File _patchinfo of Package patchinfo.25876

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.25876

<patchinfo incident="25876">
  <issue tracker="cve" id="2022-1996"/>
  <issue tracker="bnc" id="1200528">VUL-0: CVE-2022-1996: go-restful: CORS bypass</issue>
  <packager>vulyanov</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer</summary>
  <description>This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues:

Update to version 1.51.0

- Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.51.0

Security issues fixed in vendored dependencies:

- CVE-2022-1996: Fixed CORS bypass (bsc#1200528)

- Include additional tools used by cdi-importer:
  cdi-containerimage-server
  cdi-image-size-detection
  cdi-source-update-poller

- Pack only cdi-operator and cdi-cr release manifests
- Install tar for cloning filesystem PVCs
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.25876

Places