Moderate: containernetworking-plugins security update

2024-09-0300:00:00

errata.almalinux.org

container network interface

cni

linux containers

security update

golang

cve-2024-24783

network connectivity

cvss score

references section

AI Score

7.2

Confidence

Low

JSON

The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.

Security Fix(es):

golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm (CVE-2024-24783)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
almalinux9x86_64containernetworking-plugins< 1.4.0-5.el9_4containernetworking-plugins-1.4.0-5.el9_4.x86_64.rpm
almalinux9aarch64containernetworking-plugins< 1.4.0-5.el9_4containernetworking-plugins-1.4.0-5.el9_4.aarch64.rpm
almalinux9ppc64lecontainernetworking-plugins< 1.4.0-5.el9_4containernetworking-plugins-1.4.0-5.el9_4.ppc64le.rpm
almalinux9s390xcontainernetworking-plugins< 1.4.0-5.el9_4containernetworking-plugins-1.4.0-5.el9_4.s390x.rpm

OS	Version	Architecture	Package	Version	Filename
almalinux	9	x86_64	containernetworking-plugins	< 1.4.0-5.el9_4	containernetworking-plugins-1.4.0-5.el9_4.x86_64.rpm
almalinux	9	aarch64	containernetworking-plugins	< 1.4.0-5.el9_4	containernetworking-plugins-1.4.0-5.el9_4.aarch64.rpm
almalinux	9	ppc64le	containernetworking-plugins	< 1.4.0-5.el9_4	containernetworking-plugins-1.4.0-5.el9_4.ppc64le.rpm
almalinux	9	s390x	containernetworking-plugins	< 1.4.0-5.el9_4	containernetworking-plugins-1.4.0-5.el9_4.s390x.rpm