Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:3303: Red Hat Security Advisory: OpenShift Container Platform 4.13.1 packages and security update

Red Hat OpenShift Container Platform release 4.13.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.
Red Hat Security Data
#vulnerability#web#linux#red_hat#dos#git#kubernetes#auth#ibm#rpm#docker#ssl

Synopsis

Moderate: OpenShift Container Platform 4.13.1 packages and security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 4.13.1 is now available with updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.13.

Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.1. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHSA-2023:3304

Security Fix(es):

  • golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html

Affected Products

  • Red Hat OpenShift Container Platform 4.13 for RHEL 9 x86_64
  • Red Hat OpenShift Container Platform 4.13 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform for Power 4.13 for RHEL 9 ppc64le
  • Red Hat OpenShift Container Platform for Power 4.13 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 9 s390x
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 8 s390x
  • Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 9 aarch64
  • Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 8 aarch64

Fixes

  • BZ - 2178492 - CVE-2022-41724 golang: crypto/tls: large handshake records may cause panics

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html

Red Hat OpenShift Container Platform 4.13 for RHEL 9

SRPM

cri-o-1.26.3-7.rhaos4.13.gitb3475fb.el9.src.rpm

SHA-256: 8b52559c51f561669d5687269b6c7d2af7091408303cef360d33044ec0e425f7

kata-containers-3.0.2-6.el9.src.rpm

SHA-256: b4ed946fd50fd1e2590f54a438e684d266baa25dadc913a6c65febd57331d455

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el9.src.rpm

SHA-256: 872e9758caf0503b6cb23d7a51550b087f5b99ae66578222a9049517f2fb6f17

podman-4.4.1-4.rhaos4.13.el9.src.rpm

SHA-256: f2a69d728a73164ab8068fb2ac791fc920ed6b0f3da3601367c0b83a9f4ef791

rpm-ostree-2023.3-1.el9_2.src.rpm

SHA-256: ba3314dd475a9c75bbb52a1aeca96958517523abfd1f8b36009e1eec4a7f02b5

x86_64

cri-o-1.26.3-7.rhaos4.13.gitb3475fb.el9.x86_64.rpm

SHA-256: a4818a8bf24cd9bb82c97b6bf615fc14e7a9a75e5a48912be1a0a8643abcf6db

cri-o-debuginfo-1.26.3-7.rhaos4.13.gitb3475fb.el9.x86_64.rpm

SHA-256: 5de10959970e05bc01215f7904ec289b540e9f58152f2f2ca85feb48a8d2264a

cri-o-debugsource-1.26.3-7.rhaos4.13.gitb3475fb.el9.x86_64.rpm

SHA-256: f6eb84e78a18e11892ccd2e884ed7211654fe734e2f91aaff04cdae328565be6

kata-containers-3.0.2-6.el9.x86_64.rpm

SHA-256: 6be35ec4eff2cb09c6f84fdfe26b59c360bde288d80b495981b23eec911c2f7e

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el9.noarch.rpm

SHA-256: 3d1c9e5bbe94a9c85f9364420f10382f3b0153f47e8aea8bb4d7d2c4478d5478

openshift-ansible-test-4.13.0-202305180130.p0.g89eab30.assembly.stream.el9.noarch.rpm

