Headline
Red Hat Security Advisory 2023-3910-01
Red Hat Security Advisory 2023-3910-01 - Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.63.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: Red Hat OpenShift Enterprise security update
Advisory ID: RHSA-2023:3910-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2023:3910
Issue date: 2023-07-06
CVE Names: CVE-2022-41717 CVE-2023-3089 CVE-2023-24540
=====================================================================
- Summary:
Red Hat OpenShift Container Platform release 4.10.63 is now available with
updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container
Platform 4.10.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat OpenShift Container Platform 4.10 - aarch64, noarch, ppc64le, s390x, x86_64
- Description:
Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.10.63. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHSA-2023:3911
Security Fix(es):
openshift: OCP & FIPS mode (CVE-2023-3089)
golang: html/template: improper handling of JavaScript whitespace
(CVE-2023-24540)golang: net/http: excessive memory growth in a Go server accepting HTTP/2
requests (CVE-2022-41717)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
All OpenShift Container Platform 4.10 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift CLI (oc)
or web console. Instructions for upgrading a cluster are available at
https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html
- Solution:
For OpenShift Container Platform 4.10 see the following documentation,
which will be updated shortly for this release, for important instructions
on how to upgrade your cluster and fully apply this asynchronous errata
update:
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
4.10.63
- Bugs fixed (https://bugzilla.redhat.com/):
2161274 - CVE-2022-41717 golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests
2196027 - CVE-2023-24540 golang: html/template: improper handling of JavaScript whitespace
2212085 - CVE-2023-3089 openshift: OCP & FIPS mode
- Package List:
Red Hat OpenShift Container Platform 4.10:
Source:
openshift-4.10.0-202306170106.p0.g16bcd69.assembly.stream.el7.src.rpm
openshift-ansible-4.10.0-202306170106.p0.g72c7be6.assembly.stream.el7.src.rpm
openshift-clients-4.10.0-202306261054.p0.g22cf04a.assembly.stream.el7.src.rpm
noarch:
openshift-ansible-4.10.0-202306170106.p0.g72c7be6.assembly.stream.el7.noarch.rpm
openshift-ansible-test-4.10.0-202306170106.p0.g72c7be6.assembly.stream.el7.noarch.rpm
x86_64:
openshift-clients-4.10.0-202306261054.p0.g22cf04a.assembly.stream.el7.x86_64.rpm
openshift-clients-redistributable-4.10.0-202306261054.p0.g22cf04a.assembly.stream.el7.x86_64.rpm
openshift-hyperkube-4.10.0-202306170106.p0.g16bcd69.assembly.stream.el7.x86_64.rpm
Red Hat OpenShift Container Platform 4.10:
Source:
buildah-1.19.9-1.1.el8.src.rpm
jenkins-2-plugins-4.10.1687341544-1.el8.src.rpm
jenkins-2.401.1.1687268694-1.el8.src.rpm
kernel-4.18.0-305.95.1.el8_4.src.rpm
kernel-rt-4.18.0-305.95.1.rt7.170.el8_4.src.rpm
openshift-4.10.0-202306170106.p0.g16bcd69.assembly.stream.el8.src.rpm
openshift-ansible-4.10.0-202306170106.p0.g72c7be6.assembly.stream.el8.src.rpm
openshift-clients-4.10.0-202306261054.p0.g22cf04a.assembly.stream.el8.src.rpm
openshift-kuryr-4.10.0-202306170106.p0.g8e4df8b.assembly.stream.el8.src.rpm
podman-3.2.3-1.1.rhaos4.10.el8.src.rpm
skopeo-1.2.4-1.1.el8.src.rpm
aarch64:
bpftool-4.18.0-305.95.1.el8_4.aarch64.rpm
bpftool-debuginfo-4.18.0-305.95.1.el8_4.aarch64.rpm
buildah-1.19.9-1.1.el8.aarch64.rpm
buildah-debuginfo-1.19.9-1.1.el8.aarch64.rpm
buildah-debugsource-1.19.9-1.1.el8.aarch64.rpm
buildah-tests-1.19.9-1.1.el8.aarch64.rpm
