Headline
RHSA-2023:2111: Red Hat Security Advisory: OpenShift Container Platform 4.12.16 security update
Red Hat OpenShift Container Platform release 4.12.16 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-3064: A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document.
Issued:
2023-05-10
Updated:
2023-05-10
RHSA-2023:2111 - Security Advisory
- Overview
- Updated Images
Synopsis
Moderate: OpenShift Container Platform 4.12.16 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 4.12.16 is now available with updates to packages and images that fix several bugs.
This release includes a security update for Red Hat OpenShift Container Platform 4.12.
Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.16. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2023:2110
Security Fix(es):
- go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents (CVE-2022-3064)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.12/updating/updating-cluster-cli.html
Affected Products
- Red Hat OpenShift Container Platform 4.12 for RHEL 9 x86_64
- Red Hat OpenShift Container Platform 4.12 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform for Power 4.12 for RHEL 9 ppc64le
- Red Hat OpenShift Container Platform for Power 4.12 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.12 for RHEL 9 s390x
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.12 for RHEL 8 s390x
- Red Hat OpenShift Container Platform for ARM 64 4.12 for RHEL 9 aarch64
- Red Hat OpenShift Container Platform for ARM 64 4.12 for RHEL 8 aarch64
Fixes
- BZ - 2163037 - CVE-2022-3064 go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents
References
- https://access.redhat.com/security/updates/classification/#moderate
- https://docs.openshift.com/container-platform/4.12/release_notes/ocp-4-12-release-notes.html
- https://access.redhat.com/articles/11258
aarch64
openshift4/metallb-rhel8@sha256:7522ae50bd90f498cff562b36496d88569957fede2876c97bdd08f28319b2748
openshift-tech-preview/metallb-rhel8@sha256:7522ae50bd90f498cff562b36496d88569957fede2876c97bdd08f28319b2748
openshift4/cloud-event-proxy-rhel8@sha256:7f49415e3717c4f189697346f470345001b3c396cee6a0aea7fa8653e8257c65
openshift4/ose-cloud-event-proxy@sha256:7f49415e3717c4f189697346f470345001b3c396cee6a0aea7fa8653e8257c65
openshift4/dpu-network-rhel8-operator@sha256:952ad017a0a75fd61408ce2e7302c095bbaebb3763cceaf51371793239a09fcd
openshift4/frr-rhel8@sha256:16d9a32f710dcbbe772905c1ac9fdff84f581bd30ffd43680db52ffe69768ed7
openshift4/ingress-node-firewall@sha256:4b719a0534d77165d2988eca6b35fc778ec1a24601c32ae375cceb67b805492d
openshift4/ingress-node-firewall-rhel8-operator@sha256:986f1b111b0ad5065102d5ec9ae685f0ef3ecc1717d7176a63f42d74d301d7b0
openshift4/kubernetes-nmstate-rhel8-operator@sha256:d3df1665b7da8f3db7f0d67b470764b1c9a8bbfdef562a21f0f4409de7862731
openshift4/metallb-rhel8-operator@sha256:1b7c97c7e851fd6e1584e316ce628915a9b31e09accbb1fcb27238162cc0e236
openshift4/ose-ansible-operator@sha256:b86c13a892c578b5bc0dec773cb9d88e3a363a1c78a591a95f24eaa64c4c02d3
openshift4/ose-aws-efs-csi-driver-container-rhel8@sha256:b99ad5a98ed519d5278f95b275c6c181742864280b168e40c165b402a682ba44
openshift4/ose-aws-efs-csi-driver-rhel8-operator@sha256:c2daf4566766db210c631472e4a2b1c294534477e3607875a6bcbf0543096faa
openshift4/ose-cluster-capacity@sha256:901f863d3828f4874cd7f9ad118cb16de7ff4071b7a86978eff27cc092ffe904
