SUSE-SU-2025:0813-1
- Source
- https://www.suse.com/support/update/announcement/2025/suse-su-20250813-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:0813-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2025:0813-1
- Related
- Published
- 2025-03-10T08:35:12Z
- Modified
- 2025-05-02T04:35:33.796183Z
- Upstream
- Summary
- Security update for buildah
- Details
-
This update for buildah fixes the following issues:
- CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of CONTINUATION frames read for an HTTP/2 request in golang.org/x/net/http2. (bsc#1236531)
- CVE-2025-27144: Fixed denial of service in parsing function of embedded library Go JOSE (bsc#1237681)
- References
Affected packages
SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS / buildah
Package
- Name
- buildah
- Purl
- pkg:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS
SUSE:Linux Enterprise Server 15 SP3-LTSS / buildah
Package
- Name
- buildah
- Purl
- pkg:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS
SUSE:Linux Enterprise Server for SAP Applications 15 SP3 / buildah
Package
- Name
- buildah
- Purl
- pkg:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3