RHSA-2021:1339: Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.14.0 and security update

Release of OpenShift Serverless Client kn 1.14.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Red Hat OpenShift Serverless Client kn 1.14.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.14.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Security Fix(es):

• golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)
• golang: cmd/go: packages using cgo can cause arbitrary code execution at build time (CVE-2021-3115) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Related CVEs:
• CVE-2021-3114: golang: crypto/elliptic: incorrect operations on the P-224 curve
• CVE-2021-3115: golang: cmd/go: packages using cgo can cause arbitrary code execution at build time