SHA-256: 979781c9b83054ec5a0560ab1b2dfeacd21c274cfb7fecf4170c32621078e62a

podman-4.4.1-4.rhaos4.13.el9.x86_64.rpm

SHA-256: ae3b689663713c3dc090a9365d99fdabdacb18fc79d6ba91c7eee5862b5ffc18

podman-debuginfo-4.4.1-4.rhaos4.13.el9.x86_64.rpm

SHA-256: 3a90b09ebe23737a90b34f24a0ad5ab35cbf92490bc4a19179d3e7a3542fa2ff

podman-debugsource-4.4.1-4.rhaos4.13.el9.x86_64.rpm

SHA-256: 7daf55a3af2716931a4d9a62f32975720fb758977d866c8dd34ff0b6a56c3ed8

podman-docker-4.4.1-4.rhaos4.13.el9.noarch.rpm

SHA-256: 500ba6e417fb3f7ed1b4df0814ee395f0407c47ad4b9af277d7904309eccca91

podman-gvproxy-4.4.1-4.rhaos4.13.el9.x86_64.rpm

SHA-256: 575466f599b54433ec3c5bb7db3ba8c8cbf0e4809053a5c019cceb9e48ccb35b

podman-gvproxy-debuginfo-4.4.1-4.rhaos4.13.el9.x86_64.rpm

SHA-256: bcb0fda50b1da511f5421828ed17fc9d38361d9646398d1a865ac08484d2aeb6

podman-plugins-4.4.1-4.rhaos4.13.el9.x86_64.rpm

SHA-256: 998db4551f5ff0853f459b598a194261ffb08c717a5f0cc6b6b5dc0bf1393377

podman-plugins-debuginfo-4.4.1-4.rhaos4.13.el9.x86_64.rpm

SHA-256: 765bc620484d5dfac7d5495d81a461afb492798970de354599ef7e1f5cf4c483

podman-remote-4.4.1-4.rhaos4.13.el9.x86_64.rpm

SHA-256: caa2a5dd9ebc547bf76f27594428389d70646b1561393740a572c7bc08155188

podman-remote-debuginfo-4.4.1-4.rhaos4.13.el9.x86_64.rpm

SHA-256: 0a82284452b6050d7f5ec6c912be4c5b33d9cbe6400dbcb1c049821209c351d2

podman-tests-4.4.1-4.rhaos4.13.el9.x86_64.rpm

SHA-256: 53759b7c3ee3e18e57914baa217f99d2dcc7849351951344241ac1afa0fdc8eb

rpm-ostree-2023.3-1.el9_2.x86_64.rpm

SHA-256: 05afe43431c5f25cf4f4302911df83f92c6d669f6ee3d802ee8479448b3e65c4

rpm-ostree-debuginfo-2023.3-1.el9_2.x86_64.rpm

SHA-256: bbe56c0952e41e7e423e79f1582593d3a0fd23016851a79ae429b33685280335

rpm-ostree-debugsource-2023.3-1.el9_2.x86_64.rpm

SHA-256: ea089d771504a645108eca6d2ac218540e2a2607246678c69755525707c99f88

rpm-ostree-devel-2023.3-1.el9_2.x86_64.rpm

SHA-256: 6de97198e845ec85d6881d4ec3e8bcc1cc1694092a604c8df03432b250c3e5f5

rpm-ostree-libs-2023.3-1.el9_2.x86_64.rpm

SHA-256: bcffe73faa3a5e90ef73a5345b2a4320295bf5bf59f0d2b91341734ae273ef8f

rpm-ostree-libs-debuginfo-2023.3-1.el9_2.x86_64.rpm

SHA-256: 6d098e3d762a9328323ec8fa3110c6da113571a5d846b36af4dfd0c57cb88e60

Red Hat OpenShift Container Platform 4.13 for RHEL 8

SRPM

cri-o-1.26.3-6.rhaos4.13.gitb3475fb.el8.src.rpm

SHA-256: 1da7423b5fa5f16c7fb40542a598fb5655131b50547baaf13148eb0f67fed135

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el8.src.rpm

SHA-256: e3f523ddbacd57d1e6cea17b832b0e1bdf8511cc8ac391355ad46e9b5b1dedb8

openshift-kuryr-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.src.rpm

SHA-256: 999ba8272f050c4ed423f8f98fe6d7060e975eee063c0eef9ea2e2d8abbb399c

x86_64

cri-o-1.26.3-6.rhaos4.13.gitb3475fb.el8.x86_64.rpm

SHA-256: c1e2da16994ac566849564590940aea830638d393ed8d03b038880f8cba079f4

cri-o-debuginfo-1.26.3-6.rhaos4.13.gitb3475fb.el8.x86_64.rpm

SHA-256: 98dee9d9fe83e4c568e6f27a99a137cee9c7543d4bef3a21816012e08e510210

cri-o-debugsource-1.26.3-6.rhaos4.13.gitb3475fb.el8.x86_64.rpm

SHA-256: 2c55fbfb03ce18f2680166b0426ca19765e8b2732bf63a5c7cbc3190416e3bb4

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el8.noarch.rpm

SHA-256: 28ba25fd6db0b40980b68f9993e91a4b97657d754e9b85d8c847509ab4d644f8

openshift-ansible-test-4.13.0-202305180130.p0.g89eab30.assembly.stream.el8.noarch.rpm

SHA-256: 2bc28baf9aa142ce32bca47c47bc61646ead5e7b5525908af3e96388042b094c

openshift-kuryr-cni-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: e0cef02621a9ff1d61d56eb1e7a06b2adc2751521fedb1c87691ea783f437ed1

openshift-kuryr-common-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: 1412e72a46190f585ed0ca6d0275a3cd2b851e570e02ba30c110211ab6234393

openshift-kuryr-controller-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: 29b7a170bf81633dcaf87d6e737b955c16243d7576e14e1650702f733568b90a

python3-kuryr-kubernetes-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: 4045b4b0cc01464a89133581300bab38ec9843b696cc01ecda7ae36c0a5ba10b

