Security
Headlines
HeadlinesLatestCVEs

Headline

Red Hat Security Advisory 2022-7529-01

Red Hat Security Advisory 2022-7529-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include denial of service and memory exhaustion vulnerabilities.

Packet Storm
#vulnerability#linux#red_hat#dos#js#php#docker

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Moderate: container-tools:3.0 security update
Advisory ID: RHSA-2022:7529-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:7529
Issue date: 2022-11-08
CVE Names: CVE-2022-1705 CVE-2022-1708 CVE-2022-1962
CVE-2022-21698 CVE-2022-28131 CVE-2022-30630
CVE-2022-30631 CVE-2022-30632 CVE-2022-30633
CVE-2022-32148
====================================================================

  1. Summary:

An update for the container-tools:3.0 module is now available for Red Hat
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

  1. Description:

The container-tools module contains tools for working with containers,
notably podman, buildah, skopeo, and runc.

Security Fix(es):

  • golang: net/http: improper sanitization of Transfer-Encoding header
    (CVE-2022-1705)

  • cri-o: memory exhaustion on the node when access to the kube api
    (CVE-2022-1708)

  • golang: go/parser: stack exhaustion in all Parse* functions
    (CVE-2022-1962)

  • prometheus/client_golang: Denial of service using
    InstrumentHandlerCounter (CVE-2022-21698)

  • golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)

  • golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)

  • golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)

  • golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)

  • golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)

  • golang: net/http/httputil: NewSingleHostReverseProxy - omit
    X-Forwarded-For not working (CVE-2022-32148)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.7 Release Notes linked from the References section.

  1. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

  1. Bugs fixed (https://bugzilla.redhat.com/):

2045880 - CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter
2085361 - CVE-2022-1708 cri-o: memory exhaustion on the node when access to the kube api
2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read
2107371 - CVE-2022-30630 golang: io/fs: stack exhaustion in Glob
2107374 - CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header
2107376 - CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions
2107383 - CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working
2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob
2107390 - CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip
2107392 - CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal

  1. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
buildah-1.19.9-6.module+el8.7.0+16212+65e1b35f.src.rpm
cockpit-podman-29-2.module+el8.7.0+16212+65e1b35f.src.rpm
conmon-2.0.26-3.module+el8.7.0+16212+65e1b35f.src.rpm
container-selinux-2.189.0-1.module+el8.7.0+16212+65e1b35f.src.rpm
containernetworking-plugins-0.9.1-1.module+el8.7.0+16212+65e1b35f.src.rpm
criu-3.15-1.module+el8.7.0+16212+65e1b35f.src.rpm
crun-0.18-3.module+el8.7.0+16212+65e1b35f.src.rpm
fuse-overlayfs-1.4.0-2.module+el8.7.0+16212+65e1b35f.src.rpm
libslirp-4.3.1-1.module+el8.7.0+16212+65e1b35f.src.rpm
oci-seccomp-bpf-hook-1.2.0-3.module+el8.7.0+16212+65e1b35f.src.rpm
podman-3.0.1-13.module+el8.7.0+16212+65e1b35f.src.rpm
runc-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.src.rpm
skopeo-1.2.4-2.module+el8.7.0+16212+65e1b35f.src.rpm
slirp4netns-1.1.8-1.module+el8.7.0+16212+65e1b35f.src.rpm
toolbox-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.src.rpm
udica-0.2.4-1.module+el8.7.0+16212+65e1b35f.src.rpm