buildah-tests-debuginfo-1.19.9-1.1.el8.aarch64.rpm
containers-common-1.2.4-1.1.el8.aarch64.rpm
kernel-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-core-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-cross-headers-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-debug-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-debug-core-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-debug-debuginfo-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-debug-devel-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-debug-modules-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-debug-modules-extra-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-debug-modules-internal-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-debuginfo-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-devel-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-headers-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-modules-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-modules-extra-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-modules-internal-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-selftests-internal-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-tools-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-tools-debuginfo-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-tools-libs-4.18.0-305.95.1.el8_4.aarch64.rpm
kernel-tools-libs-devel-4.18.0-305.95.1.el8_4.aarch64.rpm
openshift-clients-4.10.0-202306261054.p0.g22cf04a.assembly.stream.el8.aarch64.rpm
openshift-hyperkube-4.10.0-202306170106.p0.g16bcd69.assembly.stream.el8.aarch64.rpm
perf-4.18.0-305.95.1.el8_4.aarch64.rpm
perf-debuginfo-4.18.0-305.95.1.el8_4.aarch64.rpm
podman-3.2.3-1.1.rhaos4.10.el8.aarch64.rpm
podman-catatonit-3.2.3-1.1.rhaos4.10.el8.aarch64.rpm
podman-catatonit-debuginfo-3.2.3-1.1.rhaos4.10.el8.aarch64.rpm
podman-debuginfo-3.2.3-1.1.rhaos4.10.el8.aarch64.rpm
podman-debugsource-3.2.3-1.1.rhaos4.10.el8.aarch64.rpm
podman-plugins-3.2.3-1.1.rhaos4.10.el8.aarch64.rpm
podman-plugins-debuginfo-3.2.3-1.1.rhaos4.10.el8.aarch64.rpm
podman-remote-3.2.3-1.1.rhaos4.10.el8.aarch64.rpm
podman-remote-debuginfo-3.2.3-1.1.rhaos4.10.el8.aarch64.rpm
podman-tests-3.2.3-1.1.rhaos4.10.el8.aarch64.rpm
python3-perf-4.18.0-305.95.1.el8_4.aarch64.rpm
python3-perf-debuginfo-4.18.0-305.95.1.el8_4.aarch64.rpm
skopeo-1.2.4-1.1.el8.aarch64.rpm
skopeo-debuginfo-1.2.4-1.1.el8.aarch64.rpm
skopeo-debugsource-1.2.4-1.1.el8.aarch64.rpm
skopeo-tests-1.2.4-1.1.el8.aarch64.rpm
noarch:
jenkins-2-plugins-4.10.1687341544-1.el8.noarch.rpm
jenkins-2.401.1.1687268694-1.el8.noarch.rpm
kernel-doc-4.18.0-305.95.1.el8_4.noarch.rpm
openshift-ansible-4.10.0-202306170106.p0.g72c7be6.assembly.stream.el8.noarch.rpm
openshift-ansible-test-4.10.0-202306170106.p0.g72c7be6.assembly.stream.el8.noarch.rpm
openshift-kuryr-cni-4.10.0-202306170106.p0.g8e4df8b.assembly.stream.el8.noarch.rpm
openshift-kuryr-common-4.10.0-202306170106.p0.g8e4df8b.assembly.stream.el8.noarch.rpm
openshift-kuryr-controller-4.10.0-202306170106.p0.g8e4df8b.assembly.stream.el8.noarch.rpm
podman-docker-3.2.3-1.1.rhaos4.10.el8.noarch.rpm
python3-kuryr-kubernetes-4.10.0-202306170106.p0.g8e4df8b.assembly.stream.el8.noarch.rpm
ppc64le:
bpftool-4.18.0-305.95.1.el8_4.ppc64le.rpm
bpftool-debuginfo-4.18.0-305.95.1.el8_4.ppc64le.rpm
buildah-1.19.9-1.1.el8.ppc64le.rpm
buildah-debuginfo-1.19.9-1.1.el8.ppc64le.rpm
buildah-debugsource-1.19.9-1.1.el8.ppc64le.rpm
buildah-tests-1.19.9-1.1.el8.ppc64le.rpm
buildah-tests-debuginfo-1.19.9-1.1.el8.ppc64le.rpm
containers-common-1.2.4-1.1.el8.ppc64le.rpm
