RLSA-2024:3830
Moderate: gvisor-tap-vsock security and bug fix update
Topic
An update is available for gvisor-tap-vsock.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Description
A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding.
Security Fix(es):
* golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290)
Rocky Linux 9
SRPMs
- gvisor-tap-vsock-6:0.7.3-3.el9_4.src.rpm
RPMs
- gvisor-tap-vsock-6:0.7.3-3.el9_4.aarch64.rpm
- gvisor-tap-vsock-6:0.7.3-3.el9_4.ppc64le.rpm
- gvisor-tap-vsock-6:0.7.3-3.el9_4.s390x.rpm
- gvisor-tap-vsock-6:0.7.3-3.el9_4.x86_64.rpm
- gvisor-tap-vsock-debuginfo-6:0.7.3-3.el9_4.aarch64.rpm
- gvisor-tap-vsock-debuginfo-6:0.7.3-3.el9_4.ppc64le.rpm
- gvisor-tap-vsock-debuginfo-6:0.7.3-3.el9_4.s390x.rpm
- gvisor-tap-vsock-debuginfo-6:0.7.3-3.el9_4.x86_64.rpm
- gvisor-tap-vsock-debugsource-6:0.7.3-3.el9_4.aarch64.rpm
- gvisor-tap-vsock-debugsource-6:0.7.3-3.el9_4.ppc64le.rpm
- gvisor-tap-vsock-debugsource-6:0.7.3-3.el9_4.s390x.rpm
- gvisor-tap-vsock-debugsource-6:0.7.3-3.el9_4.x86_64.rpm
Issued: 6/14/2024
Type: Security
Severity: Moderate
Affected Product
- Rocky Linux 9
Fixes
References
- No references