aarch64:
buildah-1.19.9-6.module+el8.7.0+16212+65e1b35f.aarch64.rpm
buildah-debuginfo-1.19.9-6.module+el8.7.0+16212+65e1b35f.aarch64.rpm
buildah-debugsource-1.19.9-6.module+el8.7.0+16212+65e1b35f.aarch64.rpm
buildah-tests-1.19.9-6.module+el8.7.0+16212+65e1b35f.aarch64.rpm
buildah-tests-debuginfo-1.19.9-6.module+el8.7.0+16212+65e1b35f.aarch64.rpm
conmon-2.0.26-3.module+el8.7.0+16212+65e1b35f.aarch64.rpm
conmon-debuginfo-2.0.26-3.module+el8.7.0+16212+65e1b35f.aarch64.rpm
conmon-debugsource-2.0.26-3.module+el8.7.0+16212+65e1b35f.aarch64.rpm
containernetworking-plugins-0.9.1-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
containernetworking-plugins-debuginfo-0.9.1-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
containernetworking-plugins-debugsource-0.9.1-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
containers-common-1.2.4-2.module+el8.7.0+16212+65e1b35f.aarch64.rpm
crit-3.15-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
criu-3.15-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
criu-debuginfo-3.15-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
criu-debugsource-3.15-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
crun-0.18-3.module+el8.7.0+16212+65e1b35f.aarch64.rpm
crun-debuginfo-0.18-3.module+el8.7.0+16212+65e1b35f.aarch64.rpm
crun-debugsource-0.18-3.module+el8.7.0+16212+65e1b35f.aarch64.rpm
fuse-overlayfs-1.4.0-2.module+el8.7.0+16212+65e1b35f.aarch64.rpm
fuse-overlayfs-debuginfo-1.4.0-2.module+el8.7.0+16212+65e1b35f.aarch64.rpm
fuse-overlayfs-debugsource-1.4.0-2.module+el8.7.0+16212+65e1b35f.aarch64.rpm
libslirp-4.3.1-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
libslirp-debuginfo-4.3.1-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
libslirp-debugsource-4.3.1-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
libslirp-devel-4.3.1-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
oci-seccomp-bpf-hook-1.2.0-3.module+el8.7.0+16212+65e1b35f.aarch64.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.0-3.module+el8.7.0+16212+65e1b35f.aarch64.rpm
oci-seccomp-bpf-hook-debugsource-1.2.0-3.module+el8.7.0+16212+65e1b35f.aarch64.rpm
podman-3.0.1-13.module+el8.7.0+16212+65e1b35f.aarch64.rpm
podman-catatonit-3.0.1-13.module+el8.7.0+16212+65e1b35f.aarch64.rpm
podman-catatonit-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.aarch64.rpm
podman-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.aarch64.rpm
podman-debugsource-3.0.1-13.module+el8.7.0+16212+65e1b35f.aarch64.rpm
podman-plugins-3.0.1-13.module+el8.7.0+16212+65e1b35f.aarch64.rpm
podman-plugins-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.aarch64.rpm
podman-remote-3.0.1-13.module+el8.7.0+16212+65e1b35f.aarch64.rpm
podman-remote-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.aarch64.rpm
podman-tests-3.0.1-13.module+el8.7.0+16212+65e1b35f.aarch64.rpm
python3-criu-3.15-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
runc-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.aarch64.rpm
runc-debuginfo-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.aarch64.rpm
runc-debugsource-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.aarch64.rpm
skopeo-1.2.4-2.module+el8.7.0+16212+65e1b35f.aarch64.rpm
skopeo-debuginfo-1.2.4-2.module+el8.7.0+16212+65e1b35f.aarch64.rpm
skopeo-debugsource-1.2.4-2.module+el8.7.0+16212+65e1b35f.aarch64.rpm
skopeo-tests-1.2.4-2.module+el8.7.0+16212+65e1b35f.aarch64.rpm
slirp4netns-1.1.8-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
slirp4netns-debuginfo-1.1.8-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
slirp4netns-debugsource-1.1.8-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
toolbox-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
toolbox-debuginfo-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
toolbox-debugsource-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm
toolbox-tests-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.aarch64.rpm

noarch:
cockpit-podman-29-2.module+el8.7.0+16212+65e1b35f.noarch.rpm
container-selinux-2.189.0-1.module+el8.7.0+16212+65e1b35f.noarch.rpm
podman-docker-3.0.1-13.module+el8.7.0+16212+65e1b35f.noarch.rpm
udica-0.2.4-1.module+el8.7.0+16212+65e1b35f.noarch.rpm

ppc64le:
buildah-1.19.9-6.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
buildah-debuginfo-1.19.9-6.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
buildah-debugsource-1.19.9-6.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
buildah-tests-1.19.9-6.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
buildah-tests-debuginfo-1.19.9-6.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
conmon-2.0.26-3.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
conmon-debuginfo-2.0.26-3.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
conmon-debugsource-2.0.26-3.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
containernetworking-plugins-0.9.1-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
containernetworking-plugins-debuginfo-0.9.1-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
containernetworking-plugins-debugsource-0.9.1-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
containers-common-1.2.4-2.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
crit-3.15-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
criu-3.15-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
criu-debuginfo-3.15-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
criu-debugsource-3.15-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
crun-0.18-3.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
crun-debuginfo-0.18-3.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
crun-debugsource-0.18-3.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
fuse-overlayfs-1.4.0-2.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
fuse-overlayfs-debuginfo-1.4.0-2.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
fuse-overlayfs-debugsource-1.4.0-2.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
libslirp-4.3.1-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
libslirp-debuginfo-4.3.1-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
libslirp-debugsource-4.3.1-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
libslirp-devel-4.3.1-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
oci-seccomp-bpf-hook-1.2.0-3.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.0-3.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
oci-seccomp-bpf-hook-debugsource-1.2.0-3.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
podman-3.0.1-13.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
podman-catatonit-3.0.1-13.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
podman-catatonit-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
podman-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
podman-debugsource-3.0.1-13.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
podman-plugins-3.0.1-13.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
podman-plugins-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
podman-remote-3.0.1-13.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
podman-remote-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
podman-tests-3.0.1-13.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
python3-criu-3.15-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
runc-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
runc-debuginfo-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
runc-debugsource-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
skopeo-1.2.4-2.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
skopeo-debuginfo-1.2.4-2.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
skopeo-debugsource-1.2.4-2.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
skopeo-tests-1.2.4-2.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
slirp4netns-1.1.8-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
slirp4netns-debuginfo-1.1.8-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
slirp4netns-debugsource-1.1.8-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
toolbox-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
toolbox-debuginfo-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
toolbox-debugsource-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm
toolbox-tests-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.ppc64le.rpm

