Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:3924: Red Hat Security Advisory: OpenShift Container Platform 4.12.23 security update

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Red Hat Security Data
#vulnerability#web#linux#red_hat#redis#kubernetes#ibm#rpm

Synopsis

Moderate: OpenShift Container Platform 4.12.23 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.12.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.23. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHSA-2023:3925

Security Fix(es):

  • openshift: OCP & FIPS mode (CVE-2023-3089)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.12/updating/updating-cluster-cli.html

Affected Products

  • Red Hat OpenShift Container Platform 4.12 for RHEL 9 x86_64
  • Red Hat OpenShift Container Platform 4.12 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform for Power 4.12 for RHEL 9 ppc64le
  • Red Hat OpenShift Container Platform for Power 4.12 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.12 for RHEL 9 s390x
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.12 for RHEL 8 s390x
  • Red Hat OpenShift Container Platform for ARM 64 4.12 for RHEL 9 aarch64
  • Red Hat OpenShift Container Platform for ARM 64 4.12 for RHEL 8 aarch64

Fixes

  • BZ - 2212085 - CVE-2023-3089 openshift: OCP & FIPS mode
  • OCPBUGS-15554 - Placeholder bug for OCP 4.12.0 rpm release

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/security/vulnerabilities/RHSB-2023-001

Red Hat OpenShift Container Platform 4.12 for RHEL 9

SRPM

openshift-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el9.src.rpm

SHA-256: 6d8196220d0b5caf48d4792052118573fcc8cb0caf4c40087c0672adb9a49054

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el9.src.rpm

SHA-256: 794579fe516c65042011890375ac394f1e1a07dbee6c9f04b4be992eb53ecdfc

x86_64

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el9.x86_64.rpm

SHA-256: 9bb0145fead3cae39101d0a10eaa7323c3e158a84c50a9d32f5704e6f98a5af1

openshift-clients-redistributable-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el9.x86_64.rpm

SHA-256: 131b87762126f29e4c920f0c8393e1129e35266d72f1f433357fc0a694daa4bf

openshift-hyperkube-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el9.x86_64.rpm

SHA-256: 3d93a197e708286eb2eca1d7bcdacc4c7e5e91ea04cadd8f894d134865c0b640

Red Hat OpenShift Container Platform 4.12 for RHEL 8

SRPM

container-selinux-2.215.0-1.rhaos4.12.el8.src.rpm

SHA-256: 2b29798c035f0d2e57435db5371d10f81419b1d3a71681008100b777462844f0

openshift-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el8.src.rpm

SHA-256: 9eb34b0978acb8e50e200ddbe04dc10a1dd7ea82877cd9c1ae678e233486f42a

openshift-ansible-4.12.0-202306230041.p0.g74dc7b3.assembly.stream.el8.src.rpm

SHA-256: faadd3e579e0b8cd9dedbd819dbc00be16dd1da4012206dd034156c49d2947df

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el8.src.rpm

SHA-256: ff3ed83b8a705489cbad41a5e0ef6c26d8ad19c18b9d1527d1f3edf6ea7a1a70

openshift-kuryr-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.src.rpm

SHA-256: 1cbf6f2a1a0373ab12893f2447f4aed91973624d9e8ff238e040abc1e5af93e9

openshift4-aws-iso-4.12.0-202306230041.p0.gd2acdd5.assembly.stream.el8.src.rpm

SHA-256: ded74b3778ea8716fff8ee261a79c5992fe4f2563219f228c86840c36b354f00

ovn23.06-23.06.0-13.el8fdp.src.rpm

SHA-256: 9d1dae219c040b4c8a2996aff82763a0fdeb8062cac9b3f1659037fe406d4829

x86_64

container-selinux-2.215.0-1.rhaos4.12.el8.noarch.rpm

SHA-256: e504238cd6313bf05111fd56912e76001b3a50ca8612fb64a6b228c2c1cc3abf

openshift-ansible-4.12.0-202306230041.p0.g74dc7b3.assembly.stream.el8.noarch.rpm

SHA-256: 418d00092d9907c8a770e50a6450ff76311c3547a31bee83a6909d5e0babf92c

openshift-ansible-test-4.12.0-202306230041.p0.g74dc7b3.assembly.stream.el8.noarch.rpm

