Request 1086800: Submit distribution - openSUSE Build Service

This request supersedes: request 1086799 (Show diff)

Overview

Request 1086800 accepted

- update to 2.8.2 (bsc#1207705, CVE-2023-2253, bsc#1210428):
* Revert registry/client: set `Accept: identity` header when
getting layers
* Parse `http` forbidden as denied
* Fix CVE-2023-2253 runaway allocation on /v2/_catalog
* Fix panic in inmemory driver
* update to go1.19.9
* Add code to handle pagination of parts. Fixes max layer size
of 10GB bug
* Dockerfile: fix filenames of artifacts
- drop aws-sdk-1.42.27-update.patch (no longer wanted)
- drop 0001-Fix-runaway-allocation-on-v2-_catalog.patch (upstream)

- refresh 0001-Fix-runaway-allocation-on-v2-_catalog.patch to
be more compatible with invalid pagination requests (CVE-2023-2253, bsc#1207705)␣

- add 0001-Fix-runaway-allocation-on-v2-_catalog.patch (CVE-2023-2253, bsc#1207705)

Created by dirkmueller about 1 year ago
In state accepted
Supersedes 1086799

Submit distribution

Comments for request 1086800 0

Login required, please login in order to comment

Request History

dirkmueller created request about 1 year ago

- update to 2.8.2 (bsc#1207705, CVE-2023-2253, bsc#1210428):
* Revert registry/client: set `Accept: identity` header when
getting layers
* Parse `http` forbidden as denied
* Fix CVE-2023-2253 runaway allocation on /v2/_catalog
* Fix panic in inmemory driver
* update to go1.19.9
* Add code to handle pagination of parts. Fixes max layer size
of 10GB bug
* Dockerfile: fix filenames of artifacts
- drop aws-sdk-1.42.27-update.patch (no longer wanted)
- drop 0001-Fix-runaway-allocation-on-v2-_catalog.patch (upstream)

- refresh 0001-Fix-runaway-allocation-on-v2-_catalog.patch to
be more compatible with invalid pagination requests (CVE-2023-2253, bsc#1207705)␣

- add 0001-Fix-runaway-allocation-on-v2-_catalog.patch (CVE-2023-2253, bsc#1207705)

factory-auto added opensuse-review-team as a reviewer about 1 year ago

Please review sources

factory-auto accepted review about 1 year ago

Check script succeeded

licensedigger accepted review about 1 year ago

ok

staging-bot added as a reviewer about 1 year ago

Being evaluated by staging project "openSUSE:Factory:Staging:adi:59"

staging-bot accepted review about 1 year ago

Picked "openSUSE:Factory:Staging:adi:59"

dimstar accepted review about 1 year ago

dimstar_suse accepted review about 1 year ago

Staging Project openSUSE:Factory:Staging:adi:59 got accepted.

dimstar_suse approved review about 1 year ago

Staging Project openSUSE:Factory:Staging:adi:59 got accepted.

dimstar_suse accepted request about 1 year ago

Staging Project openSUSE:Factory:Staging:adi:59 got accepted.

openSUSE Build Service is sponsored by