s390x:
buildah-1.19.9-6.module+el8.7.0+16212+65e1b35f.s390x.rpm
buildah-debuginfo-1.19.9-6.module+el8.7.0+16212+65e1b35f.s390x.rpm
buildah-debugsource-1.19.9-6.module+el8.7.0+16212+65e1b35f.s390x.rpm
buildah-tests-1.19.9-6.module+el8.7.0+16212+65e1b35f.s390x.rpm
buildah-tests-debuginfo-1.19.9-6.module+el8.7.0+16212+65e1b35f.s390x.rpm
conmon-2.0.26-3.module+el8.7.0+16212+65e1b35f.s390x.rpm
conmon-debuginfo-2.0.26-3.module+el8.7.0+16212+65e1b35f.s390x.rpm
conmon-debugsource-2.0.26-3.module+el8.7.0+16212+65e1b35f.s390x.rpm
containernetworking-plugins-0.9.1-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
containernetworking-plugins-debuginfo-0.9.1-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
containernetworking-plugins-debugsource-0.9.1-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
containers-common-1.2.4-2.module+el8.7.0+16212+65e1b35f.s390x.rpm
crit-3.15-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
criu-3.15-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
criu-debuginfo-3.15-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
criu-debugsource-3.15-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
crun-0.18-3.module+el8.7.0+16212+65e1b35f.s390x.rpm
crun-debuginfo-0.18-3.module+el8.7.0+16212+65e1b35f.s390x.rpm
crun-debugsource-0.18-3.module+el8.7.0+16212+65e1b35f.s390x.rpm
fuse-overlayfs-1.4.0-2.module+el8.7.0+16212+65e1b35f.s390x.rpm
fuse-overlayfs-debuginfo-1.4.0-2.module+el8.7.0+16212+65e1b35f.s390x.rpm
fuse-overlayfs-debugsource-1.4.0-2.module+el8.7.0+16212+65e1b35f.s390x.rpm
libslirp-4.3.1-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
libslirp-debuginfo-4.3.1-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
libslirp-debugsource-4.3.1-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
libslirp-devel-4.3.1-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
oci-seccomp-bpf-hook-1.2.0-3.module+el8.7.0+16212+65e1b35f.s390x.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.0-3.module+el8.7.0+16212+65e1b35f.s390x.rpm
oci-seccomp-bpf-hook-debugsource-1.2.0-3.module+el8.7.0+16212+65e1b35f.s390x.rpm
podman-3.0.1-13.module+el8.7.0+16212+65e1b35f.s390x.rpm
podman-catatonit-3.0.1-13.module+el8.7.0+16212+65e1b35f.s390x.rpm
podman-catatonit-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.s390x.rpm
podman-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.s390x.rpm
podman-debugsource-3.0.1-13.module+el8.7.0+16212+65e1b35f.s390x.rpm
podman-plugins-3.0.1-13.module+el8.7.0+16212+65e1b35f.s390x.rpm
podman-plugins-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.s390x.rpm
podman-remote-3.0.1-13.module+el8.7.0+16212+65e1b35f.s390x.rpm
podman-remote-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.s390x.rpm
podman-tests-3.0.1-13.module+el8.7.0+16212+65e1b35f.s390x.rpm
python3-criu-3.15-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
runc-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.s390x.rpm
runc-debuginfo-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.s390x.rpm
runc-debugsource-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.s390x.rpm
skopeo-1.2.4-2.module+el8.7.0+16212+65e1b35f.s390x.rpm
skopeo-debuginfo-1.2.4-2.module+el8.7.0+16212+65e1b35f.s390x.rpm
skopeo-debugsource-1.2.4-2.module+el8.7.0+16212+65e1b35f.s390x.rpm
skopeo-tests-1.2.4-2.module+el8.7.0+16212+65e1b35f.s390x.rpm
slirp4netns-1.1.8-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
slirp4netns-debuginfo-1.1.8-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
slirp4netns-debugsource-1.1.8-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
toolbox-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
toolbox-debuginfo-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
toolbox-debugsource-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.s390x.rpm
toolbox-tests-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.s390x.rpm

x86_64:
buildah-1.19.9-6.module+el8.7.0+16212+65e1b35f.x86_64.rpm
buildah-debuginfo-1.19.9-6.module+el8.7.0+16212+65e1b35f.x86_64.rpm
buildah-debugsource-1.19.9-6.module+el8.7.0+16212+65e1b35f.x86_64.rpm
buildah-tests-1.19.9-6.module+el8.7.0+16212+65e1b35f.x86_64.rpm
buildah-tests-debuginfo-1.19.9-6.module+el8.7.0+16212+65e1b35f.x86_64.rpm
conmon-2.0.26-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm
conmon-debuginfo-2.0.26-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm
conmon-debugsource-2.0.26-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm
containernetworking-plugins-0.9.1-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
containernetworking-plugins-debuginfo-0.9.1-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
containernetworking-plugins-debugsource-0.9.1-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
containers-common-1.2.4-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm
crit-3.15-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
criu-3.15-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
criu-debuginfo-3.15-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
criu-debugsource-3.15-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
crun-0.18-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm
crun-debuginfo-0.18-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm
crun-debugsource-0.18-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm
fuse-overlayfs-1.4.0-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm
fuse-overlayfs-debuginfo-1.4.0-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm
fuse-overlayfs-debugsource-1.4.0-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm
libslirp-4.3.1-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
libslirp-debuginfo-4.3.1-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
libslirp-debugsource-4.3.1-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
libslirp-devel-4.3.1-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
oci-seccomp-bpf-hook-1.2.0-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.0-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm
oci-seccomp-bpf-hook-debugsource-1.2.0-3.module+el8.7.0+16212+65e1b35f.x86_64.rpm
podman-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm
podman-catatonit-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm
podman-catatonit-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm
podman-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm
podman-debugsource-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm
podman-plugins-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm
podman-plugins-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm
podman-remote-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm
podman-remote-debuginfo-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm
podman-tests-3.0.1-13.module+el8.7.0+16212+65e1b35f.x86_64.rpm
python3-criu-3.15-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
runc-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.x86_64.rpm
runc-debuginfo-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.x86_64.rpm
runc-debugsource-1.0.0-73.rc95.module+el8.7.0+16212+65e1b35f.x86_64.rpm
skopeo-1.2.4-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm
skopeo-debuginfo-1.2.4-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm
skopeo-debugsource-1.2.4-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm
skopeo-tests-1.2.4-2.module+el8.7.0+16212+65e1b35f.x86_64.rpm
slirp4netns-1.1.8-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
slirp4netns-debuginfo-1.1.8-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
slirp4netns-debugsource-1.1.8-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
toolbox-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
toolbox-debuginfo-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
toolbox-debugsource-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm
toolbox-tests-0.0.99.3-1.module+el8.7.0+16212+65e1b35f.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2022-1705
https://access.redhat.com/security/cve/CVE-2022-1708
https://access.redhat.com/security/cve/CVE-2022-1962
https://access.redhat.com/security/cve/CVE-2022-21698
https://access.redhat.com/security/cve/CVE-2022-28131
https://access.redhat.com/security/cve/CVE-2022-30630
https://access.redhat.com/security/cve/CVE-2022-30631
https://access.redhat.com/security/cve/CVE-2022-30632
https://access.redhat.com/security/cve/CVE-2022-30633
https://access.redhat.com/security/cve/CVE-2022-32148
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index