SHA-256: d58d760ac295dff10ddfbbf8115ce731ef6aa714bcb7f1295c22c23c2a067bfe

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el8.x86_64.rpm

SHA-256: b45e4482efd583cc130b07fc43daa12e32ac968196a3b7ff7be0683f4bd7ad33

openshift-clients-redistributable-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el8.x86_64.rpm

SHA-256: 0c8134dc1e1dd0f24524667cedbfb0ecf9601a5bdac33cdd6c79ab2f899faf82

openshift-hyperkube-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el8.x86_64.rpm

SHA-256: 79b5ad40464edf5660464148ea5e6be5a855d59bf3795c0480c63863fc029a50

openshift-kuryr-cni-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: 81ac9a21df76da981ee4c38ddc9a2a9e438beaa2a72d2377b122f4cc54b722ba

openshift-kuryr-common-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: 6f8a4cc8652b26b19e7b397c12579cd7f41926910667692be9ce2e39be94b923

openshift-kuryr-controller-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: c05ef81fd6935193d701de34f3d105135ac155f02758f96b5a1966f10bed6bbb

openshift4-aws-iso-4.12.0-202306230041.p0.gd2acdd5.assembly.stream.el8.noarch.rpm

SHA-256: 743a68636aab25c8aeb381eff15b7566f868aa93cfe8f577a5296c4f333213a5

ovn23.06-23.06.0-13.el8fdp.x86_64.rpm

SHA-256: 5cb79da275fd0466c282d3288d6cbc532d4a3c95f4d2a02ce2b0625e971d8b6d

ovn23.06-central-23.06.0-13.el8fdp.x86_64.rpm

SHA-256: f88986831191c58272a3616ca85803d377d4dc601b5faaac0ebc410fade6e2d5

ovn23.06-central-debuginfo-23.06.0-13.el8fdp.x86_64.rpm

SHA-256: defd929e1bca4c0d149e6c2cfa85b837c814c578a1274bd5ed2b20dfb645880c

ovn23.06-debuginfo-23.06.0-13.el8fdp.x86_64.rpm

SHA-256: 846bc98a8de12c35ece4b6c8c2683f26c0dc43ce7729f43ed4e6416dc9501093

ovn23.06-debugsource-23.06.0-13.el8fdp.x86_64.rpm

SHA-256: f2aea1baa0e707915708a68fc7665646df0d89da5f85e5983343a9047bad44eb

ovn23.06-host-23.06.0-13.el8fdp.x86_64.rpm

SHA-256: 1bf246f0d4e56cba18bd75116051b721bad50a19cb0b44cda3986a3face8921c

ovn23.06-host-debuginfo-23.06.0-13.el8fdp.x86_64.rpm

SHA-256: c3b8119210c1ce1fe7022bf8711262e6d505326c1614ef152498fc4714406b6c

ovn23.06-vtep-23.06.0-13.el8fdp.x86_64.rpm

SHA-256: 2d5e766aaa74716979198500f3acc58f0020e978186f65bb78592eea4cf92898

ovn23.06-vtep-debuginfo-23.06.0-13.el8fdp.x86_64.rpm

SHA-256: 83942e1abc72ceb582cb2a994e2e3fa8324fc257f956bf3e0bcbb7d177c0f539

python3-kuryr-kubernetes-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: f62ae3ee51c54c37000791a9f958f838d8b577148aa27c27dbb2ddacb5cfceff

Red Hat OpenShift Container Platform for Power 4.12 for RHEL 9

SRPM

openshift-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el9.src.rpm

SHA-256: 6d8196220d0b5caf48d4792052118573fcc8cb0caf4c40087c0672adb9a49054

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el9.src.rpm

SHA-256: 794579fe516c65042011890375ac394f1e1a07dbee6c9f04b4be992eb53ecdfc

ppc64le

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el9.ppc64le.rpm

SHA-256: 8b2a02bdd063b9472d583df95f0d75e3122a7761a39251882e67a90fb298d10b

openshift-hyperkube-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el9.ppc64le.rpm

