openSUSE-SU-2025:0103-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2025:0103-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2025:0103-1
Related
Published
2025-03-24T17:01:45Z
Modified
2025-03-27T23:50:03.324551Z
Summary
Security update for cadvisor
Details

This update for cadvisor fixes the following issues:

  • update to 0.52.1:

    • Make resctrl optional/pluggable
  • update to 0.52.0:

    • bump containerd related deps: api v1.8.0; errdefs v1.0.0; ttrpc v1.2.6
    • chore: Update Prometheus libraries
    • bump runc to v1.2.4
    • Add Pressure Stall Information Metrics
    • Switch to opencontainers/cgroups repository (includes update from golang 1.22 to 1.24)
    • Bump to newer opencontainers/image-spec @ v1.1.1
  • update to 0.49.2:

    • Cp fix test
    • Revert 'reducelogsforkubeletuse_crio'

      • CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (boo#1239291)
  • Update to version 0.49.1:

    • build docker - add --provenance=false flag
    • Remove s390x support
    • Disable libipmctl in build
    • Ugrade base image to 1.22 and alpine 3.18
    • fix type of C.malloc in cgo
    • Bump runc to v1.1.12
    • Bump to bullseye
    • Remove section about canary image
    • Add note about WebUI auth
    • Remove mentions of accelerator from the docs
    • reducelogsforkubeletuse_crio
    • upgrade actions/checkout and actions/setup-go and actions/upload-artifact
    • build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /cmd
    • add cadvisor and crio upstream changes
    • Avoid using container/podman in manager.go
    • container: skip checking for files in non-existent directories.
    • Adjust the log level of Initialize Plugins
    • add ignored device
    • fix: variable naming
    • build(deps): bump golang.org/x/net from 0.10.0 to 0.17.0 in /cmd
    • manager: require higher verbosity level for container info misses
    • Information should be logged on increased verbosity only
    • Running do mod tidy
    • Running go mod tidy
    • Running go mod tidy
    • container/libcontainer: Improve limits file parsing perf
    • container/libcontainer: Add limit parsing benchmark
    • build(deps): bump github.com/cyphar/filepath-securejoin in /cmd
    • build(deps): bump github.com/cyphar/filepath-securejoin
    • Set verbosity after flag definition
    • fix: error message typo
    • vendor: bump runc to 1.1.9
    • Switch to use busybox from registry.k8s.io
    • Bump golang ci lint to v1.54.1
    • Bump github.com/docker/docker in /cmd
    • Bump github.com/docker/docker
    • Bump github.com/docker/distribution in /cmd
    • Bump github.com/docker/distribution
    • Update genproto dependency to isolated submodule
    • remove the check for the existence of NFS files, which will cause unnecessary requests.
    • reduce inotify watch
    • fix performance degradation of NFS
    • fix: fix type issue
    • fix: fix cgo memory leak
    • ft: export memory kernel usage
    • sysinfo: Ignore 'hidden' sysfs device entries
    • Increasing required verbosity level
    • Patch to fix issue 2341
    • podman support: Enable Podman support.
    • podman support: Create Podman handler.
    • podman support: Changes in Docker handler.
    • unit test: machineswapbytes
    • Add documentation for machineswapbytes metric
    • Add a machineswapbytes metric
    • fix: add space trimming for label allowlist
    • Upgrade to blang/semver/v4 v4.0.0
    • docs(deploy/k8s): remote build for kustomize
    • Update dependencies
    • Change filepaths to detect online CPUs
    • Update actions/checkout to v3
    • Fix flags typo
    • Updating location of kubernetes/pause image
    • Using t.TempDir() in tests
    • Unit test: MachineInfo Clone() method
    • Bugfix: MachineInfo Clone() - clone SwapCapacity
    • Optimize network metrics collection
    • Removing calls to deprecates io/ioutil package
    • Updating minimum Go version to 1.19
    • Request the pid of another container if current pid is not longer valid
    • Restructure
    • Add CRI-O client timeout setting
    • Set containerd grpc.MaxCallRecvMsgSize to 16MB
    • Fix asset build
    • feat(logging): add verbosity to non-NUMA node warning
    • add nerdctl to ignoredDevices
    • nvm: Change the 'no NVM devices' log.
    • nvm: Fix typo.
    • Fix CVE-2022-27664 (#3248)
    • resctrl: Reduce size and mode files check (#3264)
    • readme: Update Creatone contributor info. (#3265)
    • Fix comment to refer to correct client
    • build: bump golang to 1.20
    • ci: Update golang ci-lint to v1.51.2
    • build: Update shebang to python3
    • Revert 'dockerfile: Fix typo in go build tags.'
    • Decreasing verbosity level for 'Cannot read vendor id correctly, set empty'
    • dockerfile: Fix typo in go build tags.
    • deps: Move from cloud.google.com/go/compute -> cloud.google.com/go
    • use memory.min for reservation memory instead of high
    • Mark GOPATH as git safe.directory to fix CI build
    • switch to gomodule/redigo from garyburd/redigo
    • update go.mod/sum both in root and cmd/
    • Drop accelerator metrics and nvidia integration
    • Add s390x support for docker image
    • typo in MachineInfo spec for SwapCapacity
    • add support for swap in machine/info
References

Affected packages

SUSE:Package Hub 15 SP6 / cadvisor

Package

Name
cadvisor
Purl
pkg:rpm/suse/cadvisor&distro=SUSE%20Package%20Hub%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.52.1-bp156.3.3.1

Ecosystem specific

{
    "binaries": [
        {
            "cadvisor": "0.52.1-bp156.3.3.1"
        }
    ]
}

openSUSE:Leap 15.6 / cadvisor

Package

Name
cadvisor
Purl
pkg:rpm/opensuse/cadvisor&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.52.1-bp156.3.3.1

Ecosystem specific

{
    "binaries": [
        {
            "cadvisor": "0.52.1-bp156.3.3.1"
        }
    ]
}