  1. Contact:

The Red Hat security contact is [email protected]. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBY2pSjNzjgjWX9erEAQjmjg//bzmpcnPphNhuSDrmZf+Vu8vltkEIGkIm
0Wq/gV1ScREeEIuM4SHkpD0ahdsvQb4yGomA5Qa7CksuLsSMK0PHp9U6kUCrLUTW
l/iU2xczi7Z62I7jBZAWHplhngx7uoWUhVbCDzbh2iJSawg2777xcTX9SRW8zX2h
e3i4a5biddqSux1iO2LL3DeQf8sFW7tMwIA6uqV4QNiAYPbT0CL8VjRQ40fh3XJv
crtEgKZSvM777oFPRPHsniRXkJoeBRtsLVvYvDdUE7nbGmOMLJVZEDUTf10WfbsO
1tEmrdIKjcf8A/hDCPTYO+tfIp6YUWwkIXX34I6gf8BJ/jsygsV+3DZzSPnbDRL7
laCBbOrFFckU1rsMBtZ3oSluHhGqBvhYtxyUyh0lXGKMs78hE3tn5uHOMaZijUCj
A5hKly52+sx+sgyfjntf2XvHVaeR+wIq2++iXt2m/C1V2DY92GODTqc4R2DL/fjF
cX+47snEqgQjUA/fzQtyR0HhTFenGQfQ+6UfUY1cpLwgJSCkVDMeUl1ZNKdUQA3q
2YXFpj4U/jmCslnq8TjkIBwwFM95LWy15uBr4mVPzEWzT2y62LMCpdAka6Up8M1T
PGCa2lHRaoqr5F/QOAcOnFPH08ThtqWfpHDkTgPZrA8hfi/RDDitsVUdjpgXb1yF
psXXlwSfXug=CXio
-----END PGP SIGNATURE-----

RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Related news

Red Hat Security Advisory 2024-1027-03

Red Hat Security Advisory 2024-1027-03 - An update is now available for MTA-6.2-RHEL-8 and MTA-6.2-RHEL-9. Issues addressed include XML injection and denial of service vulnerabilities.

RHSA-2023:5314: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.6 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.6 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21698: A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability. * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream cou...

RHSA-2023:3664: Red Hat Security Advisory: OpenShift Jenkins image and Jenkins agent base image security update

Release of Bug Advisories for the OpenShift Jenkins image and Jenkins agent base image. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid. * CVE-2022-2880: A flaw was found in the golang package, where reques...

RHSA-2023:3642: Red Hat Security Advisory: Red Hat Ceph Storage 6.1 Container security and bug fix update

A new container image for Red Hat Ceph Storage 6.1 is now available in the Red Hat Ecosystem Catalog. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-42581: A flaw was found in the Ramda NPM package that involves prototype poisoning. This flaw allows attackers to supply a crafted object, affecting the integrity or availability of the application. * CVE-2022-1650: A flaw was found in the EventSource NPM Package. The description from the source states the following messa...

Red Hat Security Advisory 2023-1326-01

Red Hat Security Advisory 2023-1326-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, information leakage, out of bounds read, and remote SQL injection vulnerabilities.

RHSA-2023:2357: Red Hat Security Advisory: git-lfs security and bug fix update

An update for git-lfs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid. * CVE-2022-2880: A flaw was found in the golang package, where requests forwarded by r...

RHSA-2023:2041: Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update

Migration Toolkit for Applications 6.1.0 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3782: A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect ...

Red Hat Security Advisory 2023-1275-01

Red Hat Security Advisory 2023-1275-01 - An update for etcd is now available for Red Hat OpenStack Platform. Issues addressed include a denial of service vulnerability.

RHSA-2023:1042: Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift (with security updates)

Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid. * CVE-2022-1962: A flaw was found in the golang standard library, go/par...

Red Hat Security Advisory 2023-0652-01

Red Hat Security Advisory 2023-0652-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.27. Issues addressed include denial of service and out of bounds read vulnerabilities.

Red Hat Security Advisory 2023-0542-01

Red Hat Security Advisory 2023-0542-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release. Issues addressed include denial of service and spoofing vulnerabilities.