Red Hat OpenShift Container Platform for Power 4.13 for RHEL 9

SRPM

cri-o-1.26.3-7.rhaos4.13.gitb3475fb.el9.src.rpm

SHA-256: 8b52559c51f561669d5687269b6c7d2af7091408303cef360d33044ec0e425f7

kata-containers-3.0.2-6.el9.src.rpm

SHA-256: b4ed946fd50fd1e2590f54a438e684d266baa25dadc913a6c65febd57331d455

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el9.src.rpm

SHA-256: 872e9758caf0503b6cb23d7a51550b087f5b99ae66578222a9049517f2fb6f17

podman-4.4.1-4.rhaos4.13.el9.src.rpm

SHA-256: f2a69d728a73164ab8068fb2ac791fc920ed6b0f3da3601367c0b83a9f4ef791

rpm-ostree-2023.3-1.el9_2.src.rpm

SHA-256: ba3314dd475a9c75bbb52a1aeca96958517523abfd1f8b36009e1eec4a7f02b5

ppc64le

cri-o-1.26.3-7.rhaos4.13.gitb3475fb.el9.ppc64le.rpm

SHA-256: 86e46d9c169f3f5dbd0bd5bb8cd3028a0ddc8beaf50e98e8ba22d6dc5275568d

cri-o-debuginfo-1.26.3-7.rhaos4.13.gitb3475fb.el9.ppc64le.rpm

SHA-256: 4414cceb320fe4f5b9fa584ed398ee9221fcf41ea9f1c95f0e126f2e68e71fef

cri-o-debugsource-1.26.3-7.rhaos4.13.gitb3475fb.el9.ppc64le.rpm

SHA-256: fc69fa9c432abcb89a624329e52bc79560fd2190d31dd80b835fb275e158e9d4

kata-containers-3.0.2-6.el9.ppc64le.rpm

SHA-256: 4ad48cc58704916e35e47940dca12da5765d95204db721c9bdd76f9f99c2520d

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el9.noarch.rpm

SHA-256: 3d1c9e5bbe94a9c85f9364420f10382f3b0153f47e8aea8bb4d7d2c4478d5478

openshift-ansible-test-4.13.0-202305180130.p0.g89eab30.assembly.stream.el9.noarch.rpm