SHA-256: d62fcaeca154a01e5bb03e0dcf88463c01dd5cb801cbde1b776f5fc36e0afd5d

Red Hat OpenShift Container Platform for Power 4.12 for RHEL 8

SRPM

container-selinux-2.215.0-1.rhaos4.12.el8.src.rpm

SHA-256: 2b29798c035f0d2e57435db5371d10f81419b1d3a71681008100b777462844f0

openshift-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el8.src.rpm

SHA-256: 9eb34b0978acb8e50e200ddbe04dc10a1dd7ea82877cd9c1ae678e233486f42a

openshift-ansible-4.12.0-202306230041.p0.g74dc7b3.assembly.stream.el8.src.rpm

SHA-256: faadd3e579e0b8cd9dedbd819dbc00be16dd1da4012206dd034156c49d2947df

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el8.src.rpm

SHA-256: ff3ed83b8a705489cbad41a5e0ef6c26d8ad19c18b9d1527d1f3edf6ea7a1a70

openshift-kuryr-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.src.rpm

SHA-256: 1cbf6f2a1a0373ab12893f2447f4aed91973624d9e8ff238e040abc1e5af93e9

openshift4-aws-iso-4.12.0-202306230041.p0.gd2acdd5.assembly.stream.el8.src.rpm

SHA-256: ded74b3778ea8716fff8ee261a79c5992fe4f2563219f228c86840c36b354f00

ovn23.06-23.06.0-13.el8fdp.src.rpm

SHA-256: 9d1dae219c040b4c8a2996aff82763a0fdeb8062cac9b3f1659037fe406d4829

ppc64le

container-selinux-2.215.0-1.rhaos4.12.el8.noarch.rpm

SHA-256: e504238cd6313bf05111fd56912e76001b3a50ca8612fb64a6b228c2c1cc3abf

openshift-ansible-4.12.0-202306230041.p0.g74dc7b3.assembly.stream.el8.noarch.rpm

SHA-256: 418d00092d9907c8a770e50a6450ff76311c3547a31bee83a6909d5e0babf92c

openshift-ansible-test-4.12.0-202306230041.p0.g74dc7b3.assembly.stream.el8.noarch.rpm

SHA-256: d58d760ac295dff10ddfbbf8115ce731ef6aa714bcb7f1295c22c23c2a067bfe

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el8.ppc64le.rpm

SHA-256: 3f95f6a5881f12e7df859ba9e818ab80b1d9764cc43c09c95969c77993a637c7

openshift-hyperkube-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el8.ppc64le.rpm

SHA-256: f456eaf7f5d65e6722d0ab0e1e2f376a5c120ec84ba94eea75e0bae8cf0363dc

openshift-kuryr-cni-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: 81ac9a21df76da981ee4c38ddc9a2a9e438beaa2a72d2377b122f4cc54b722ba

openshift-kuryr-common-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: 6f8a4cc8652b26b19e7b397c12579cd7f41926910667692be9ce2e39be94b923

openshift-kuryr-controller-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: c05ef81fd6935193d701de34f3d105135ac155f02758f96b5a1966f10bed6bbb

openshift4-aws-iso-4.12.0-202306230041.p0.gd2acdd5.assembly.stream.el8.noarch.rpm

