Overview

File _patchinfo of Package patchinfo.34243

<patchinfo incident="34243">
  <issue tracker="cve" id="2024-3727"/>
  <issue tracker="cve" id="2024-24786"/>
  <issue tracker="bnc" id="1226136">VUL-0: CVE-2024-24786: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON</issue>
  <issue tracker="bnc" id="1224122">VUL-0: CVE-2024-3727: podman: containers/image: digest type does not guarantee valid type</issue>
  <packager>danishprakash</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for podman</summary>
  <description>This update for podman fixes the following issues:

- Update to version 4.9.5
- CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. (bsc#1224122)
- CVE-2024-24786: Fixed an infinite loop in protojson. (bsc#1226136)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places