SUSE Package Hub - openSUSE-2022-65

Update Info

openSUSE-2022-65

Security update for envoy-proxy

Type: security

Severity: important

Issued: 2022-03-02

Description:

This update for envoy-proxy fixes the following issues:

Update to 1.14.6:

- CVE-2020-35471: Fixed a denial of service via dropped and truncated UDP datagrams (boo#1180121).

References

CVE: CVE-2020-8663
CVE: CVE-2020-35471
CVE: CVE-2020-12605
CVE: CVE-2020-12604
CVE: CVE-2020-12603
Bugzilla: 1180121 https://bugzilla.opensuse.org/show_bug.cgi?id=1180121
Bugzilla: 1173559 VUL-0: CVE-2020-12605,CVE-2020-8663,CVE-2020-12603,CVE-2020-12604: envoy-proxy, cilium-proxy: multiple resource exhaustion issues
Bugzilla: 1167073 https://bugzilla.opensuse.org/show_bug.cgi?id=1167073

Packages

envoy-proxy-1.14.6-bp153.3.4.1