins-1.4.0-5.el9_4
エラータID: AXSA:2024-8752:04
The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.
Security Fix(es):
* golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm (CVE-2024-24783)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2024-24783
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.
Update packages.
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.
N/A
SRPMS
- containernetworking-plugins-1.4.0-5.el9_4.src.rpm
MD5: 38e0f9de757daf964e8cafb31737e48c
SHA-256: 7407a1d02bdce7b8e54d3f6dca7154881fbec9a77c9f100167d1750018ff95d7
Size: 3.62 MB
Asianux Server 9 for x86_64
- containernetworking-plugins-1.4.0-5.el9_4.x86_64.rpm
MD5: eab0f2536837e528f8cc39e71bf7e647
SHA-256: 708e9213f5df7cf4f499c4928a4a88031201d596da25e47cc8391170282d5429
Size: 9.31 MB
日本語