Red Hat Security Advisory 2023-0407-01

Red Hat Security Advisory 2023-0407-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.12.0 RPMs. Issues addressed include denial of service and out of bounds read vulnerabilities.

RHSA-2023:0407: Red Hat Security Advisory: OpenShift Virtualization 4.12.0 RPMs security update

Updated release packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache * CVE-2021-44717: golang: syscall: don't close fd 0 on ForkExec error * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: ...

RHSA-2022:7399: Red Hat Security Advisory: OpenShift Container Platform 4.12.0 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-2879: golang: arc...

RHSA-2022:9047: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.6 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.6 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30630: golang: io/fs: stack exhaustion in G...

RHSA-2022:8634: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.1 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: golang: crash in a golang.org/x/crypto/ssh server * CVE-2022-27664: golang: net/http: handle server errors after sending GOAWAY * CVE-2022-30632: golang: path/filepath: stack exhaustion in Glob * CVE-2022-30635: golang: encoding/gob: stack exhaustion in Decoder.Decode * CVE-2022-32190: golang: net/url: JoinPath does not strip relative path components i...

Red Hat Security Advisory 2022-8057-01

Red Hat Security Advisory 2022-8057-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Issues addressed include cross site request forgery, cross site scripting, denial of service, information leakage, and privilege escalation vulnerabilities.

RHSA-2022:8098: Red Hat Security Advisory: toolbox security and bug fix update

An update for toolbox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read * CVE-2022-30632: golang: path/filepath: stack exhaustion in Glob

RHSA-2022:7648: Red Hat Security Advisory: grafana-pcp security update

An update for grafana-pcp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read * CVE-2022-30632: golang: path/filepath: stack exhaustion in Glob * CVE-2022-30635: golang: encoding/gob: stack exhaustion in Decoder.Decode * CVE...

RHSA-2022:7648: Red Hat Security Advisory: grafana-pcp security update

An update for grafana-pcp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read * CVE-2022-30632: golang: path/filepath: stack exhaustion in Glob * CVE-2022-30635: golang: encoding/gob: stack exhaustion in Decoder.Decode * CVE...

RHSA-2022:7648: Red Hat Security Advisory: grafana-pcp security update

An update for grafana-pcp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read * CVE-2022-30632: golang: path/filepath: stack exhaustion in Glob * CVE-2022-30635: golang: encoding/gob: stack exhaustion in Decoder.Decode * CVE...

RHSA-2022:7648: Red Hat Security Advisory: grafana-pcp security update

An update for grafana-pcp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read * CVE-2022-30632: golang: path/filepath: stack exhaustion in Glob * CVE-2022-30635: golang: encoding/gob: stack exhaustion in Decoder.Decode * CVE...

RHSA-2022:7529: Red Hat Security Advisory: container-tools:3.0 security update

An update for the container-tools:3.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1708: cri-o: memory exhaustion on the node when access to the kube api * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-...

Red Hat Security Advisory 2022-7261-01

Red Hat Security Advisory 2022-7261-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.

RHSA-2022:7261: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.0.5 security and bug fix update

OpenShift API for Data Protection (OADP) 1.0.5 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter

Red Hat Security Advisory 2022-6430-01

Red Hat Security Advisory 2022-6430-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6430-01

Red Hat Security Advisory 2022-6430-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6430-01

Red Hat Security Advisory 2022-6430-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.

RHSA-2022:6430: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.0.4 security and bug fix update

OpenShift API for Data Protection (OADP) 1.0.4 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-30629: golang: crypto/tls: session ti...

RHSA-2022:6430: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.0.4 security and bug fix update

OpenShift API for Data Protection (OADP) 1.0.4 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-30629: golang: crypto/tls: session ti...

RHSA-2022:6430: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.0.4 security and bug fix update

OpenShift API for Data Protection (OADP) 1.0.4 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-30629: golang: crypto/tls: session ti...

RHSA-2022:6430: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.0.4 security and bug fix update

OpenShift API for Data Protection (OADP) 1.0.4 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-30629: golang: crypto/tls: session ti...

Red Hat Security Advisory 2022-6370-01

Red Hat Security Advisory 2022-6370-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix security issues and several bugs. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6370-01

Red Hat Security Advisory 2022-6370-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix security issues and several bugs. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6370-01

Red Hat Security Advisory 2022-6370-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix security issues and several bugs. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6370-01

Red Hat Security Advisory 2022-6370-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix security issues and several bugs. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6370-01

Red Hat Security Advisory 2022-6370-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix security issues and several bugs. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6370-01

Red Hat Security Advisory 2022-6370-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix security issues and several bugs. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6370-01

Red Hat Security Advisory 2022-6370-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix security issues and several bugs. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6348-01

Red Hat Security Advisory 2022-6348-01 - Gatekeeper is an open source project that applies the OPA Constraint Framework to enforce policies on your Kubernetes clusters. This advisory contains the container images for Gatekeeper that include bug fixes and container upgrades.

Red Hat Security Advisory 2022-6348-01

Red Hat Security Advisory 2022-6348-01 - Gatekeeper is an open source project that applies the OPA Constraint Framework to enforce policies on your Kubernetes clusters. This advisory contains the container images for Gatekeeper that include bug fixes and container upgrades.

RHSA-2022:6370: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.0 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.6.0 General Availability release images, which fix security issues and bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_a...

RHSA-2022:6370: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.0 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.6.0 General Availability release images, which fix security issues and bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_a...