kernel-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-core-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-cross-headers-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-debug-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-debug-core-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-debug-devel-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-debug-modules-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-debug-modules-internal-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-debuginfo-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-devel-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-headers-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-ipaclones-internal-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-modules-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-modules-extra-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-modules-internal-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-selftests-internal-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-tools-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-tools-libs-4.18.0-305.95.1.el8_4.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-305.95.1.el8_4.ppc64le.rpm
openshift-clients-4.10.0-202306261054.p0.g22cf04a.assembly.stream.el8.ppc64le.rpm
openshift-hyperkube-4.10.0-202306170106.p0.g16bcd69.assembly.stream.el8.ppc64le.rpm
perf-4.18.0-305.95.1.el8_4.ppc64le.rpm
perf-debuginfo-4.18.0-305.95.1.el8_4.ppc64le.rpm
podman-3.2.3-1.1.rhaos4.10.el8.ppc64le.rpm
podman-catatonit-3.2.3-1.1.rhaos4.10.el8.ppc64le.rpm
podman-catatonit-debuginfo-3.2.3-1.1.rhaos4.10.el8.ppc64le.rpm
podman-debuginfo-3.2.3-1.1.rhaos4.10.el8.ppc64le.rpm
podman-debugsource-3.2.3-1.1.rhaos4.10.el8.ppc64le.rpm
podman-plugins-3.2.3-1.1.rhaos4.10.el8.ppc64le.rpm
podman-plugins-debuginfo-3.2.3-1.1.rhaos4.10.el8.ppc64le.rpm
podman-remote-3.2.3-1.1.rhaos4.10.el8.ppc64le.rpm
podman-remote-debuginfo-3.2.3-1.1.rhaos4.10.el8.ppc64le.rpm
podman-tests-3.2.3-1.1.rhaos4.10.el8.ppc64le.rpm
python3-perf-4.18.0-305.95.1.el8_4.ppc64le.rpm
python3-perf-debuginfo-4.18.0-305.95.1.el8_4.ppc64le.rpm
skopeo-1.2.4-1.1.el8.ppc64le.rpm
skopeo-debuginfo-1.2.4-1.1.el8.ppc64le.rpm
skopeo-debugsource-1.2.4-1.1.el8.ppc64le.rpm
skopeo-tests-1.2.4-1.1.el8.ppc64le.rpm
s390x:
bpftool-4.18.0-305.95.1.el8_4.s390x.rpm
bpftool-debuginfo-4.18.0-305.95.1.el8_4.s390x.rpm
buildah-1.19.9-1.1.el8.s390x.rpm
buildah-debuginfo-1.19.9-1.1.el8.s390x.rpm
buildah-debugsource-1.19.9-1.1.el8.s390x.rpm
buildah-tests-1.19.9-1.1.el8.s390x.rpm
buildah-tests-debuginfo-1.19.9-1.1.el8.s390x.rpm
containers-common-1.2.4-1.1.el8.s390x.rpm
kernel-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-core-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-cross-headers-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-debug-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-debug-core-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-debug-debuginfo-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-debug-devel-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-debug-modules-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-debug-modules-extra-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-debug-modules-internal-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-debuginfo-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-devel-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-headers-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-modules-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-modules-extra-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-modules-internal-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-selftests-internal-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-tools-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-tools-debuginfo-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-zfcpdump-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-zfcpdump-core-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-zfcpdump-devel-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-zfcpdump-modules-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-305.95.1.el8_4.s390x.rpm
