SUSE-SU-2025:3954-1

This update for aws-efs-utils fixes the following issues:

Update to version 2.3.3 (bsc#1240044).

Security issues fixed:

• CVE-2025-55159: slab: incorrect bounds check in get_disjoint_mut function can lead to potential crash due to out-of-bounds access (bsc#1248055).
• CVE-2020-35881: traitobject: log4rs: out-of-bounds write due to fat pointer layout assumptions (bsc#1249851).

Other issues fixed:

• Build and install efs-proxy binary (bsc#1240044).

• Fixed in version 2.3.3:

  • Add environment variable support for AWS profiles and regions
  • Regenerate Cargo.lock with rust 1.70.0
  • Update circle-ci config
  • Fix AWS Env Variable Test and Code Style Issue
  • Remove CentOS 8 and Ubuntu 16.04 from verified Linux distribution list

• Fixed in version 2.3.2:

  • Update version in amazon-efs-utils.spec to 2.3.1
  • Fix incorrect package version

• Fixed in version 2.3.1:

  • Fix backtrace version to resolve ubuntu and rhel build issues
  • Pin Cargo.lock to avoid unexpected error across images

• Fixed in version 2.3.0:

  • Add support for pod-identity credentials in the credentials chain
  • Enable mounting with IPv6 when using with the 'stunnel' mount option

• Fixed in version 2.2.1:

  • Update log4rs

• Fixed in version 2.2.0

  • Use region-specific domain suffixes for dns endpoints where missing
  • Merge PR #211 - Amend Debian control to use binary architecture

• Fixed in version 2.1.0

  • Add mount option for specifying region
  • Add new ISO regions to config file

• Fixed in version 2.0.4

  • Add retry logic to and increase timeout for EC2 metadata token retrieval requests

• Fixed in version 2.0.3:

  • Upgrade py version
  • Replace deprecated usage of datetime

• Fixed in version 2.0.2

  • Check for efs-proxy PIDs when cleaning tunnel state files
  • Add PID to log entries

• Fxied in version 2.0.1

  • Disable Nagle's algorithm for efs-proxy TLS mounts to improve latencies

• Fixed in version 2.0.0:

  • Replace stunnel, which provides TLS encryptions for mounts, with efs-proxy, a component built in-house at AWS. Efs-proxy lays the foundation for upcoming feature launches at EFS.

• Fixed in version 1.36.0:

  • Support new mount option: crossaccount, conduct cross account mounts via ip address. Use client AZ-ID to choose mount target.

• Fixed in version 1.35.2:

  • Revert 'Add warning if using older Version'
  • Support MacOS Sonoma

• Fixed in version 1.35.1:

  • Revert openssl requirement change
  • Revert 'Update EFS Documentation: Clarify Current FIPS Compliance Status'
  • Update EFS Documentation: Clarify Current FIPS Compliance Status
  • test: Change repo urls in eol debian9 build
  • Check private key file size to skip generation
  • test: Fix pytest that failed since commit 3dd89ca
  • Fix shouldcheckefsutilsversion scope
  • Add warning if using old version
  • Add 'fsap' option as EFS-only option

• Fixed in version 1.35.0:

  • Add parameters to allow mount fo pod impersonation feature in EFS CSI Driver
  • Updated the README with support of Oracle8 distribution
  • Readme troubleshooting section + table of contents
  • Add efs-utils Support for MacOS Ventura EC2 instances