RHSA-2022:6370: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.0 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.6.0 General Availability release images, which fix security issues and bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_a...

RHSA-2022:6370: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.0 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.6.0 General Availability release images, which fix security issues and bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_a...

RHSA-2022:6370: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.0 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.6.0 General Availability release images, which fix security issues and bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_a...

RHSA-2022:6370: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.0 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.6.0 General Availability release images, which fix security issues and bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_a...

RHSA-2022:6344: Red Hat Security Advisory: Logging Subsystem 5.5.1 Security and Bug Fix Update

Logging Subsystem 5.5.1 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read * CVE-2022-32148: golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working

RHSA-2022:6348: Red Hat Security Advisory: Gatekeeper Operator v0.2 security and container updates

Gatekeeper Operator v0.2 security updates Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: gol...

RHSA-2022:6348: Red Hat Security Advisory: Gatekeeper Operator v0.2 security and container updates

Gatekeeper Operator v0.2 security updates Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: gol...

RHSA-2022:6348: Red Hat Security Advisory: Gatekeeper Operator v0.2 security and container updates

Gatekeeper Operator v0.2 security updates Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: gol...

RHSA-2022:6348: Red Hat Security Advisory: Gatekeeper Operator v0.2 security and container updates

Gatekeeper Operator v0.2 security updates Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: gol...

RHSA-2022:6348: Red Hat Security Advisory: Gatekeeper Operator v0.2 security and container updates

Gatekeeper Operator v0.2 security updates Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: gol...

RHSA-2022:6348: Red Hat Security Advisory: Gatekeeper Operator v0.2 security and container updates

Gatekeeper Operator v0.2 security updates Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: gol...

RHSA-2022:6348: Red Hat Security Advisory: Gatekeeper Operator v0.2 security and container updates

Gatekeeper Operator v0.2 security updates Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: gol...

Red Hat Security Advisory 2022-6283-01

Red Hat Security Advisory 2022-6283-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. This advisory covers the RPM packages for the release.

Red Hat Security Advisory 2022-6283-01

Red Hat Security Advisory 2022-6283-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. This advisory covers the RPM packages for the release.

Red Hat Security Advisory 2022-6283-01

Red Hat Security Advisory 2022-6283-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. This advisory covers the RPM packages for the release.

Red Hat Security Advisory 2022-6283-01

Red Hat Security Advisory 2022-6283-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. This advisory covers the RPM packages for the release.

Red Hat Security Advisory 2022-6283-01

Red Hat Security Advisory 2022-6283-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. This advisory covers the RPM packages for the release.

RHSA-2022:6152: Red Hat Security Advisory: Secondary Scheduler Operator for Red Hat OpenShift 1.1.0 security update

Secondary Scheduler Operator for Red Hat OpenShift 1.1.0 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-28327: golang: crypto/elliptic: panic caused by oversized scalar...

RHSA-2022:6283: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.2 Containers security update

Red Hat OpenShift Service Mesh 2.2.2 Containers Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30632: golang: path/filepath: stack exhaustion in Glob * CVE-2022-30633: golang: encoding/xml: stack exhaustion in Unmarshal * CVE-2022-30635: golang: encoding/gob: stack...

RHSA-2022:6283: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.2 Containers security update

Red Hat OpenShift Service Mesh 2.2.2 Containers Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30632: golang: path/filepath: stack exhaustion in Glob * CVE-2022-30633: golang: encoding/xml: stack exhaustion in Unmarshal * CVE-2022-30635: golang: encoding/gob: stack...

RHSA-2022:6283: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.2 Containers security update

Red Hat OpenShift Service Mesh 2.2.2 Containers Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30632: golang: path/filepath: stack exhaustion in Glob * CVE-2022-30633: golang: encoding/xml: stack exhaustion in Unmarshal * CVE-2022-30635: golang: encoding/gob: stack...

RHSA-2022:6283: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.2 Containers security update

Red Hat OpenShift Service Mesh 2.2.2 Containers Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30632: golang: path/filepath: stack exhaustion in Glob * CVE-2022-30633: golang: encoding/xml: stack exhaustion in Unmarshal * CVE-2022-30635: golang: encoding/gob: stack...

RHSA-2022:6283: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.2 Containers security update

Red Hat OpenShift Service Mesh 2.2.2 Containers Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30632: golang: path/filepath: stack exhaustion in Glob * CVE-2022-30633: golang: encoding/xml: stack exhaustion in Unmarshal * CVE-2022-30635: golang: encoding/gob: stack...

Red Hat Security Advisory 2022-6188-01

Red Hat Security Advisory 2022-6188-01 - This is an updated release of the Node Maintenance Operator. The Node Maintenance Operator cordons off nodes from the rest of the cluster and drains all the pods from the nodes. By placing nodes under maintenance, administrators can proactively power down nodes, move workloads to other parts of the cluster, and ensure that workloads do not get interrupted.

Red Hat Security Advisory 2022-6188-01

Red Hat Security Advisory 2022-6188-01 - This is an updated release of the Node Maintenance Operator. The Node Maintenance Operator cordons off nodes from the rest of the cluster and drains all the pods from the nodes. By placing nodes under maintenance, administrators can proactively power down nodes, move workloads to other parts of the cluster, and ensure that workloads do not get interrupted.

Red Hat Security Advisory 2022-6188-01

Red Hat Security Advisory 2022-6188-01 - This is an updated release of the Node Maintenance Operator. The Node Maintenance Operator cordons off nodes from the rest of the cluster and drains all the pods from the nodes. By placing nodes under maintenance, administrators can proactively power down nodes, move workloads to other parts of the cluster, and ensure that workloads do not get interrupted.