SHA-256: 979781c9b83054ec5a0560ab1b2dfeacd21c274cfb7fecf4170c32621078e62a

podman-4.4.1-4.rhaos4.13.el9.ppc64le.rpm

SHA-256: 9ef81644bd1f4627119dd2aa15a96be749ac562d0b43b77fc7f32fc9f76ddb66

podman-debuginfo-4.4.1-4.rhaos4.13.el9.ppc64le.rpm

SHA-256: bc6e6929b085df69a2f578caedca763a4e574c39c4ae897b12881a9ea162cbbd

podman-debugsource-4.4.1-4.rhaos4.13.el9.ppc64le.rpm

SHA-256: 140d2dc1cdd5063ee0ddc18c67afb1499a507ab1f28dd94840b3f158d1de8255

podman-docker-4.4.1-4.rhaos4.13.el9.noarch.rpm

SHA-256: 500ba6e417fb3f7ed1b4df0814ee395f0407c47ad4b9af277d7904309eccca91

podman-gvproxy-4.4.1-4.rhaos4.13.el9.ppc64le.rpm

SHA-256: 34f65edc98996cfa713826df73090d7abe4f91211dd8ea7ec545d79815cd685c

podman-gvproxy-debuginfo-4.4.1-4.rhaos4.13.el9.ppc64le.rpm

SHA-256: 941644043d4c60787dd6e0decce38d90b00a65f9f176aa130af0d553590e62a0

podman-plugins-4.4.1-4.rhaos4.13.el9.ppc64le.rpm

SHA-256: aa2ba38fee56091cb5fffb9c36fba4fcd1dc135ef74199c4e41067330492b810

podman-plugins-debuginfo-4.4.1-4.rhaos4.13.el9.ppc64le.rpm

SHA-256: e4397ec10c0c62c3284e73e7eb75b22f4b73340c25606e59090b5d6fed31155f

podman-remote-4.4.1-4.rhaos4.13.el9.ppc64le.rpm

SHA-256: 08d9dca041171c090f859993652baaa529d2412e36bf0dad58d6e80738cd2c71

podman-remote-debuginfo-4.4.1-4.rhaos4.13.el9.ppc64le.rpm

SHA-256: a14cda9c4b16315a7470695d0e9ddad3392e7fea542f99c2e22a8f3773d2c57d

podman-tests-4.4.1-4.rhaos4.13.el9.ppc64le.rpm

SHA-256: 25d06bf8193b008af9222a421b454bf0c8dbe82c2e9185cb88fe50aa7626ef61

rpm-ostree-2023.3-1.el9_2.ppc64le.rpm

SHA-256: d8fb554a6e2387bad8c21dbadf4413aad19ca46f0cfad6ac57c2b0edb35408a5

rpm-ostree-debuginfo-2023.3-1.el9_2.ppc64le.rpm

SHA-256: 163b1472fd5e44a1898a33d0afb4ac0f0972e413e7a7ed2d29a6d59a6a99e662

rpm-ostree-debugsource-2023.3-1.el9_2.ppc64le.rpm

SHA-256: 651be9c5281ed098b3e20a0130ea4e197ddd715ec29125264ec5f051039adebc

rpm-ostree-devel-2023.3-1.el9_2.ppc64le.rpm

SHA-256: b10af39c3e1c0655084bac23eb9db0091ffe8772703b756407aab801c98de377

rpm-ostree-libs-2023.3-1.el9_2.ppc64le.rpm

SHA-256: aeb12db661795b62c703a10c8b3d57684f2870c01ae42ebb769af2072c1fb44a

rpm-ostree-libs-debuginfo-2023.3-1.el9_2.ppc64le.rpm

SHA-256: c2bef150966ccb7cce0f6701b55742a26d77e828fe9527853e7174074e991e81

Red Hat OpenShift Container Platform for Power 4.13 for RHEL 8

SRPM

cri-o-1.26.3-6.rhaos4.13.gitb3475fb.el8.src.rpm

SHA-256: 1da7423b5fa5f16c7fb40542a598fb5655131b50547baaf13148eb0f67fed135

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el8.src.rpm

SHA-256: e3f523ddbacd57d1e6cea17b832b0e1bdf8511cc8ac391355ad46e9b5b1dedb8

openshift-kuryr-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.src.rpm

SHA-256: 999ba8272f050c4ed423f8f98fe6d7060e975eee063c0eef9ea2e2d8abbb399c

ppc64le