kernel-zfcpdump-modules-internal-4.18.0-305.95.1.el8_4.s390x.rpm
openshift-clients-4.10.0-202306261054.p0.g22cf04a.assembly.stream.el8.s390x.rpm
openshift-hyperkube-4.10.0-202306170106.p0.g16bcd69.assembly.stream.el8.s390x.rpm
perf-4.18.0-305.95.1.el8_4.s390x.rpm
perf-debuginfo-4.18.0-305.95.1.el8_4.s390x.rpm
podman-3.2.3-1.1.rhaos4.10.el8.s390x.rpm
podman-catatonit-3.2.3-1.1.rhaos4.10.el8.s390x.rpm
podman-catatonit-debuginfo-3.2.3-1.1.rhaos4.10.el8.s390x.rpm
podman-debuginfo-3.2.3-1.1.rhaos4.10.el8.s390x.rpm
podman-debugsource-3.2.3-1.1.rhaos4.10.el8.s390x.rpm
podman-plugins-3.2.3-1.1.rhaos4.10.el8.s390x.rpm
podman-plugins-debuginfo-3.2.3-1.1.rhaos4.10.el8.s390x.rpm
podman-remote-3.2.3-1.1.rhaos4.10.el8.s390x.rpm
podman-remote-debuginfo-3.2.3-1.1.rhaos4.10.el8.s390x.rpm
podman-tests-3.2.3-1.1.rhaos4.10.el8.s390x.rpm
python3-perf-4.18.0-305.95.1.el8_4.s390x.rpm
python3-perf-debuginfo-4.18.0-305.95.1.el8_4.s390x.rpm
skopeo-1.2.4-1.1.el8.s390x.rpm
skopeo-debuginfo-1.2.4-1.1.el8.s390x.rpm
skopeo-debugsource-1.2.4-1.1.el8.s390x.rpm
skopeo-tests-1.2.4-1.1.el8.s390x.rpm
x86_64:
bpftool-4.18.0-305.95.1.el8_4.x86_64.rpm
bpftool-debuginfo-4.18.0-305.95.1.el8_4.x86_64.rpm
buildah-1.19.9-1.1.el8.x86_64.rpm
buildah-debuginfo-1.19.9-1.1.el8.x86_64.rpm
buildah-debugsource-1.19.9-1.1.el8.x86_64.rpm
buildah-tests-1.19.9-1.1.el8.x86_64.rpm
buildah-tests-debuginfo-1.19.9-1.1.el8.x86_64.rpm
containers-common-1.2.4-1.1.el8.x86_64.rpm
kernel-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-core-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-cross-headers-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-debug-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-debug-core-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-debug-debuginfo-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-debug-devel-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-debug-modules-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-debug-modules-extra-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-debug-modules-internal-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-debuginfo-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-devel-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-headers-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-ipaclones-internal-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-modules-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-modules-extra-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-modules-internal-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-rt-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-core-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-debug-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-debug-core-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-debug-devel-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-debug-kvm-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-debug-modules-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-debug-modules-internal-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-debuginfo-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-devel-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-kvm-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-modules-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-modules-extra-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-modules-internal-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-rt-selftests-internal-4.18.0-305.95.1.rt7.170.el8_4.x86_64.rpm