Red Hat Security Advisory 2022-6188-01

Red Hat Security Advisory 2022-6188-01 - This is an updated release of the Node Maintenance Operator. The Node Maintenance Operator cordons off nodes from the rest of the cluster and drains all the pods from the nodes. By placing nodes under maintenance, administrators can proactively power down nodes, move workloads to other parts of the cluster, and ensure that workloads do not get interrupted.

Red Hat Security Advisory 2022-6188-01

Red Hat Security Advisory 2022-6188-01 - This is an updated release of the Node Maintenance Operator. The Node Maintenance Operator cordons off nodes from the rest of the cluster and drains all the pods from the nodes. By placing nodes under maintenance, administrators can proactively power down nodes, move workloads to other parts of the cluster, and ensure that workloads do not get interrupted.

Red Hat Security Advisory 2022-6188-01

Red Hat Security Advisory 2022-6188-01 - This is an updated release of the Node Maintenance Operator. The Node Maintenance Operator cordons off nodes from the rest of the cluster and drains all the pods from the nodes. By placing nodes under maintenance, administrators can proactively power down nodes, move workloads to other parts of the cluster, and ensure that workloads do not get interrupted.

Red Hat Security Advisory 2022-6184-01

Red Hat Security Advisory 2022-6184-01 - The Self Node Remediation Operator works in conjunction with the Machine Health Check or the Node Health Check Operators to provide automatic remediation of unhealthy nodes by rebooting them. This minimizes downtime for stateful applications and RWO volumes, as well as restoring compute capacity in the event of transient failures.

RHSA-2022:6188: Red Hat Security Advisory: Node Maintenance Operator 4.11.1 security update

An update for node-maintenance-must-gather-container, node-maintenance-operator-bundle-container, and node-maintenance-operator-container is now available for Node Maintenance Operator 4.11 for RHEL 8. This Operator is delivered by Red Hat Workload Availability. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-...

RHSA-2022:6188: Red Hat Security Advisory: Node Maintenance Operator 4.11.1 security update

An update for node-maintenance-must-gather-container, node-maintenance-operator-bundle-container, and node-maintenance-operator-container is now available for Node Maintenance Operator 4.11 for RHEL 8. This Operator is delivered by Red Hat Workload Availability. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-...

RHSA-2022:6188: Red Hat Security Advisory: Node Maintenance Operator 4.11.1 security update

An update for node-maintenance-must-gather-container, node-maintenance-operator-bundle-container, and node-maintenance-operator-container is now available for Node Maintenance Operator 4.11 for RHEL 8. This Operator is delivered by Red Hat Workload Availability. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-...

RHSA-2022:6188: Red Hat Security Advisory: Node Maintenance Operator 4.11.1 security update

An update for node-maintenance-must-gather-container, node-maintenance-operator-bundle-container, and node-maintenance-operator-container is now available for Node Maintenance Operator 4.11 for RHEL 8. This Operator is delivered by Red Hat Workload Availability. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-...

RHSA-2022:6188: Red Hat Security Advisory: Node Maintenance Operator 4.11.1 security update

An update for node-maintenance-must-gather-container, node-maintenance-operator-bundle-container, and node-maintenance-operator-container is now available for Node Maintenance Operator 4.11 for RHEL 8. This Operator is delivered by Red Hat Workload Availability. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-...

RHSA-2022:6187: Red Hat Security Advisory: Node Health Check Operator 0.3.1 security update

An update for node-healthcheck-operator-bundle-container and node-healthcheck-operator-container is now available for Node Healthcheck Operator 0.3 for RHEL 8. This Operator is delivered by Red Hat Workload Availability. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-28327: golang: crypto/elliptic: panic caused by oversized scalar * CVE-2022-30631: golang: compress/gzip: stack exhaust...

RHSA-2022:6156: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, & bugfix update

Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.11.0 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-23440: nodejs-set-value: type confusion allows bypass of CVE-2019-10747 * CVE-2021-23566: nanoid: Information disclosure via valueOf() function * CVE-2022-0235: node-fetch: exposure of sensitive information to an unauthorized actor * CVE-2022-0536: follow-...

Red Hat Security Advisory 2022-6103-01

Red Hat Security Advisory 2022-6103-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.1.

Red Hat Security Advisory 2022-6061-01

Red Hat Security Advisory 2022-6061-01 - The etcd packages provide a highly available key-value store for shared configuration. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6066-01

Red Hat Security Advisory 2022-6066-01 - The etcd packages provide a highly available key-value store for shared configuration. Issues addressed include a denial of service vulnerability.

RHSA-2022:6061: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read

Red Hat Security Advisory 2022-6042-01

Red Hat Security Advisory 2022-6042-01 - Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Issues addressed include bypass and denial of service vulnerabilities.

Red Hat Security Advisory 2022-6042-01

Red Hat Security Advisory 2022-6042-01 - Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Issues addressed include bypass and denial of service vulnerabilities.

Red Hat Security Advisory 2022-6042-01

Red Hat Security Advisory 2022-6042-01 - Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Issues addressed include bypass and denial of service vulnerabilities.

Red Hat Security Advisory 2022-6042-01

Red Hat Security Advisory 2022-6042-01 - Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Issues addressed include bypass and denial of service vulnerabilities.