cri-o-1.26.3-6.rhaos4.13.gitb3475fb.el8.ppc64le.rpm

SHA-256: f574e3e3a4d0196dfbfa651d4ac8436c562e0ff1dfb60a3a9de52519e498ae29

cri-o-debuginfo-1.26.3-6.rhaos4.13.gitb3475fb.el8.ppc64le.rpm

SHA-256: 6c5a1305b7bb9081a01fff58de687c932d1fd6bdeb8771e461be6a3c064b54d5

cri-o-debugsource-1.26.3-6.rhaos4.13.gitb3475fb.el8.ppc64le.rpm

SHA-256: 0f09d2646c3501e092c63c81fcac4d36245fc9d04acee4b9af570724dbdbe180

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el8.noarch.rpm

SHA-256: 28ba25fd6db0b40980b68f9993e91a4b97657d754e9b85d8c847509ab4d644f8

openshift-ansible-test-4.13.0-202305180130.p0.g89eab30.assembly.stream.el8.noarch.rpm

SHA-256: 2bc28baf9aa142ce32bca47c47bc61646ead5e7b5525908af3e96388042b094c

openshift-kuryr-cni-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: e0cef02621a9ff1d61d56eb1e7a06b2adc2751521fedb1c87691ea783f437ed1

openshift-kuryr-common-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: 1412e72a46190f585ed0ca6d0275a3cd2b851e570e02ba30c110211ab6234393

openshift-kuryr-controller-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: 29b7a170bf81633dcaf87d6e737b955c16243d7576e14e1650702f733568b90a

python3-kuryr-kubernetes-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: 4045b4b0cc01464a89133581300bab38ec9843b696cc01ecda7ae36c0a5ba10b

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 9

SRPM

cri-o-1.26.3-7.rhaos4.13.gitb3475fb.el9.src.rpm

SHA-256: 8b52559c51f561669d5687269b6c7d2af7091408303cef360d33044ec0e425f7

kata-containers-3.0.2-6.el9.src.rpm

SHA-256: b4ed946fd50fd1e2590f54a438e684d266baa25dadc913a6c65febd57331d455

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el9.src.rpm

SHA-256: 872e9758caf0503b6cb23d7a51550b087f5b99ae66578222a9049517f2fb6f17

podman-4.4.1-4.rhaos4.13.el9.src.rpm

SHA-256: f2a69d728a73164ab8068fb2ac791fc920ed6b0f3da3601367c0b83a9f4ef791

rpm-ostree-2023.3-1.el9_2.src.rpm

SHA-256: ba3314dd475a9c75bbb52a1aeca96958517523abfd1f8b36009e1eec4a7f02b5

s390x

cri-o-1.26.3-7.rhaos4.13.gitb3475fb.el9.s390x.rpm

SHA-256: fb82b0650d3a2a5f266aa35bc9333f95167295c9b3569518f6c306b3fe336ad6

cri-o-debuginfo-1.26.3-7.rhaos4.13.gitb3475fb.el9.s390x.rpm

SHA-256: 8b481151aa0a4f365dff74aad94e9166f32f9874517464b5b7191139e2e1744e

cri-o-debugsource-1.26.3-7.rhaos4.13.gitb3475fb.el9.s390x.rpm

SHA-256: 9529c4938cff165528ed236e5167347e4f79eb78daa53569d9badf43c50d984a

kata-containers-3.0.2-6.el9.s390x.rpm

SHA-256: 0bb88192a997fdd9df9c3c097e920c5d3fe812fdec541b507c0949707db85f06

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el9.noarch.rpm

SHA-256: 3d1c9e5bbe94a9c85f9364420f10382f3b0153f47e8aea8bb4d7d2c4478d5478

openshift-ansible-test-4.13.0-202305180130.p0.g89eab30.assembly.stream.el9.noarch.rpm

