An update that fixes one vulnerability is now available.
Description:
This update for cdi-apiserver-container, cdi-cloner-container,
cdi-controller-container, cdi-importer-container, cdi-operator-container,
cdi-uploadproxy-container, cdi-uploadserver-container,
containerized-data-importer fixes the following issues:
Update to version 1.51.0
Security issues fixed in vendored dependencies:
CVE-2022-1996: Fixed CORS bypass (bsc#1200528)
Include additional tools used by cdi-importer: cdi-containerimage-server
cdi-image-size-detection cdi-source-update-poller
Pack only cdi-operator and cdi-cr release manifests
Install tar for cloning filesystem PVCs
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3334=1
SUSE Linux Enterprise Module for Containers 15-SP4:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-3334=1
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE Leap | 15.4 | x86_64 | < - openSUSE Leap 15.4 (x86_64): | - openSUSE Leap 15.4 (x86_64):.x86_64.rpm | |
SUSE Linux Enterprise Module for Containers 15 | SP4 | x86_64 | < SUSE Linux Enterprise Module for Containers 15-SP4 (x86_64): | - SUSE Linux Enterprise Module for Containers 15-SP4 (x86_64):.x86_64.rpm |