Red Hat Security Advisory 2022-6042-01

Red Hat Security Advisory 2022-6042-01 - Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Issues addressed include bypass and denial of service vulnerabilities.

CVE-2022-28131: GO-2022-0521 - Go Packages

Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document.

CVE-2022-1705

Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid.

CVE-2022-28131: [security] Go 1.18.4 and Go 1.17.12 are released

In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a panic can occur via a deeply nested XML document.

CVE-2022-30630

Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.

Red Hat Security Advisory 2022-5875-01

Red Hat Security Advisory 2022-5875-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.26.

Red Hat Security Advisory 2022-5923-01

Red Hat Security Advisory 2022-5923-01 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring.

RHSA-2022:5924: Red Hat Security Advisory: Service Telemetry Framework 1.4 security update

An update is now available for Service Telemetry Framework 1.4 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read

RHSA-2022:5775: Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: golang: compress/gzip: stack exhau...

RHSA-2022:5775: Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: golang: compress/gzip: stack exhau...

RHSA-2022:5775: Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: golang: compress/gzip: stack exhau...

RHSA-2022:5775: Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: golang: compress/gzip: stack exhau...

RHSA-2022:5775: Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: golang: compress/gzip: stack exhau...

RHSA-2022:5775: Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: golang: compress/gzip: stack exhau...

RHSA-2022:5775: Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: golang: compress/gzip: stack exhau...

Red Hat Security Advisory 2022-5392-01

Red Hat Security Advisory 2022-5392-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.11 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which resolve security issues and fix several bugs. Issues addressed include a traversal vulnerability.

Red Hat Security Advisory 2022-4999-01

Red Hat Security Advisory 2022-4999-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.715. Issues addressed include a memory exhaustion vulnerability.

RHSA-2022:4999: Red Hat Security Advisory: OpenShift Container Platform 3.11.715 packages and security update

Red Hat OpenShift Container Platform release 3.11.715 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1708: cri-o: memory exhaustion on the node when access to the kube api

Red Hat Security Advisory 2022-4951-01

Red Hat Security Advisory 2022-4951-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.8.43. Issues addressed include a memory exhaustion vulnerability.

Red Hat Security Advisory 2022-4965-01

Red Hat Security Advisory 2022-4965-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.53. There are no images for this advisory. Issues addressed include a memory exhaustion vulnerability.

Red Hat Security Advisory 2022-4972-01

Red Hat Security Advisory 2022-4972-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.38. Issues addressed include a memory exhaustion vulnerability.

RHSA-2022:4951: Red Hat Security Advisory: OpenShift Container Platform 4.8.43 packages and security update

Red Hat OpenShift Container Platform release 4.8.43 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1708: cri-o: memory exhaustion on the node when access to the kube api

RHSA-2022:4965: Red Hat Security Advisory: OpenShift Container Platform 4.7.53 packages and security update

Red Hat OpenShift Container Platform release 4.7.53 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1708: cri-o: memory exhaustion on the node when access to the kube api

RHSA-2022:4972: Red Hat Security Advisory: OpenShift Container Platform 4.9.38 packages and security update

Red Hat OpenShift Container Platform release 4.9.38 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1708: cri-o: memory exhaustion on the node when access to the kube api

RHSA-2022:2280: Red Hat Security Advisory: OpenShift Container Platform 3.11.705 security update

Red Hat OpenShift Container Platform release 3.11.705 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-2022-29036: credentials: Stored XSS vulnerabilities in jenkins plugin * CVE-2022-29046: subversion:...

Red Hat Security Advisory 2022-2216-01

Red Hat Security Advisory 2022-2216-01 - Logging Subsystem 5.4.1 - Red Hat OpenShift. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

Red Hat Security Advisory 2022-2218-01

Red Hat Security Advisory 2022-2218-01 - Openshift Logging Bug Fix Release. Issues addressed include HTTP request smuggling, denial of service, and man-in-the-middle vulnerabilities.

RHSA-2022:2217: Red Hat Security Advisory: Red Hat OpenShift Logging Security and Bug update Release 5.3.7

Openshift Logging Bug Fix Release (5.3.7) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-37136: netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data * CVE-2021-37137: netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way * CVE-2021-43797: netty: control chars in header names may lead to HTTP request smuggling * CVE-2022-0759: kubeclient: kubeconfig parsing error can lead to...

RHSA-2022:2218: Red Hat Security Advisory: Openshift Logging Security and Bug update Release (5.2.10)

Openshift Logging Bug Fix Release (5.2.10) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-37136: netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data * CVE-2021-37137: netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way * CVE-2021-43797: netty: control chars in header names may lead to HTTP request smuggling * CVE-2022-0759: kubeclient: kubeconfig parsing error can lead t...

RHSA-2022:2216: Red Hat Security Advisory: Red Hat OpenShift Logging Security and Bug update Release 5.4.1

Logging Subsystem 5.4.1 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-37136: netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data * CVE-2021-37137: netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way * CVE-2021-43797: netty: control chars in header names may lead to HTTP request smuggling * CVE-2022-21698: prometheus/client_golang: Denial of service u...

RHSA-2022:1762: Red Hat Security Advisory: container-tools:rhel8 security, bug fix, and enhancement update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1227: psgo: Privilege escalation in 'podman top' * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-2022-27649: podman: Default inheritable capabilities for linux container should be empty * CVE-2022-27650: crun: Default inheritable capabilities for linux container should be empty...

Packet Storm: Latest News

CUPS IPP Attributes LAN Remote Code Execution