SHA-256: 743a68636aab25c8aeb381eff15b7566f868aa93cfe8f577a5296c4f333213a5

ovn23.06-23.06.0-13.el8fdp.ppc64le.rpm

SHA-256: edbde0261ffe6bcc23e81bec1650da1a15ad4f2df07a35c685536efdfcbd3182

ovn23.06-central-23.06.0-13.el8fdp.ppc64le.rpm

SHA-256: e0982c6a96a35aaae29541fde314c63160b8a8fd8ef154b8bd6962ccd019137f

ovn23.06-central-debuginfo-23.06.0-13.el8fdp.ppc64le.rpm

SHA-256: de9374928ed94378a5020b6d4515dc76db86f01b8a6521a4a5e3402046465dd7

ovn23.06-debuginfo-23.06.0-13.el8fdp.ppc64le.rpm

SHA-256: 079644cbd8d3d4cbe7a6f2428c5f9a31a30c1a023c2833ac577610ad4b2591c3

ovn23.06-debugsource-23.06.0-13.el8fdp.ppc64le.rpm

SHA-256: 211879bf6b9738ca09b1bc32457ff3acb4e240c1faed73edc8e65f1e6fb49d86

ovn23.06-host-23.06.0-13.el8fdp.ppc64le.rpm

SHA-256: 389cee10426e5d7da403de9eea17a8d3cf559f07c7bcb14f1264e4f8b1851763

ovn23.06-host-debuginfo-23.06.0-13.el8fdp.ppc64le.rpm

SHA-256: ca12af42d27ee500aea8e448a9a22b7ecefe4c50a0af88152cb56560c4270180

ovn23.06-vtep-23.06.0-13.el8fdp.ppc64le.rpm

SHA-256: 7ebef3956f5452b43e8a21aec832d008de1e5121ad68893a0044c2693e418d2a

ovn23.06-vtep-debuginfo-23.06.0-13.el8fdp.ppc64le.rpm

SHA-256: f074037df2fafbc97026c6c45d95d85eae0e8b45fc9d8d7bd36e7427a927190e

python3-kuryr-kubernetes-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: f62ae3ee51c54c37000791a9f958f838d8b577148aa27c27dbb2ddacb5cfceff

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.12 for RHEL 9

SRPM

openshift-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el9.src.rpm

SHA-256: 6d8196220d0b5caf48d4792052118573fcc8cb0caf4c40087c0672adb9a49054

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el9.src.rpm

SHA-256: 794579fe516c65042011890375ac394f1e1a07dbee6c9f04b4be992eb53ecdfc

s390x

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el9.s390x.rpm

SHA-256: 902e96cdcbabb4ccff6c855e092235a3a2df0fe451a89cef3f672e65b129a5d6

openshift-hyperkube-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el9.s390x.rpm

SHA-256: 5456a31fc10bb64fb81008010459977fdc715783981a0f32f2e10db64f39343d

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.12 for RHEL 8

SRPM

container-selinux-2.215.0-1.rhaos4.12.el8.src.rpm

SHA-256: 2b29798c035f0d2e57435db5371d10f81419b1d3a71681008100b777462844f0

openshift-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el8.src.rpm

SHA-256: 9eb34b0978acb8e50e200ddbe04dc10a1dd7ea82877cd9c1ae678e233486f42a

openshift-ansible-4.12.0-202306230041.p0.g74dc7b3.assembly.stream.el8.src.rpm

SHA-256: faadd3e579e0b8cd9dedbd819dbc00be16dd1da4012206dd034156c49d2947df

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el8.src.rpm

SHA-256: ff3ed83b8a705489cbad41a5e0ef6c26d8ad19c18b9d1527d1f3edf6ea7a1a70

openshift-kuryr-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.src.rpm

SHA-256: 1cbf6f2a1a0373ab12893f2447f4aed91973624d9e8ff238e040abc1e5af93e9

openshift4-aws-iso-4.12.0-202306230041.p0.gd2acdd5.assembly.stream.el8.src.rpm

SHA-256: ded74b3778ea8716fff8ee261a79c5992fe4f2563219f228c86840c36b354f00

ovn23.06-23.06.0-13.el8fdp.src.rpm

SHA-256: 9d1dae219c040b4c8a2996aff82763a0fdeb8062cac9b3f1659037fe406d4829

s390x

container-selinux-2.215.0-1.rhaos4.12.el8.noarch.rpm

SHA-256: e504238cd6313bf05111fd56912e76001b3a50ca8612fb64a6b228c2c1cc3abf

openshift-ansible-4.12.0-202306230041.p0.g74dc7b3.assembly.stream.el8.noarch.rpm

SHA-256: 418d00092d9907c8a770e50a6450ff76311c3547a31bee83a6909d5e0babf92c

openshift-ansible-test-4.12.0-202306230041.p0.g74dc7b3.assembly.stream.el8.noarch.rpm

SHA-256: d58d760ac295dff10ddfbbf8115ce731ef6aa714bcb7f1295c22c23c2a067bfe

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el8.s390x.rpm

SHA-256: 9eb4eb4069b874885ca4278568659beff17e16fff18abd8c3289554e32637600

openshift-hyperkube-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el8.s390x.rpm