kernel-selftests-internal-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-tools-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-tools-debuginfo-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-tools-libs-4.18.0-305.95.1.el8_4.x86_64.rpm
kernel-tools-libs-devel-4.18.0-305.95.1.el8_4.x86_64.rpm
openshift-clients-4.10.0-202306261054.p0.g22cf04a.assembly.stream.el8.x86_64.rpm
openshift-clients-redistributable-4.10.0-202306261054.p0.g22cf04a.assembly.stream.el8.x86_64.rpm
openshift-hyperkube-4.10.0-202306170106.p0.g16bcd69.assembly.stream.el8.x86_64.rpm
perf-4.18.0-305.95.1.el8_4.x86_64.rpm
perf-debuginfo-4.18.0-305.95.1.el8_4.x86_64.rpm
podman-3.2.3-1.1.rhaos4.10.el8.x86_64.rpm
podman-catatonit-3.2.3-1.1.rhaos4.10.el8.x86_64.rpm
podman-catatonit-debuginfo-3.2.3-1.1.rhaos4.10.el8.x86_64.rpm
podman-debuginfo-3.2.3-1.1.rhaos4.10.el8.x86_64.rpm
podman-debugsource-3.2.3-1.1.rhaos4.10.el8.x86_64.rpm
podman-plugins-3.2.3-1.1.rhaos4.10.el8.x86_64.rpm
podman-plugins-debuginfo-3.2.3-1.1.rhaos4.10.el8.x86_64.rpm
podman-remote-3.2.3-1.1.rhaos4.10.el8.x86_64.rpm
podman-remote-debuginfo-3.2.3-1.1.rhaos4.10.el8.x86_64.rpm
podman-tests-3.2.3-1.1.rhaos4.10.el8.x86_64.rpm
python3-perf-4.18.0-305.95.1.el8_4.x86_64.rpm
python3-perf-debuginfo-4.18.0-305.95.1.el8_4.x86_64.rpm
skopeo-1.2.4-1.1.el8.x86_64.rpm
skopeo-debuginfo-1.2.4-1.1.el8.x86_64.rpm
skopeo-debugsource-1.2.4-1.1.el8.x86_64.rpm
skopeo-tests-1.2.4-1.1.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2022-41717
https://access.redhat.com/security/cve/CVE-2023-3089
https://access.redhat.com/security/cve/CVE-2023-24540
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2023-001
- Contact:
The Red Hat security contact is [email protected]. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJkpjntAAoJENzjgjWX9erEIaUQAJdskIzUWAwkltwUZqvqgNAk
RwMWmbwazscWXj/d5BrzMlOavQgs251wPXy4WdWN6AOqXb9SULj1tJjUUGxXnGMw
zVp6Hyk2ClanJ59RTDaeWLhoF4cvarEI0fkSd0W0OljMehH7gkcyQ1q6VKJBOaan
k05UQUlC0GZrMCStl1HA2ewEh/YhkKyqQuoA9jTKhOUA3YUo/sqBiHf9KUdnCD2X
oGdb94rYeMkH+yPk2RQL64FjMCYyVQL0EQArVXJv7OJj7CBk/ltUy2evAJjbGGYn
fa9FV8YqIc2DJTJ/EAOxkX9qfTSqqRm+gjJS9I6oBqHhjJfaO9wvd4S3LbJNHMO7
auJqXSDMHpjtLlgOsWPQy1Va2LYkUsM71eNOwYbOQylr5ayjhOSuPCgM93GCGqqp
AnV7W5wO3Z59GPaTWCDyAcAVm/ChYh8KcGN4K9O4A4XX6XeriyH8nVBDMtgMuUYx
Z7ED3SJ03aw2fXm4P+KgVkbviM02M0MIqVhdqck502QXuD85ovPyzAKGJRtAKI4w
7cLNaK1ln39xaxe1J3hruYP8uoYoLWpzJQZYtGGtTVXWTI+39gMzJB2lMF6zmzcT
UYb9EUyivqAKnzdZinyJjs9UtTh/hqU8MQPdffhTv4meTwhH8nV11myXT+DyRpN5
IkhGnBX5Er1jCx8seRtM
=SpCV
-----END PGP SIGNATURE-----
–
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce
Related news
Red Hat Security Advisory 2024-0746-03 - Updated container image for Red Hat Ceph Storage 5.3 is now available in the Red Hat Ecosystem Catalog. Issues addressed include cross site scripting and denial of service vulnerabilities.
Multicluster Engine for Kubernetes 2.3.2 General Availability release images, which contain security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41721: A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead read the body of the HTTP request, which could be attacker-manipulate...
Red Hat Security Advisory 2023-5103-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.11.6 images.
Red Hat Security Advisory 2023-4972-01 - Multicluster Engine for Kubernetes 2.1.8 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a bypass vulnerability.
