oci-seccomp-bpf-hook-1.2.10-2.el9

エラータID: AXSA:2024-9099:02

Release date: 
Wednesday, December 11, 2024 - 18:06
Subject: 
oci-seccomp-bpf-hook-1.2.10-2.el9
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

OCI Hook to generate seccomp json files based on EBF syscalls used by container oci-seccomp-bpf-hook provides a library for applications looking to use the Container Pod concept popularized by Kubernetes.

Security Fix(es):

* golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the MIRACLE LINUX 9.5 Release Notes linked from the References section.

CVE-2024-24788
A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.

Solution: 

Update packages.

CVEs: 
CVE-2024-24788
A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.
Additional Info: 

N/A

Download: 

SRPMS
  1. oci-seccomp-bpf-hook-1.2.10-2.el9.src.rpm
    MD5: 82afe5f81a109e46c566c6de87d06bcc
    SHA-256: 2173c88920f2038ce3a353a6523a9d92defd0cfe5acdc55521bad9209db006b6
    Size: 1.42 MB

Asianux Server 9 for x86_64
  1. oci-seccomp-bpf-hook-1.2.10-2.el9.x86_64.rpm
    MD5: e6eb6ccd8716965c20285a5139b86675
    SHA-256: 7cffbbc1f60f019089243f487144aafd920c95e7b236f3a3fc96e5ed995dec5b
    Size: 1.15 MB