AZL-45375 CVE-2021-38561 affecting package containernetworking-plugins for versions less than 1.6.1-4

golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack...

AZL-43963 CVE-2022-32149 affecting package containernetworking-plugins 1.1.1-17

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

AZL-45162 CVE-2022-32149 affecting package containernetworking-plugins for versions less than 1.6.1-4

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...

AZL-45294 CVE-2022-29526 affecting package containernetworking-plugins for versions less than 1.6.1-4

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...

AZL-43477 CVE-2022-29526 affecting package containernetworking-plugins 1.1.1-17

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...

container-tools:ol8 security, bug fix, and enhancement update

buildah 1.16.7-4.0.1 - Handling redirect from the docker registry Orabug: 29874238 Nikita Gerasimov 1.16.7-4 - update to the latest content of https://github.com/containers/buildah/tree/release-1.16 https://github.com/containers/buildah/commit/aaed66b - Related: 1888571 1.16.7-3 - revert back to...