containernetworking-plugins (SL7)

By Scientific Linux Team on March 3, 2020

Synopsis: Important: containernetworking-plugins security update
Advisory ID: SLSA-2020:0406-1
Issue Date: 2020-03-03
CVE Numbers: CVE-2019-9512
CVE-2019-9514
—

Security Fix(es):

* HTTP/2: flood using PING frames results in unbounded memory growth
(CVE-2019-9512)

* HTTP/2: flood using HEADERS frames results in unbounded memory growth
(CVE-2019-9514)
—

– Scientific Linux Development Team

ppp (SL7)

xerces-c (SL6)

SL Security Errata