openshift4/ose-cluster-kube-descheduler-operator@sha256:9adbbf6cdfe6836aeefb2bc1b7b11ace5d6ada3e3c67e47debb2ff648485060b
openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:9adbbf6cdfe6836aeefb2bc1b7b11ace5d6ada3e3c67e47debb2ff648485060b
openshift4/ose-cluster-nfd-operator@sha256:90c02b401222d619114b5b35200a746d63d85e72b3924e668e2b26e9ce7e156a
openshift4/ose-clusterresourceoverride-rhel8@sha256:f575463e319fc9706c5f18a04f519cbb3cc1b3ded8e5dbd059ba35f588d0f684
openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:9a943dc1f78af5aebf1d3e5717916a57ae82f6837af75ae44c82249a2abea790
openshift4/ose-contour-rhel8@sha256:283371b920e8e2c9a9c46c1e595d97ef883bc31b9cd632ea0cab4137541da252
openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:f99666dbee33dc02f09ff71176745e499ef83811c6eebd2d606847ab7bb08195
openshift4/ose-descheduler@sha256:e6a70396d7828f41069b0135fd24cc525e688580eb03eb55662495c214e3b08e
openshift4/ose-egress-dns-proxy@sha256:90067ffff155986d2bb1a463c1c985ef6cfc114610e940ee5635fa4e683dccb7
openshift4/ose-egress-http-proxy@sha256:88b6665254be3dfee6504489dc7ed64996f07549a2e53e6febf2d4db3cef889a
openshift4/ose-egress-router@sha256:935d1b80217da64dbe0ee9cfc5e81a276a0cb5d0aaacbc2f366fcb7a33aaf0ac
openshift4/ose-helm-operator@sha256:655bf3b49cc21121000d166ea76aa8dcf239e5d273e2edd8f3a2e575381bbb56
openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:7d625fd27dd1d14122116aaaacad3c11a541076ca2b086cec2be07159a22f011
openshift4/ose-local-storage-diskmaker@sha256:1b6a3dfea74b7b20514a415477e095580292f6dd70c283bb4db70f692e00f25f
openshift4/ose-local-storage-mustgather-rhel8@sha256:0dc240bc96be9dfb4d909552cfd1c7f6ff93e4a235cc7986bc135c8bc160611e
openshift4/ose-local-storage-operator@sha256:fd7abc1a1e581774ee0495160bc384a53117c02fb7b29cf533db308a839aa990
openshift4/ose-node-feature-discovery@sha256:2d0376293d5a09adf9a7f6286f2a5a09122a6c51b910dc8b53ab8fee5a2174fb
openshift4/ose-node-problem-detector-rhel8@sha256:b1c631a354f99f5de4847d9a8010e3611d87108067ca21c9ede6d4aba961907f
openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:d7637bf6f1cfacd23006a739da00416a230412e75cf2922c1577c599c7445803
openshift4/ose-operator-sdk-rhel8@sha256:9f42ff1c32e969dfa8c8d85e04b7471c06fb8d03f3b86157822b24baea5c44fd
openshift4/ose-ptp@sha256:dfe2e2acec7d101a373a785d1e3bdc705624ebd37250c5f82a996504215bbf39
openshift4/ose-ptp-operator@sha256:cbc521e30d1bcdcab7de28fb45484872b940ab09ee76afa984f1e0ccaee81588
openshift4/ose-service-idler-rhel8@sha256:72bc9ad52fb936466b655538111bb8eef830918f5cab6da58503041017c8af98
openshift4/ose-sriov-cni@sha256:51b69285469b9134c01b612d569e7333f424c4083577d9be9fd8dca06ab352b4
openshift4/ose-sriov-dp-admission-controller@sha256:c50649446b792035f88ae11a242d9c4c56423cd98918eb8d06e09c9e75aa76b5
openshift4/ose-sriov-infiniband-cni@sha256:146077c4b1d81b43758e9e7cebe5ee5d08e704218dadcc852fc73121e81f837e
openshift4/ose-sriov-network-config-daemon@sha256:a25f7ec966604b7f2d4ed72e567c7e65e6a64ce30071fbe8179fc0db2073b6ee
openshift4/ose-sriov-network-device-plugin@sha256:20956a9738eda3fa3354f6859f9ca4e67ef32f9d7b68ccec69d40d697f860558
openshift4/ose-sriov-network-operator@sha256:ca455cf8f3a6e7724415acefc152fbdfd749eacc67c076a6a649299bc7f4d1be
openshift4/ose-sriov-network-webhook@sha256:4609f520b4cebcbdd7baf844711864b3cb0f2e1de8e6e31dfc5459f230a6d6e4
openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:30c0e9287eeabf310afff05e09b350da27e01b0ce28e346c09434bf3b66ef702
openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:06d2bb17a089b7f400669ac87408daa73ec060f04d058746a827c8fb036efb35
openshift4/ptp-must-gather-rhel8@sha256:2b5dd801da3429e508af745d3c0ed443507c70b5947a0c7d0f5310ee402d7df5
ppc64le
openshift4/metallb-rhel8@sha256:bad432820cdd35919a0bca802c6b56feed630157f210523a90ef68680ac066d1
openshift-tech-preview/metallb-rhel8@sha256:bad432820cdd35919a0bca802c6b56feed630157f210523a90ef68680ac066d1
openshift4/cloud-event-proxy-rhel8@sha256:d3dc5bd5691614bb1f454aedcd7de7be4e11fdea6575252757c84154ab0dba51
openshift4/ose-cloud-event-proxy@sha256:d3dc5bd5691614bb1f454aedcd7de7be4e11fdea6575252757c84154ab0dba51
openshift4/frr-rhel8@sha256:f2336cac24e8ceb3dbeaea2059b9b74e2185034c60bfe9256c8f3dc9467027c0
openshift4/ingress-node-firewall@sha256:62b0ff996f220fa3c2a64d7aea866b1bd0939c40ae061906b9ebbee5e84eb3e0
openshift4/ingress-node-firewall-rhel8-operator@sha256:d4d916549a5cd2cdd59eab7341124405e74b276af0513b027fe9963d0b6a3bb5
openshift4/kubernetes-nmstate-rhel8-operator@sha256:5055fdfac60f0306b750efc4cdf4e28a39ab32b48f3a7bcb20add2d3b9953bdc
openshift4/metallb-rhel8-operator@sha256:90eff12b6bec2c031c464e97d8fb9f641839fca187ddb834dad890d182b60c95
openshift4/ose-ansible-operator@sha256:8e04d4445ddeff2951e371ea0832bb295b1ac251874787c3b06000a5e0aead0c
openshift4/ose-cluster-capacity@sha256:370e47d6b231d58c316406143d179614ee68785e01cb4a446aba6a53c4f509bd
openshift4/ose-cluster-kube-descheduler-operator@sha256:1ebcf2886f055f5d065e2926767d6498fa3482def31981c9e6be3ecd98c4d3d4
openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:1ebcf2886f055f5d065e2926767d6498fa3482def31981c9e6be3ecd98c4d3d4
openshift4/ose-cluster-nfd-operator@sha256:2847a7bd49eb0f36bb4d2b5987069c71e635ba5ceece58d26352d8d4350c0d36
openshift4/ose-clusterresourceoverride-rhel8@sha256:480b9c54cbb89d64e2d22fa23e1c4330f7206a31cf27ed9bd8c3041eabb82c58
openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:7ac8d421e7e2e0b73a65e5d4aa28fe8ff18b05a44a4b64d04797562085c0d984
openshift4/ose-contour-rhel8@sha256:929181d9a46b0bf58783edc576662e714f52edb4e579bec32a0f44c5e488c8f5
openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:507761d6328a621a0f2b8ecfb679957a231bd00d0747329de0e838b7df6a3518
openshift4/ose-descheduler@sha256:41935218cdaff803cdfdc3ddc52cea44c6a10e70112828d8a70a78e89693977a
openshift4/ose-egress-dns-proxy@sha256:01acaae8484e0711f8a5155702f4a484a96f5ee358389ff3f0238f408f7f39ea
openshift4/ose-egress-http-proxy@sha256:b12c3d67ec7e4c702b32fcc789d1df9d5ee4581ccc77fe8a355bb017ac858c67
openshift4/ose-egress-router@sha256:974e28c55bab6a197849bb181583f312fd7db97d73bc4c2e1c263bcac5343931
openshift4/ose-gcp-filestore-csi-driver-rhel8@sha256:b753540cb75172a7752c742366f17706fa987eed9158f52afd1a60ebe30f6cc8
openshift4/ose-gcp-filestore-csi-driver-rhel8-operator@sha256:73fecdc0ac8df71670f927d616341c930ad8f6a47ed4cef2de496bc4e18e7203
openshift4/ose-helm-operator@sha256:bae6292d805bb10d1c2a30c6f61fe82f147f12aa5e1629c89731aff003d31927
openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f67dcac1667f0b1720b97c4d797086573b427a96e70d00a9e4c96f3f50f9508e
openshift4/ose-local-storage-diskmaker@sha256:5c3a30656e71f82ccf3927af1b5fdb2d70718e8d37b849dd65670320486c30ec