Multicluster Engine for Kubernetes 2.3.1 General Availability release images, which contain security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. * CVE-2023-37466: A flaw was found in the vm2 Promise handler sanitization, which allows attackers to esc...
Red Hat OpenShift Virtualization release 4.13.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Con...
Multicluster Engine for Kubernetes 2.2.7 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. * CVE-2023-37903: A flaw was found in the vm2 custom inspect function, which allows attackers to escape t...
Red Hat Security Advisory 2023-4575-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters.
Red Hat Security Advisory 2023-4472-01 - Version 1.29.1 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.10, 4.11, 4.12, and 4.13. This release includes security and bug fixes, and enhancements.
Red Hat OpenShift Serverless version 1.29.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containin...
Red Hat OpenShift Serverless 1.29.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Red Hat Security Advisory 2023-4421-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.12.5 images.
Red Hat Security Advisory 2023-4286-01 - Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.
Red Hat Security Advisory 2023-4287-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.
Red Hat OpenShift Container Platform release 4.13.6 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number...
Red Hat OpenShift Container Platform release 4.13.6 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
Red Hat Security Advisory 2023-4276-01 - An update is now available for Red Hat DevWorkspace Operator. Red Hat Product Security has rated this update as having a security impact of Moderate.
Red Hat Security Advisory 2023-4241-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.
Red Hat Security Advisory 2023-4090-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.5.
Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1260: An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "po...
Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server c...
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.10.14 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
VolSync v0.7.3 enhancements and security fixes Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Red Hat OpenShift Service Mesh 2.4.1 Containers Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Red Hat OpenShift Service Mesh 2.3.5 Containers Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptog...
Red Hat OpenShift Service Mesh 2.2.8 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modu...
Red Hat Security Advisory 2023-3925-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.23.
Red Hat Security Advisory 2023-3924-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.23.
Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...
Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...
Red Hat Security Advisory 2023-3915-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.44.
Red Hat Security Advisory 2023-3914-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.44.
Red Hat Security Advisory 2023-3911-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.63.
Red Hat OpenShift Container Platform release 4.10.63 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server...
Red Hat OpenShift Container Platform release 4.11.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23772: A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issu...
Red Hat OpenShift Container Platform release 4.11.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS...
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
OpenShift API for Data Protection (OADP) 1.1.5 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in H...
Red Hat Security Advisory 2023-3612-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.4. Issues addressed include a denial of service vulnerability.
Red Hat OpenShift Container Platform release 4.13.2 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms...
Ubuntu Security Notice 6140-1 - It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. It was discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10.
An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-28235: A flaw was found in etcd, where etc-io could allow a remote attacker to gain elevated privileges on the system caused by a vulnerability in the debug function. By sending a specially crafted request, an attacker can gain elevated privileges. * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause e...
Red Hat Security Advisory 2023-3379-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes security fixes. This release of RHACS includes a fix for CVE-2023-24540 by building RHACS with updated Golang.
Red Hat Security Advisory 2023-3415-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes security and bug fixes.
Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes security and bug fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpe...
Red Hat Security Advisory 2023-3323-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Red Hat Security Advisory 2023-3319-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Red Hat Security Advisory 2023-2802-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include denial of service and information leakage vulnerabilities.
An update for toolbox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27664: A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown. * CVE-2022-32189: An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode a...
Red Hat OpenShift Service Mesh Containers for 2.3.2 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server t...
Red Hat Security Advisory 2023-1276-01 - Collectd plugin for gathering resource usage statistics from containers created with the libpod library.
An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very ...
OpenShift Serverless version 1.27.1 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System (CVSS) base score.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
Logging Subsystem 5.6.3 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24999: qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b&...
Red Hat Security Advisory 2023-0728-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.3.
Red Hat Security Advisory 2023-0632-01 - Logging Subsystem 5.4.11 - Red Hat OpenShift.
Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS connection set with a wrong CA file is exposed without verifying the client certificates. Users are advised to upgrade to version 2.9.6. Users unable to upgrade should check their logs to detect the error messages and fix your TLS options.