SHA-256: 18ff920183a7c8231bdffa3097e805da389db596e553154f72b908f5a0905744

openshift-kuryr-cni-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: 81ac9a21df76da981ee4c38ddc9a2a9e438beaa2a72d2377b122f4cc54b722ba

openshift-kuryr-common-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: 6f8a4cc8652b26b19e7b397c12579cd7f41926910667692be9ce2e39be94b923

openshift-kuryr-controller-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: c05ef81fd6935193d701de34f3d105135ac155f02758f96b5a1966f10bed6bbb

openshift4-aws-iso-4.12.0-202306230041.p0.gd2acdd5.assembly.stream.el8.noarch.rpm

SHA-256: 743a68636aab25c8aeb381eff15b7566f868aa93cfe8f577a5296c4f333213a5

ovn23.06-23.06.0-13.el8fdp.s390x.rpm

SHA-256: 31d2f6900b0d698a0abc8bed1b4b6ec369fab843cbd584d033e0887770ccbdfe

ovn23.06-central-23.06.0-13.el8fdp.s390x.rpm

SHA-256: 558a6002f785a67a33535a863e5a6f5ae0aa5b7b68328d55a636f6e9d6f6cdef

ovn23.06-central-debuginfo-23.06.0-13.el8fdp.s390x.rpm

SHA-256: d96fd00b16e1772442534a0373153efc5cde672634449605bfc8cbc137c79d11

ovn23.06-debuginfo-23.06.0-13.el8fdp.s390x.rpm

SHA-256: a8cba4c69c10a9cf04439bc8b57d0c200718aef61c40e40817effd15b7a4c4f2

ovn23.06-debugsource-23.06.0-13.el8fdp.s390x.rpm

SHA-256: 361b8836761777487cfa67389696c8ca3c51158917e33768e0453e2f94828b8e

ovn23.06-host-23.06.0-13.el8fdp.s390x.rpm

SHA-256: d658a0b4ec1314d06ed8dbc4700cf7a2487477c9d2e523281284216f553c42be

ovn23.06-host-debuginfo-23.06.0-13.el8fdp.s390x.rpm

SHA-256: 61da6f93503b0c9844cd4dde2870a58a835b7d80f1c84d04efac2deb49b064cf

ovn23.06-vtep-23.06.0-13.el8fdp.s390x.rpm

SHA-256: 200d6b5ff7d30b1e28568f1a2ed0351bc387aee56a64c0e62d8dded3cc75b1ab

ovn23.06-vtep-debuginfo-23.06.0-13.el8fdp.s390x.rpm

SHA-256: 69e041afed3d5c22eecbe2e860dff3ef1d405e97f7625509955ca8758e4d3167

python3-kuryr-kubernetes-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: f62ae3ee51c54c37000791a9f958f838d8b577148aa27c27dbb2ddacb5cfceff

Red Hat OpenShift Container Platform for ARM 64 4.12 for RHEL 9

SRPM

openshift-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el9.src.rpm

SHA-256: 6d8196220d0b5caf48d4792052118573fcc8cb0caf4c40087c0672adb9a49054

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el9.src.rpm

SHA-256: 794579fe516c65042011890375ac394f1e1a07dbee6c9f04b4be992eb53ecdfc

aarch64

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el9.aarch64.rpm

SHA-256: 69fa8185ee809f71d6a0ae171fb4becb22414a689346a10fddc050b9cf9f805e

openshift-hyperkube-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el9.aarch64.rpm