openshift4/ose-local-storage-mustgather-rhel8@sha256:b73898db2a3ab6e14cf8beea7b5600a774fb0e8775c549df10e0d9d381f90c4a
openshift4/ose-local-storage-operator@sha256:0277e2bf8a576c4e105eaedea8cb5a7894ebed78e30f2b76cee81f9cc79e628f
openshift4/ose-node-feature-discovery@sha256:a10c1d066efdff26e3df577db7483dac7f811adc6abd03cb47a6ca95ce792aa6
openshift4/ose-node-problem-detector-rhel8@sha256:a4fc87f3d39a917734cbf4f70a7b18cdd8de7a8679c00d16246c95408a1a1207
openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:fc2378d96012a35960007803eea8b8bff8b3612518c0e77c9b5303540359fa04
openshift4/ose-operator-sdk-rhel8@sha256:444235716baaa9d31a6235b96a4ab5d9f52353bd4b6ecec6e347756a17efe865
openshift4/ose-ptp@sha256:c5996a32b0b2fff64c82eab4b9d7ad8a5f3e25aefa868675fb466c259aea40b9
openshift4/ose-ptp-operator@sha256:292a162c244e5b8ea1e68c187e06d642afe453c061f5da468b0daaf6eb106365
openshift4/ose-service-idler-rhel8@sha256:435026bcba5f5cf425723cd2af2d55b3518e2fc618345356badc8d29facd5341
openshift4/ose-sriov-cni@sha256:ae2fe6cfb26e12d74a1543712db8d49ed23d10f6d434402440e0073f38dbeb5b
openshift4/ose-sriov-dp-admission-controller@sha256:c76bdcfcf6ecdef538e57462d062f8ffb42c2b51728095b4d13e83105c344195
openshift4/ose-sriov-infiniband-cni@sha256:82a11173d4dfbf2b0c13b58496d2bc1c1286291d563297949a6268c6630e3d9c
openshift4/ose-sriov-network-config-daemon@sha256:b88882bdf6c513d8920b060cb827520ebdc6777aabbad5c0146cb5b24e388b22
openshift4/ose-sriov-network-device-plugin@sha256:9fcff62921a6995c2713508ba9b7f30f9fdc009bbb586e3a1f451ebe09c3f064
openshift4/ose-sriov-network-operator@sha256:e707c7efeed6d87a9f2eb4be6862ea725a96bf2e3bfffab3d849030b5f655a2f
openshift4/ose-sriov-network-webhook@sha256:f90dabad976e8f771068e0e6dc2653d12b73e64262976d14aeee04dfaaf2b3a6
openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:e09c3bb955fbdd6329a976f5173b6940f8f21baa03254ca495b79f01130a5634
openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:333d2820a90a39f84e558fe7f3b3490aff31149b6347dd3951998d031fdfa36e
openshift4/ptp-must-gather-rhel8@sha256:928f804a089dab081d67fa1d18a627b87fe1902d5ef609e8de50bb7186172900
s390x
openshift4/metallb-rhel8@sha256:3ab387903c971cce454c95555e4b8f919cbbb186f11449ddbd14c69c02b343d2
openshift-tech-preview/metallb-rhel8@sha256:3ab387903c971cce454c95555e4b8f919cbbb186f11449ddbd14c69c02b343d2
openshift4/frr-rhel8@sha256:d10fb2abf0af6e18d0f4d5765fceb03208ba8238537ba717b02d3c1954cb2075
openshift4/ingress-node-firewall@sha256:b43486778234c5bdfa05c82048fb1ac39d7f74b15c8ca92de9a4352d2a5e939c
openshift4/ingress-node-firewall-rhel8-operator@sha256:f40795aa8861bb11704afd274017f246a6835e4d7b48a105e07b2fa65883a11f
openshift4/kubernetes-nmstate-rhel8-operator@sha256:c29e4ef61315d2fb8dcece0c2b0cc38e5813eea17acfa495b8e25e3fa50a4f67
openshift4/metallb-rhel8-operator@sha256:f82602fcffa7c3b6fce73751751f7a7cfd6c1d38504ed664d9e576073af4c672
openshift4/ose-ansible-operator@sha256:746feb9184ff90476d69161db1cfc1946f787e6416a7e12a98baa342f74099b5
openshift4/ose-cluster-capacity@sha256:d0ced611c128dd40ab0c2f09b71b54315ef2c844174379ae6d7dd211cd3e21be
openshift4/ose-cluster-kube-descheduler-operator@sha256:bd6ff49f42e4e3cae70c2ee8901ee323afdb7bbe798a1b52d2cdae4035d0c1e2
openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:bd6ff49f42e4e3cae70c2ee8901ee323afdb7bbe798a1b52d2cdae4035d0c1e2
openshift4/ose-cluster-nfd-operator@sha256:9cfa46c5373bf62b29271618cc76eec41f9e2dd02a229720a0ebe08c61e77cec
