With the upcoming end-of-life (EOL) of MSR 3.1.x, Mirantis encourages you to upgrade to the latest supported version to ensure continued support and security updates.
Security information¶
Updated the following middleware component versions to resolve vulnerabilities in MSR:
[ENGDTR-4360] Golang 1.23.6
[ENGDTR-4382] Alpine Linux 3.18.12
Resolved CVEs, as detailed:
CVE |
Status |
Problem details from upstream |
---|---|---|
Resolved |
usl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8. |