SUSE-CU-2024:6550-1: Security update of containers/open-webui
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Sat Dec 21 08:03:15 UTC 2024
SUSE Container Update Advisory: containers/open-webui
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:6550-1
Container Tags : containers/open-webui:0.3 , containers/open-webui:0.3.32 , containers/open-webui:0.3.32-6.7
Container Release : 6.7
Severity : moderate
Type : security
References : 1228919 1233821 CVE-2024-11407 CVE-2024-7246
-----------------------------------------------------------------
The container containers/open-webui was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:4401-1
Released: Fri Dec 20 16:27:53 2024
Summary: Security update for grpc
Type: security
Severity: moderate
References: 1228919,1233821,CVE-2024-11407,CVE-2024-7246
This update for grpc fixes the following issues:
- CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. (bsc#1228919)
- CVE-2024-11407: data corruption on servers with transmit zero copy enabled. (bsc#1233821)
The following package changes have been done:
- libupb37-1.60.0-150600.15.3.1 updated
- libgrpc37-1.60.0-150600.15.3.1 updated
- libgrpc++1_60-1.60.0-150600.15.3.1 updated
- python311-open-webui-0.3.32-150600.1.25 updated
More information about the sle-container-updates
mailing list