openshift4/ose-clusterresourceoverride-rhel8@sha256:aa7afefd0e2969dcd85263c312deee6be3d9d77e154d2b067152a688b5e5d445
openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b99e0e1d963fabc826b2e1ffac06692e2c22f74b7ee42a756e45ff32fa64b822
openshift4/ose-contour-rhel8@sha256:658ded7c1e47ca2e51597725bb58f25db84b6e2c1eabf10bc1628d592b36737e
openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:9b1a2500bc9a737339d8dc4b47151ad59a6e5878e280eb07af11721af36ebd04
openshift4/ose-descheduler@sha256:a96630a44de4fefad033938746c35eddd51745cd2bb32d12e494755ebd9126b5
openshift4/ose-egress-dns-proxy@sha256:331cb773e59bcba78418d6e37ac8ea2230969630a92c00e82f4d33f123e160f6
openshift4/ose-egress-http-proxy@sha256:e52c3e1693a87a0a91968a69e05da4d4ab6b6334e11fde7fe1a1023f0499ffd0
openshift4/ose-egress-router@sha256:244fd356243903d87bac65b2ee3c703e111c3111f94e1bba1009e73b7fe7a24e
openshift4/ose-helm-operator@sha256:71394bd627999693dd8ddfc0c44dd8096fc4d7109ca4d847ad427a0838fdcb8b
openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:ae814111d31da3b66bfdbdb669e836e3e4449e3134d2dc408e3d8708d03dd7bf
openshift4/ose-local-storage-diskmaker@sha256:29826c377539db7270a8150528a70219e88e994eb3ab087186845c232e567efa
openshift4/ose-local-storage-mustgather-rhel8@sha256:6df6d41ba34ed63a939bc9e65da7ead009f55f5289a851ef1668ab1c34634338
openshift4/ose-local-storage-operator@sha256:1a7a32c943d6e24d9ea23805f572e8eb34ee524388871ef8e53a50600b404bcc
openshift4/ose-node-feature-discovery@sha256:09bc5e2234ae77f9d59892f087f827713faad15a9cf38c3f4e23b4e1b584dd7e
openshift4/ose-node-problem-detector-rhel8@sha256:5c544e582698cc23246e5dd57b6fcfac6d2307d3783c10bc8da4c5929efbfc52
openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:73f9b59472cbb60315d1863fc658699e75c70119618b4693bbb1e2ffb23d8c59
openshift4/ose-operator-sdk-rhel8@sha256:44a794c99940aca9fae999f8d35c3dab28affd34024aed40d9efbd07b516a1be
openshift4/ose-service-idler-rhel8@sha256:7618be5e6639e1c6a7ff7b81000535fb10aea2dd31400c5aa2ceda74cabc48e2
openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:d8d5c62d48138a3152fbace4daef6e2a76dd5c26b9a3daad75b3491b19a7e4ad
openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:2e9830e363842af9d85fefd3ab71de7a72f7011bc36a5c4f3bf55d94cbf4b94a
x86_64
openshift4/metallb-rhel8@sha256:2ae4c0066891dfea321aa379404fac4572586e73cad45d2d2310dea4fed76ed9
openshift-tech-preview/metallb-rhel8@sha256:2ae4c0066891dfea321aa379404fac4572586e73cad45d2d2310dea4fed76ed9
openshift4/cloud-event-proxy-rhel8@sha256:805d1e17fdfa2737fddfcded66aad5407429b5ddbe78941ba6a4dcbf19559091
openshift4/ose-cloud-event-proxy@sha256:805d1e17fdfa2737fddfcded66aad5407429b5ddbe78941ba6a4dcbf19559091
openshift4/dpu-network-rhel8-operator@sha256:1c5aa49107f3fac1042b80b6ba9574fd5e176507a3bcb0359fb37d58f85382b8
openshift4/frr-rhel8@sha256:5a2bd52e3a4c77dd8e2c2992bd3f14d35bf8d094eebdd881e54af7d8da15f65b
openshift4/ingress-node-firewall@sha256:d13a52f216289fc73a7380e42401f936e1a2b877a442be905b6377e95144a196
openshift4/ingress-node-firewall-rhel8-operator@sha256:06af91381cb04a721bfea9b2766a257c300c73d450ccc8300f2f62a2989afb75
openshift4/kubernetes-nmstate-rhel8-operator@sha256:87fb0ab6ce14134145937948edc330008133ac61570c34e6f71ba71ec3a3e006
openshift4/metallb-rhel8-operator@sha256:7cf259160572c26d436e9076cf524fc09be1ad188d7d493ac4b436cc2155e8bb