SHA-256: f150461243c2206daac9b2080fbbeb8b5151d488904c4043fa1d73d903e53c18

Red Hat OpenShift Container Platform for ARM 64 4.12 for RHEL 8

SRPM

container-selinux-2.215.0-1.rhaos4.12.el8.src.rpm

SHA-256: 2b29798c035f0d2e57435db5371d10f81419b1d3a71681008100b777462844f0

openshift-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el8.src.rpm

SHA-256: 9eb34b0978acb8e50e200ddbe04dc10a1dd7ea82877cd9c1ae678e233486f42a

openshift-ansible-4.12.0-202306230041.p0.g74dc7b3.assembly.stream.el8.src.rpm

SHA-256: faadd3e579e0b8cd9dedbd819dbc00be16dd1da4012206dd034156c49d2947df

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el8.src.rpm

SHA-256: ff3ed83b8a705489cbad41a5e0ef6c26d8ad19c18b9d1527d1f3edf6ea7a1a70

openshift-kuryr-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.src.rpm

SHA-256: 1cbf6f2a1a0373ab12893f2447f4aed91973624d9e8ff238e040abc1e5af93e9

openshift4-aws-iso-4.12.0-202306230041.p0.gd2acdd5.assembly.stream.el8.src.rpm

SHA-256: ded74b3778ea8716fff8ee261a79c5992fe4f2563219f228c86840c36b354f00

ovn23.06-23.06.0-13.el8fdp.src.rpm

SHA-256: 9d1dae219c040b4c8a2996aff82763a0fdeb8062cac9b3f1659037fe406d4829

aarch64

container-selinux-2.215.0-1.rhaos4.12.el8.noarch.rpm

SHA-256: e504238cd6313bf05111fd56912e76001b3a50ca8612fb64a6b228c2c1cc3abf

openshift-ansible-4.12.0-202306230041.p0.g74dc7b3.assembly.stream.el8.noarch.rpm

SHA-256: 418d00092d9907c8a770e50a6450ff76311c3547a31bee83a6909d5e0babf92c

openshift-ansible-test-4.12.0-202306230041.p0.g74dc7b3.assembly.stream.el8.noarch.rpm

SHA-256: d58d760ac295dff10ddfbbf8115ce731ef6aa714bcb7f1295c22c23c2a067bfe

openshift-clients-4.12.0-202306230041.p0.gea7c11a.assembly.stream.el8.aarch64.rpm

SHA-256: f17b5f3a7d6bdeee1cf0429e9c6a5298c49f82a2ffb12a790315752534f135e9

openshift-hyperkube-4.12.0-202306251254.p0.gc43ddea.assembly.stream.el8.aarch64.rpm

SHA-256: e51a422349124c47d2ba2212fb516d7689f20d15de4b266ac09769960464319d

openshift-kuryr-cni-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: 81ac9a21df76da981ee4c38ddc9a2a9e438beaa2a72d2377b122f4cc54b722ba

openshift-kuryr-common-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: 6f8a4cc8652b26b19e7b397c12579cd7f41926910667692be9ce2e39be94b923

openshift-kuryr-controller-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: c05ef81fd6935193d701de34f3d105135ac155f02758f96b5a1966f10bed6bbb

openshift4-aws-iso-4.12.0-202306230041.p0.gd2acdd5.assembly.stream.el8.noarch.rpm

SHA-256: 743a68636aab25c8aeb381eff15b7566f868aa93cfe8f577a5296c4f333213a5

ovn23.06-23.06.0-13.el8fdp.aarch64.rpm

SHA-256: 11e1acff15e1615ce624aa31ebf40dd154f57cebe4e797e02418bc6a2404e92e

ovn23.06-central-23.06.0-13.el8fdp.aarch64.rpm

SHA-256: 125401909d8ab60bd65e4a8a8211e96439ece206f9923a6bf6e06821e3493e91

ovn23.06-central-debuginfo-23.06.0-13.el8fdp.aarch64.rpm

SHA-256: b761470f2e0ba720e6551099885b5504662d55e9358cd081969f417c2dc95320

ovn23.06-debuginfo-23.06.0-13.el8fdp.aarch64.rpm

SHA-256: 78e0b2dc2aa28965bb1bd2b637d93746dac4f644beaedae362e80e274dded076

ovn23.06-debugsource-23.06.0-13.el8fdp.aarch64.rpm

SHA-256: 2eba5ca4d6d755820c37d9d07a92070659c3b8f34000554e25eef3d49b81cfd3

ovn23.06-host-23.06.0-13.el8fdp.aarch64.rpm

SHA-256: 1a2dc07f6771b5c067737ea32acb40a65ff72107b257f7f8268342e2c93ee398

ovn23.06-host-debuginfo-23.06.0-13.el8fdp.aarch64.rpm

SHA-256: d045e622fbd68d928dd4e85133e3a6a8f7a7e756d9d1261681ea51d6add17644

ovn23.06-vtep-23.06.0-13.el8fdp.aarch64.rpm

SHA-256: afcdb10b577f199a1b14d4eb935141fc6bf18301d8ea3c864726f32bf3e5286c

ovn23.06-vtep-debuginfo-23.06.0-13.el8fdp.aarch64.rpm

SHA-256: 9f8d7e4845ce94af8ecdd6ba699c2cd90c5125acb7e32f49f1725232cf125239

python3-kuryr-kubernetes-4.12.0-202306230041.p0.g31dd228.assembly.stream.el8.noarch.rpm

SHA-256: f62ae3ee51c54c37000791a9f958f838d8b577148aa27c27dbb2ddacb5cfceff

Related news

Red Hat Security Advisory 2023-4972-01

Red Hat Security Advisory 2023-4972-01 - Multicluster Engine for Kubernetes 2.1.8 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a bypass vulnerability.