SHA-256: 979781c9b83054ec5a0560ab1b2dfeacd21c274cfb7fecf4170c32621078e62a

podman-4.4.1-4.rhaos4.13.el9.s390x.rpm

SHA-256: 844371d1dbab54bd32a07a581b23eea2feee8e2539a5652b01d1a7a1cd5b579d

podman-debuginfo-4.4.1-4.rhaos4.13.el9.s390x.rpm

SHA-256: 8b83f6e20ac418b19c9bb5516897938ddd6063051801a67ec309187f31f75343

podman-debugsource-4.4.1-4.rhaos4.13.el9.s390x.rpm

SHA-256: dba641be0779551b0d3b77a6c8cc92cd90842ba5e1647b96a1682974ac1e6465

podman-docker-4.4.1-4.rhaos4.13.el9.noarch.rpm

SHA-256: 500ba6e417fb3f7ed1b4df0814ee395f0407c47ad4b9af277d7904309eccca91

podman-gvproxy-4.4.1-4.rhaos4.13.el9.s390x.rpm

SHA-256: df399fbbab7a0af792b3c6a1879d3cdd6694832892b9abead0bf45617e0ee7f6

podman-gvproxy-debuginfo-4.4.1-4.rhaos4.13.el9.s390x.rpm

SHA-256: 3d9d19beab36e00d8e363d6f119f603d85fb0707ece04ccfe43905d3c45a2730

podman-plugins-4.4.1-4.rhaos4.13.el9.s390x.rpm

SHA-256: 95bcee7029943fe207448e2211c6174d53c351e1304bb4861cfa5c885a577fd0

podman-plugins-debuginfo-4.4.1-4.rhaos4.13.el9.s390x.rpm

SHA-256: d26636242165a4ed082d23815cb88b79ec55b538a0dd6980fbc51aa220453dae

podman-remote-4.4.1-4.rhaos4.13.el9.s390x.rpm

SHA-256: 031994bbd424b43d332642b9554ec04c8fcacdc3d6031bcd2c59c203a3a364c0

podman-remote-debuginfo-4.4.1-4.rhaos4.13.el9.s390x.rpm

SHA-256: 51377a6822fb759d7333e3e8e8cc285d96c75f8d3e491c73c49b2ea13346eb0c

podman-tests-4.4.1-4.rhaos4.13.el9.s390x.rpm

SHA-256: b3e3a509bf86bd0369219b1bb0233bed654441607483908d6603de01f6626335

rpm-ostree-2023.3-1.el9_2.s390x.rpm

SHA-256: da0a441d56a081a261c84ce53b5954895d44239fb4bf7c89cfff11f3953a7485

rpm-ostree-debuginfo-2023.3-1.el9_2.s390x.rpm

SHA-256: e60e8ec0bf63fe6fb86479361e2adf5017327e4091a4e8316ef89d8a53ffdc20

rpm-ostree-debugsource-2023.3-1.el9_2.s390x.rpm

SHA-256: 92e2c9287d1d5fe5c225074c678cddae031f22881d17f37b2b427383c0dd84cc

rpm-ostree-devel-2023.3-1.el9_2.s390x.rpm

SHA-256: 02b0dd5d00882fcb10c3058a9a1a7eae19fa36ea850e48cc1a5f8570ab5739d4

rpm-ostree-libs-2023.3-1.el9_2.s390x.rpm

SHA-256: dc02dbb9f506df108bb3f3cbfed728d073341ac1840f5789f30ae71a8f804949

rpm-ostree-libs-debuginfo-2023.3-1.el9_2.s390x.rpm

SHA-256: c2ec0cd7df2fbd583bf9fee10a3a03890935382c092ed90277f8f165a3493af3

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 8

SRPM

cri-o-1.26.3-6.rhaos4.13.gitb3475fb.el8.src.rpm

SHA-256: 1da7423b5fa5f16c7fb40542a598fb5655131b50547baaf13148eb0f67fed135

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el8.src.rpm

SHA-256: e3f523ddbacd57d1e6cea17b832b0e1bdf8511cc8ac391355ad46e9b5b1dedb8

openshift-kuryr-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.src.rpm

SHA-256: 999ba8272f050c4ed423f8f98fe6d7060e975eee063c0eef9ea2e2d8abbb399c

s390x

cri-o-1.26.3-6.rhaos4.13.gitb3475fb.el8.s390x.rpm

SHA-256: 8ea8da10153626f3efce3f0e601e555e9f8b58855e0488d7b7ad205fff88ed8c

cri-o-debuginfo-1.26.3-6.rhaos4.13.gitb3475fb.el8.s390x.rpm

SHA-256: 42821972b6129955f38191031976693866c04af6b232cf49be4cd8edada0fbbf

cri-o-debugsource-1.26.3-6.rhaos4.13.gitb3475fb.el8.s390x.rpm

SHA-256: eeb62ac0cd8aa3501640df435740fa7d6f70215d0cac71b173dd772e89e986d4

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el8.noarch.rpm

SHA-256: 28ba25fd6db0b40980b68f9993e91a4b97657d754e9b85d8c847509ab4d644f8

openshift-ansible-test-4.13.0-202305180130.p0.g89eab30.assembly.stream.el8.noarch.rpm

SHA-256: 2bc28baf9aa142ce32bca47c47bc61646ead5e7b5525908af3e96388042b094c

openshift-kuryr-cni-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: e0cef02621a9ff1d61d56eb1e7a06b2adc2751521fedb1c87691ea783f437ed1

openshift-kuryr-common-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: 1412e72a46190f585ed0ca6d0275a3cd2b851e570e02ba30c110211ab6234393

openshift-kuryr-controller-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: 29b7a170bf81633dcaf87d6e737b955c16243d7576e14e1650702f733568b90a

python3-kuryr-kubernetes-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: 4045b4b0cc01464a89133581300bab38ec9843b696cc01ecda7ae36c0a5ba10b

Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 9

SRPM

cri-o-1.26.3-7.rhaos4.13.gitb3475fb.el9.src.rpm

SHA-256: 8b52559c51f561669d5687269b6c7d2af7091408303cef360d33044ec0e425f7

kata-containers-3.0.2-6.el9.src.rpm

SHA-256: b4ed946fd50fd1e2590f54a438e684d266baa25dadc913a6c65febd57331d455

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el9.src.rpm

SHA-256: 872e9758caf0503b6cb23d7a51550b087f5b99ae66578222a9049517f2fb6f17

podman-4.4.1-4.rhaos4.13.el9.src.rpm

SHA-256: f2a69d728a73164ab8068fb2ac791fc920ed6b0f3da3601367c0b83a9f4ef791

rpm-ostree-2023.3-1.el9_2.src.rpm

SHA-256: ba3314dd475a9c75bbb52a1aeca96958517523abfd1f8b36009e1eec4a7f02b5

aarch64

cri-o-1.26.3-7.rhaos4.13.gitb3475fb.el9.aarch64.rpm

SHA-256: c8723fb39458b7ee4a9fee4b2bd0f0149af59d3223bc91f0c0c4c65f2673b213

cri-o-debuginfo-1.26.3-7.rhaos4.13.gitb3475fb.el9.aarch64.rpm

SHA-256: 5bb06dcd89e03e9ad9bdf499cd9d75e27e9d685b1333a7ebdd28fa454c4d7154

cri-o-debugsource-1.26.3-7.rhaos4.13.gitb3475fb.el9.aarch64.rpm

SHA-256: e87a47ff753fa7f79214f44ff061541f870dc97af1a56f4a97a705059754aa4a

kata-containers-3.0.2-6.el9.aarch64.rpm

SHA-256: 5ee2b5d344c1fc2910ed8c635203cef0c75c911a08f7fb3278a649c17bf12acb

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el9.noarch.rpm

SHA-256: 3d1c9e5bbe94a9c85f9364420f10382f3b0153f47e8aea8bb4d7d2c4478d5478

openshift-ansible-test-4.13.0-202305180130.p0.g89eab30.assembly.stream.el9.noarch.rpm