openshift4/ose-ansible-operator@sha256:7dbe2a567d06b6bef9acebf70675be028b95cb767d13fac51684aec7586ba0c7
openshift4/ose-aws-efs-csi-driver-container-rhel8@sha256:90c00cbf612895608661d4b8ab0988e41b52140f7675c6d72deffb7c8d4eb5e6
openshift4/ose-aws-efs-csi-driver-rhel8-operator@sha256:f11cf9d64b4d26bc2fac016d79119516eae0fa1259c0344adc1c41ef07d4c3e7
openshift4/ose-cluster-capacity@sha256:2c08c79df297b537cbe3385ad9506eeda7a489871f6f739dbc91827cd449c7dc
openshift4/ose-cluster-kube-descheduler-operator@sha256:73ee5e6a343011103e171877c1ba4002a42788a3df9dcc453ba951847b3d3bb6
openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:73ee5e6a343011103e171877c1ba4002a42788a3df9dcc453ba951847b3d3bb6
openshift4/ose-cluster-nfd-operator@sha256:de1c838b99dd681101383030ee954a28010ac153a8f15d2c22e976288d3d1d16
openshift4/ose-clusterresourceoverride-rhel8@sha256:95540ae26d9562097fd48055aa3873f3c481dc8dbbbad6decb40d663265fd0b2
openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:83172c58d13e5f0174f148ab9fff0355b078acce3f8f2c613c979974f782fb0f
openshift4/ose-contour-rhel8@sha256:cf0d457c7884fd75633b60cef9ac3b54e0b5eaaf2143cda51eac0d09b7ea23e9
openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:e66bc0d8c9c4b0a6b3b142eda8678569a1eba41f6b0cb6377a989ff0738c3af1
openshift4/ose-descheduler@sha256:fdb86594a062f33d802c5cdfc91a24d7b1a18900659154fa685fb35326093e6e
openshift4/ose-egress-dns-proxy@sha256:d2216753dab332d69b44d109919807113d5124f0f33d53be321ede8c0c706779
openshift4/ose-egress-http-proxy@sha256:83bc3f410678f8fc764baa7d2d2732e113489064a0cb81403225aa77dc2a4e62
openshift4/ose-egress-router@sha256:c9eda842c8e2ea2635eb1806e2614cb866959e03ee9bc3299a3226ddd8d26f85
openshift4/ose-gcp-filestore-csi-driver-rhel8@sha256:d1de4e628e427143425b8f5f3e29554abd8872748f3a15207e0c95994c21edb8
openshift4/ose-gcp-filestore-csi-driver-rhel8-operator@sha256:8a0ecae48bbe860f129026affd0a0eb09ffe7f8c3edf9463f2ccbb1b2b04d23d
openshift4/ose-helm-operator@sha256:4f1caa8d5a1e37fdddc6804db79367e8b5933c3d6f39811391e4466bdc7d1be2
openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:f2438bb1ca00a7be8ef3b77f1a2eab3658b2cacf8ce7203b2adf019f2ca2c7bd
openshift4/ose-local-storage-diskmaker@sha256:48c626565368f7bb8590909ecf1d7cf0c5a17bcc6807cb27b78f9541b879c2ed
openshift4/ose-local-storage-mustgather-rhel8@sha256:c91764a3dce342bd49ba9898c6ed0c125544ffb1930104a18e3cd31f9dc2fdae
openshift4/ose-local-storage-operator@sha256:0dc3b513bc09188b28f3442c8c5f187efdfe525524e713736648e3e63a75ccd4
openshift4/ose-node-feature-discovery@sha256:6519aba6b9ee2f6413fa52d99b357ded8c2dc15060846a06c569b19c6f008b62
openshift4/ose-node-problem-detector-rhel8@sha256:39baa1e4a4f9527179501c7cb3de63800ca6e223bf0fd74990cad2d8819554fe
openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:00979abdb9435f26ebebbfe57af50db5c5878172701143e9256f51f2763f8c2b
openshift4/ose-operator-sdk-rhel8@sha256:e8a989312fd1292064461be06c1d5adad220f87d60efa1e023c0da3e6edfc022
openshift4/ose-ptp@sha256:b000ac054b62aa1cd8c4667aef04dad90ef5cc06bf8bcaf36f31430021af64ba
openshift4/ose-ptp-operator@sha256:6678242ec2fca95c888c49e5f642d32f09fe12dc95cf8c4a495d010b20b3b453
openshift4/ose-service-idler-rhel8@sha256:5c269c8096a8be2600b413d01a481b97dd4b25375a0e6797d93b82273c21cc45
openshift4/ose-sriov-cni@sha256:1afddc98739409593a2db09db25c1c8d273bf57248c04ccd875f043f4b2925f9