RHSA-2023:4862: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.3.1 security updates and bug fixes

Multicluster Engine for Kubernetes 2.3.1 General Availability release images, which contain security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. * CVE-2023-37466: A flaw was found in the vm2 Promise handler sanitization, which allows attackers to esc...

RHSA-2023:4650: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.2.7 security updates and bug fixes

Multicluster Engine for Kubernetes 2.2.7 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. * CVE-2023-37903: A flaw was found in the vm2 custom inspect function, which allows attackers to escape t...

RHSA-2023:4456: Red Hat Security Advisory: OpenShift Container Platform 4.13.8 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.8 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number...

RHSA-2023:4472: Red Hat Security Advisory: Release of OpenShift Serverless 1.29.1

Red Hat OpenShift Serverless version 1.29.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containin...

RHSA-2023:4471: Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.29.1

Red Hat OpenShift Serverless 1.29.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

Red Hat Security Advisory 2023-4421-01

Red Hat Security Advisory 2023-4421-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.12.5 images.

Red Hat Security Advisory 2023-4286-01

Red Hat Security Advisory 2023-4286-01 - Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.

Red Hat Security Advisory 2023-4287-01

Red Hat Security Advisory 2023-4287-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

RHSA-2023:4226: Red Hat Security Advisory: OpenShift Container Platform 4.13.6 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.6 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number...

RHSA-2023:4225: Red Hat Security Advisory: OpenShift Container Platform 4.13.6 security and extras update

Red Hat OpenShift Container Platform release 4.13.6 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.

Red Hat Security Advisory 2023-4276-01

Red Hat Security Advisory 2023-4276-01 - An update is now available for Red Hat DevWorkspace Operator. Red Hat Product Security has rated this update as having a security impact of Moderate.

Red Hat Security Advisory 2023-4241-01

Red Hat Security Advisory 2023-4241-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

Red Hat Security Advisory 2023-4090-01

Red Hat Security Advisory 2023-4090-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.5.

RHSA-2023:4091: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server c...

RHSA-2023:4241: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.10.14 security and bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.10.14 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

Red Hat Security Advisory 2023-4204-01

Red Hat Security Advisory 2023-4204-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters. After deploying the VolSync operator, it can create and maintain copies of your persistent data.

RHSA-2023:4204: Red Hat Security Advisory: VolSync 0.7.3 security fixes and enhancements

VolSync v0.7.3 enhancements and security fixes Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

RHSA-2023:4114: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.1 security update

Red Hat OpenShift Service Mesh 2.4.1 Containers Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

RHSA-2023:4113: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.3.5 security update

Red Hat OpenShift Service Mesh 2.3.5 Containers Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptog...

RHSA-2023:4112: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.8 security update

Red Hat OpenShift Service Mesh 2.2.8 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modu...

Red Hat Security Advisory 2023-3925-01

Red Hat Security Advisory 2023-3925-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.23.

Red Hat Security Advisory 2023-3924-01

Red Hat Security Advisory 2023-3924-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.23.

RHSA-2023:3925: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...

Red Hat Security Advisory 2023-3915-01

Red Hat Security Advisory 2023-3915-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.44.

Red Hat Security Advisory 2023-3914-01

Red Hat Security Advisory 2023-3914-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.44.

Red Hat Security Advisory 2023-3911-01

Red Hat Security Advisory 2023-3911-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.63.

Red Hat Security Advisory 2023-3910-01

Red Hat Security Advisory 2023-3910-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.63.

RHSA-2023:3910: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.10.63 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server...

RHSA-2023:3914: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.11.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23772: A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issu...

RHSA-2023:3915: Red Hat Security Advisory: OpenShift Container Platform 4.11.44 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS...

CVE-2023-3089: cve-details

A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.