SHA-256: 979781c9b83054ec5a0560ab1b2dfeacd21c274cfb7fecf4170c32621078e62a

podman-4.4.1-4.rhaos4.13.el9.aarch64.rpm

SHA-256: 0f348aabc43d0e81a85a0428bd97480488fd419eba7615ef18bfd45051a61005

podman-debuginfo-4.4.1-4.rhaos4.13.el9.aarch64.rpm

SHA-256: 2eebf30d94c130bb109868ffa60e8592faa3736e1bcaaa768b6f154b3cbda0ca

podman-debugsource-4.4.1-4.rhaos4.13.el9.aarch64.rpm

SHA-256: 2f2096e6c82ea135d41a0c4d6bce2776f356d32b9a0a7a8ffdc7da9c66153d74

podman-docker-4.4.1-4.rhaos4.13.el9.noarch.rpm

SHA-256: 500ba6e417fb3f7ed1b4df0814ee395f0407c47ad4b9af277d7904309eccca91

podman-gvproxy-4.4.1-4.rhaos4.13.el9.aarch64.rpm

SHA-256: 754937a14419a6e5be58bdd51de94decac8da914d525da11e29e8e6b47b0a0fe

podman-gvproxy-debuginfo-4.4.1-4.rhaos4.13.el9.aarch64.rpm

SHA-256: d8feb8ddd3e200cf3d5a799349b15cd1f1a4aa4af129b8d67acfe3eb6c365041

podman-plugins-4.4.1-4.rhaos4.13.el9.aarch64.rpm

SHA-256: 26118ed00b1e1758258da58c245cf4e075fa143cccf6a837bc94b59d531e4c76

podman-plugins-debuginfo-4.4.1-4.rhaos4.13.el9.aarch64.rpm

SHA-256: be256f4841c7d4f55119041d76a537ea55a0509e7474f7b2051a93fa82b78d78

podman-remote-4.4.1-4.rhaos4.13.el9.aarch64.rpm

SHA-256: a74222fc4b7cb3dd5c838ce900039f885df0b0dccc6d9a75e02b498e1e06dc7b

podman-remote-debuginfo-4.4.1-4.rhaos4.13.el9.aarch64.rpm

SHA-256: 56f896a56008f76224d7127dc4bafd0f03a52b259149c021843b9fc3b88909dc

podman-tests-4.4.1-4.rhaos4.13.el9.aarch64.rpm

SHA-256: 31452e9aee6ff527a259d6f59c13266de328b41db9ee074bdaf0b3672a73f2bf

rpm-ostree-2023.3-1.el9_2.aarch64.rpm

SHA-256: 9c2999b8668b86a435007f882e2a1306fb891b4230e2fe623cf5c650578d74ba

rpm-ostree-debuginfo-2023.3-1.el9_2.aarch64.rpm

SHA-256: 80324315c52c3e0394d834b08bf7287e33bd2d1a92c56b9d515bb9f997c504c5

rpm-ostree-debugsource-2023.3-1.el9_2.aarch64.rpm

SHA-256: 76fc91ef4235c436b7fa8056139d601bb515347c78e98891097b7f2b5c2d0150

rpm-ostree-devel-2023.3-1.el9_2.aarch64.rpm

SHA-256: f41847a39ca2e3260072787ccc9be6d6341e854166801abdbbd1b223b8440eea

rpm-ostree-libs-2023.3-1.el9_2.aarch64.rpm

SHA-256: dc8b0537af30e80d2c9fb0f31eaf0f15b3760e4435ea140f41b5bfd3623c1c16

rpm-ostree-libs-debuginfo-2023.3-1.el9_2.aarch64.rpm

SHA-256: 2d1bb6320c8fdeadcfff018314cfc9f2d636f7a6b6955fd7b751234ef198e654

Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 8

SRPM

cri-o-1.26.3-6.rhaos4.13.gitb3475fb.el8.src.rpm

SHA-256: 1da7423b5fa5f16c7fb40542a598fb5655131b50547baaf13148eb0f67fed135

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el8.src.rpm

SHA-256: e3f523ddbacd57d1e6cea17b832b0e1bdf8511cc8ac391355ad46e9b5b1dedb8

openshift-kuryr-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.src.rpm

SHA-256: 999ba8272f050c4ed423f8f98fe6d7060e975eee063c0eef9ea2e2d8abbb399c

aarch64

cri-o-1.26.3-6.rhaos4.13.gitb3475fb.el8.aarch64.rpm

SHA-256: 24339c06a46279490018f156bd43b55ae32b2c4f0ebe4f220a5486b6586390f8

cri-o-debuginfo-1.26.3-6.rhaos4.13.gitb3475fb.el8.aarch64.rpm

SHA-256: 9c301805a6a17703963a25822ebfc79cf3db83360aa014166f91250a0aa777c6

cri-o-debugsource-1.26.3-6.rhaos4.13.gitb3475fb.el8.aarch64.rpm

SHA-256: 6bc4c2d7f136acd7aa63f7ace5db01d2a66f9b5f041178d4b4316b8e4d693502

openshift-ansible-4.13.0-202305180130.p0.g89eab30.assembly.stream.el8.noarch.rpm

SHA-256: 28ba25fd6db0b40980b68f9993e91a4b97657d754e9b85d8c847509ab4d644f8

openshift-ansible-test-4.13.0-202305180130.p0.g89eab30.assembly.stream.el8.noarch.rpm

