Hi,
You are receiving an AlmaLinux Security update email because you subscribed to
receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Important
Release date: 2024-02-12
Summary:
The container-tools module contains tools for working with containers, notably
podman, buildah, skopeo, and runc.
Security Fix(es):
* runc: file descriptor leak ("Leaky Vessels") (CVE-2024-21626)
A AlmaLinux Security Bulletin which addresses further details about the Leaky
Vessels flaw is available in the References section.
* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption
via HTTP requests (CVE-2023-39326)
* golang: crypto/tls: Timing Side Channel attack in RSA based TLS key
exchanges. (CVE-2023-45287)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Full details, updated packages, references, and other related information:
https://errata.almalinux.org/8/ALSA-2024-0748.html
This message is automatically generated, please don’t reply. For further
questions, please, contact us via the AlmaLinux community chat:
https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on
https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