openshift4/ose-sriov-dp-admission-controller@sha256:1e786c721f6de7c27f8558de0ac17bf6adbceef5cd1c2694be052362f3a3bc30
openshift4/ose-sriov-infiniband-cni@sha256:5bdd0f8e10353f4ed022ebe34742415e50c37154c1af3aaba2eb97fc778f3a87
openshift4/ose-sriov-network-config-daemon@sha256:4f06e4dd0247c894064d9d672cc8ea6467e7f7b107d226dca25c50a7ad8a82cb
openshift4/ose-sriov-network-device-plugin@sha256:5411ec879e927caa04c3c7c3e99c88f02cc4665bd716191429feb739531ba822
openshift4/ose-sriov-network-operator@sha256:dcf2b8a93c2277f046c30787cae8a8c1a454ff9449190a356e7e81cfac2dcfde
openshift4/ose-sriov-network-webhook@sha256:848a2a81e3058559dffd4d5982b9a1f3439699a3e35b3eb91e0550f2cdb5cd94
openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:ff66bc5e00ce9e15b10cf4b7936e73a8eb2efa5077d76cf26bd2584d28749956
openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:29cfc8241a8260930f1f09a5db0e5921cdcf97eab99ab733ac9ec165925c6f55
openshift4/ptp-must-gather-rhel8@sha256:41314892ec36f40b712c605ffaebad7b9803f920e2f69576d3e2054ffa2b478a
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2024-0741-03 - Red Hat OpenShift Container Platform release 4.13.33 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.
Ubuntu Security Notice 6287-1 - Simon Ferquel discovered that the Go yaml package incorrectly handled certain YAML documents. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause the system to crash, resulting in a denial of service. It was discovered that the Go yaml package incorrectly handled certain large YAML documents. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause the system to crash, resulting in a denial of service.
Red Hat OpenShift Container Platform release 4.10.60 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3064: A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document.
Red Hat OpenShift Container Platform release 4.11.40 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3064: A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document.
Red Hat Security Advisory 2023-1014-01 - An update for etcd is now available for Red Hat OpenStack Platform 17.0 (Wallaby).
An update for etcd is now available for Red Hat OpenStack Platform 17.0 (Wallaby). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3064: A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document.
Red Hat Security Advisory 2023-0803-01 - An update is now available for Red Hat OpenShift GitOps 1.7. Red Hat Product Security has rated this update as having a security impact of Important.
Red Hat Security Advisory 2023-0804-01 - An update is now available for Red Hat OpenShift GitOps 1.5. Red Hat Product Security has rated this update as having a security impact of Important.
Red Hat Security Advisory 2023-0802-01 - An update is now available for Red Hat OpenShift GitOps 1.6. Red Hat Product Security has rated this update as having a security impact of Important.
An update is now available for Red Hat OpenShift GitOps 1.5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functio...
An update is now available for Red Hat OpenShift GitOps 1.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functio...
An update is now available for Red Hat OpenShift GitOps 1.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issue significantly reduces the amount of entropy generated in short strings by these functio...
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.