SHA-256: 2bc28baf9aa142ce32bca47c47bc61646ead5e7b5525908af3e96388042b094c

openshift-kuryr-cni-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: e0cef02621a9ff1d61d56eb1e7a06b2adc2751521fedb1c87691ea783f437ed1

openshift-kuryr-common-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: 1412e72a46190f585ed0ca6d0275a3cd2b851e570e02ba30c110211ab6234393

openshift-kuryr-controller-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: 29b7a170bf81633dcaf87d6e737b955c16243d7576e14e1650702f733568b90a

python3-kuryr-kubernetes-4.13.0-202305171615.p0.g3055dbe.assembly.stream.el8.noarch.rpm

SHA-256: 4045b4b0cc01464a89133581300bab38ec9843b696cc01ecda7ae36c0a5ba10b

Related news

Gentoo Linux Security Advisory 202311-09

Gentoo Linux Security Advisory 202311-9 - Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. Versions greater than or equal to 1.20.10 are affected.

Red Hat Security Advisory 2023-5964-01

Red Hat Security Advisory 2023-5964-01 - An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform 16.2.5. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-5935-01

Red Hat Security Advisory 2023-5935-01 - An update for osp-director-agent-container, osp-director-downloader-container, osp-director-operator-bundle-container, and osp-director-operator-container is now available for Red Hat OpenStack Platform 16.2.5. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-4627-01

Red Hat Security Advisory 2023-4627-01 - Migration Toolkit for Applications 6.2.0 Images. Issues addressed include a denial of service vulnerability.

RHSA-2023:4335: Red Hat Security Advisory: Security Update for cert-manager Operator for Red Hat OpenShift 1.10.3

cert-manager Operator for Red Hat OpenShift 1.10.3 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specia...

RHSA-2023:4470: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.3 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.3 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys ca...

RHSA-2023:4003: Red Hat Security Advisory: Red Hat Service Interconnect 1.4 Release security update

This is release 1.4 of the rpms for Red Hat Service Interconnect. Red Hat Service Interconnect 1.4 introduces a service network, linking TCP and HTTP services across the hybrid cloud. A service network enables communication between services running in different network locations or sites. It allows geographically distributed services to connect as if they were all running in the same site. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2879: A flaw was found in the gol...

RHSA-2023:3925: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...

Red Hat Security Advisory 2023-3612-01

Red Hat Security Advisory 2023-3612-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.4. Issues addressed include a denial of service vulnerability.

RHSA-2023:3742: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update

Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...

RHSA-2023:3366: Red Hat Security Advisory: OpenShift Container Platform 4.13.2 packages and security update

Red Hat OpenShift Container Platform release 4.13.2 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms...

Ubuntu Security Notice USN-6140-1

Ubuntu Security Notice 6140-1 - It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. It was discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10.

Red Hat Security Advisory 2023-3445-01

Red Hat Security Advisory 2023-3445-01 - An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Issues addressed include a denial of service vulnerability.

RHSA-2023:3455: Red Hat Security Advisory: Release of OpenShift Serverless 1.29.0

OpenShift Serverless version 1.29.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System (CVSS) base score.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker ...

Red Hat Security Advisory 2023-3303-01

Red Hat Security Advisory 2023-3303-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.1.

Red Hat Security Advisory 2023-1325-01

Red Hat Security Advisory 2023-1325-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, and information leakage vulnerabilities.

Red Hat Security Advisory 2023-1328-01

Red Hat Security Advisory 2023-1328-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include denial of service and out of bounds read vulnerabilities.

RHSA-2023:3167: Red Hat Security Advisory: Red Hat build of Cryostat 2.3.0: new RHEL 8 container images

New Red Hat build of Cryostat 2.3.0 on RHEL 8 container images are now availableThis content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition. * CVE-2022-41725: A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption...

RHSA-2023:1325: Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update

Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2990: An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has d...

Red Hat Security Advisory 2023-1327-01

Red Hat Security Advisory 2023-1327-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.0.

RHSA-2023:3083: Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition. * CVE-2022-41725: A flaw was found in Go, where it is vulnerable to a den...

Red Hat Security Advisory 2023-1817-01

Red Hat Security Advisory 2023-1817-01 - Network Observability 1.2.0 is an OpenShift operator that provides a monitoring pipeline to collect and enrich network flows that are produced by the Network observability eBPF agent. The operator provides dashboards, metrics, and keeps flows accessible in a queryable log store, Grafana Loki. When a FlowCollector is deployed, new dashboards are available in the Console. This update contains bug fixes. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-1639-01

Red Hat Security Advisory 2023-1639-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.

RHSA-2023:1639: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.3 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.3 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition. * CVE-2022-41725: A flaw was found in Go, where it is vulnerable to a denial of service caused by a...

CVE-2022-41724: [security] Go 1.20.1 and Go 1.19.6 are released

Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client certificates (by setting Config.ClientAuth >= RequestClientCert).