Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 37: FEDORA-2023-b7c3456783 Urgent Issue with Podman-GUI Allocation

fedora
Calendar Grey November 20, 2023
Dist Fedora Esm H88
The v0.12.0 update for Podman-tui addresses essential security vulnerabilities in Fedora, boosting reliability and overall efficiency.
podman-tui v0.12.0 + security fix for CVE-2023-39325 and CVE-2022-41717 and CVE-2022-41723

Summary

podman-tui is a terminal user interface for Podman v4.

podman-tui is using podman.socket service to communicate with podman environment

and SSH to connect to remote podman machines.

Update Information:

podman-tui v0.12.0 + security fix for CVE-2023-39325 and CVE-2022-41717 and CVE-2022-41723

Topics%20covered

Topics Covered

security advisory fedora critical software update memory issue podman-tui

Change Log

* Sat Nov 11 2023 Navid Yaghoobi - 0.12.0-1 - release v0.12.0

References


[ 1 ] Bug #2163285 - CVE-2022-41717 podman-tui: golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2163285 [ 2 ] Bug #2174538 - podman-tui: containerd: Supplementary groups are not set up properly [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2174538 [ 3 ] Bug #2178479 - CVE-2022-41723 podman-tui: golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2178479 [ 4 ] Bug #2248400 - podman-tui: golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2248400

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-a5a5542890' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
important
Lowest
Low
Medium
High
Critical

Name: podman-tui
Product: Fedora 37
Version: 0.12.0
Release: 1.fc37
URL: https://github.com/containers/podman-tui
Summary: Podman Terminal User Interface

Topics%20covered

Topics Covered

security advisory fedora critical software update memory issue podman-tui

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here