UbuntuUpdates.org

Package "etcd"

Name: etcd

Description:

Transitional package for etcd-client and etcd-server

Latest version: 3.2.26+dfsg-6ubuntu0.1
Release: focal (20.04)
Level: security
Repository: universe
Homepage: https://github.com/coreos/etcd

Links


Download "etcd"


Other versions of "etcd" in Focal

Repository Area Version
base universe 3.2.26+dfsg-6
updates universe 3.2.26+dfsg-6ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.2.26+dfsg-6ubuntu0.1 2022-09-22 15:06:23 UTC

  etcd (3.2.26+dfsg-6ubuntu0.1) focal-security; urgency=medium

  * Fix FTBFS build dependency on prometheus
  * SECURITY UPDATE: Denial of Service
    - debian/patches/CVE-2020-15106_15112.patch: wal: check out of range
    slice in "ReadAll", "decoder"
    - debian/patches/CVE-2020-15113.patch: pkg: consider umask when use
    MkdirAll
    - debian/patches/CVE-2020-15114.patch: etcdmain: best effort
    detection of self pointing in tcp proxy
    - CVE-2020-15106
    - CVE-2020-15112
    - CVE-2020-15113
    - CVE-2020-15114

 -- Eduardo Barretto <email address hidden> Tue, 20 Sep 2022 17:27:56 +0200

CVE-2020-15106 In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a
CVE-2020-15113 In etcd before versions 3.3.23 and 3.4.10, certain directory paths are created (etcd data directory and the directory path when provided to automatic
CVE-2020-15114 In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is pos
CVE-2020-15112 In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.



About   -   Send Feedback to @ubuntu_updates