CVE-2023-0845: Consul and Consul Enterprise allowed an authenticated user with service:write permissions to trigger a workflow that causes Consul server and client agents to crash under certain circumstances. This vulnerability was fixed in Consul 1.14.5. Please bump to 1.14.5.
Please cleanup.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b7ea63c243aac4fafdec6d51ccc6d28cc9f4eaf6 commit b7ea63c243aac4fafdec6d51ccc6d28cc9f4eaf6 Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2023-05-26 04:15:36 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2023-05-26 04:16:37 +0000 app-admin/consul: drop 1.14.3 Bug: https://bugs.gentoo.org/905334 Signed-off-by: Zac Medico <zmedico@gentoo.org> app-admin/consul/Manifest | 1 - app-admin/consul/consul-1.14.3.ebuild | 57 ----------------------------------- 2 files changed, 58 deletions(-)
Thanks! Requires authentication and is only a DoS anyway. All done.
