에어 갭이 적용된 Google Distributed Cloud 출시 노트

최신 보안 패치와 중요한 업데이트를 적용하기 위해 Canonical Ubuntu OS 이미지 버전을 20231023으로 업데이트했습니다. 버그 및 보안 취약점 수정을 활용하려면 각 출시마다 모든 노드를 업그레이드해야 합니다. 다음 보안 취약점이 수정되었습니다.

• CVE-2020-22219
• CVE-2021-4001
• CVE-2021-33294
• CVE-2022-2598
• CVE-2022-3016
• CVE-2022-3037
• CVE-2022-3099
• CVE-2022-3234
• CVE-2022-3256
• CVE-2022-3352
• CVE-2022-3520
• CVE-2022-3591
• CVE-2022-3705
• CVE-2022-4292
• CVE-2022-4293
• CVE-2022-40982
• CVE-2023-1206
• CVE-2023-1916
• CVE-2023-2269
• CVE-2023-3212
• CVE-2023-3268
• CVE-2023-3609
• CVE-2023-3611
• CVE-2023-3776
• CVE-2023-3863
• CVE-2023-4128
• CVE-2023-4156
• CVE-2023-4194
• CVE-2023-4504
• CVE-2023-4622
• CVE-2023-4623
• CVE-2023-4692
• CVE-2023-4693
• CVE-2023-4863
• CVE-2023-4881
• CVE-2023-4921
• CVE-2023-5217
• CVE-2023-20569
• CVE-2023-20588
• CVE-2023-20593
• CVE-2023-31084
• CVE-2023-32360
• CVE-2023-34319
• CVE-2023-38546
• CVE-2023-40283
• CVE-2023-42752
• CVE-2023-42753
• CVE-2023-42755
• CVE-2023-42756
• CVE-2023-42785
• CVE-2023-42786
• CVE-2023-42787
• CVE-2023-44488

최신 보안 패치와 중요한 업데이트를 적용하기 위해 sha256:a17ac8990b4395aab186b9538ca04715d2a7408dfd2b6473ff7b16d098d0cb09을 처리하도록 gcr.io/distroless/base 기본 이미지를 업데이트했습니다.

다음 컨테이너 이미지 보안 취약점이 수정되었습니다.

• CVE-2019-13115
• CVE-2020-16250
• CVE-2020-19189
• CVE-2020-21047
• CVE-2020-29509
• CVE-2020-29511
• CVE-2021-3468
• CVE-2021-25741
• CVE-2021-29923
• CVE-2021-32923
• CVE-2021-33195
• CVE-2021-33196
• CVE-2021-33197
• CVE-2021-33198
• CVE-2021-34558
• CVE-2021-36221
• CVE-2021-38297
• CVE-2021-38553
• CVE-2021-38554
• CVE-2021-38561
• CVE-2021-39293
• CVE-2021-41771
• CVE-2021-41772
• CVE-2021-43565
• CVE-2021-43998
• CVE-2021-44716
• CVE-2022-1705
• CVE-2022-1962
• CVE-2022-2127
• CVE-2022-2879
• CVE-2022-2880
• CVE-2022-3821
• CVE-2022-4415
• CVE-2022-21698
• CVE-2022-23772
• CVE-2022-23773
• CVE-2022-23806
• CVE-2022-24675
• CVE-2022-24921
• CVE-2022-27191
• CVE-2022-27664
• CVE-2022-28131
• CVE-2022-28327
• CVE-2022-28948
• CVE-2022-29458
• CVE-2022-29526
• CVE-2022-30580
• CVE-2022-30629
• CVE-2022-30630
• CVE-2022-30631
• CVE-2022-30632
• CVE-2022-30633
• CVE-2022-30635
• CVE-2022-32148
• CVE-2022-32149
• CVE-2022-32189
• CVE-2022-40186
• CVE-2022-40982
• CVE-2022-41316
• CVE-2022-41715
• CVE-2022-41717
• CVE-2022-41723
• CVE-2022-41724
• CVE-2022-41725
• CVE-2022-48565
• CVE-2022-48566
• CVE-2023-0464
• CVE-2023-0465
• CVE-2023-0466
• CVE-2023-0620
• CVE-2023-0665
• CVE-2023-1380
• CVE-2023-2002
• CVE-2023-2007
• CVE-2023-2121
• CVE-2023-2269
• CVE-2023-2431
• CVE-2023-2650
• CVE-2023-2727
• CVE-2023-2728
• CVE-2023-2828
• CVE-2023-3090
• CVE-2023-3111
• CVE-2023-3138
• CVE-2023-3268
• CVE-2023-3338
• CVE-2023-3446
• CVE-2023-3462
• CVE-2023-3817
• CVE-2023-4680
• CVE-2023-4911
• CVE-2023-5077
• CVE-2023-20593
• CVE-2023-21930
• CVE-2023-21939
• CVE-2023-21954
• CVE-2023-21967
• CVE-2023-22041
• CVE-2023-24532
• CVE-2023-24534
• CVE-2023-24536
• CVE-2023-24537
• CVE-2023-24538
• CVE-2023-24539
• CVE-2023-24540
• CVE-2023-24999
• CVE-2023-25000
• CVE-2023-29400
• CVE-2023-29402
• CVE-2023-29403
• CVE-2023-29404
• CVE-2023-29405
• CVE-2023-29406
• CVE-2023-29491
• CVE-2023-31084
• CVE-2023-32233
• CVE-2023-32324
• CVE-2023-32360
• CVE-2023-34241
• CVE-2023-34966
• CVE-2023-34967
• CVE-2023-34968
• CVE-2023-35788
• CVE-2023-36054
• CVE-2023-38408
• CVE-2023-39533
• CVE-2023-40217
• CVE-2023-40745
• CVE-2023-41175

CVE-2023-2022-40982 보안 문제가 수정되었습니다. BIOS 버전 업데이트는 최신 보안 패치를 적용합니다.

116.0.5845.187 이전의 Google Chrome에서 WebP의 힙 버퍼 오버플로 문제가 수정되었습니다. 이 문제로 인해 원격 공격자가 제작된 HTML 페이지를 사용하여 범위를 벗어난 메모리 쓰기를 실행할 수 있었습니다. (Chromium 보안 심각도: Critical) 이 문제는 일반적으로 Electron을 통합하거나 libwebp를 사용하는 다른 코드 라이브러리를 사용하거나 libwebp가 직접 내장된 프레임워크, 코드 라이브러리, OS를 사용하는 모든 항목에 영향을 미칩니다. 자세한 내용은 CVE-2023-4863을 참고하세요.