Headline
RHSA-2023:2282: Red Hat Security Advisory: podman security and bug fix update
An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-30629: A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption.
- CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2023-05-09
Updated:
2023-05-09
RHSA-2023:2282 - Security Advisory
- Overview
- Updated Packages
Synopsis
Moderate: podman security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for podman is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.
Security Fix(es):
- golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
- golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
Fixes
- BZ - 1998676 - Network namespacing stopping containers from starting
- BZ - 2078411 - join template in podman inspect errors when new line is selected as a separator
- BZ - 2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add
- BZ - 2105173 - “podman manifest add” is not concurrent safe
- BZ - 2123251 - podman build and podman run read different seccomp.json file in the same environment
- BZ - 2141019 - Update podman to 4.2.1 or 4.3.0
- BZ - 2149774 - FailingStreak is not reset to 0 when the container starts again.
- BZ - 2150430 - SIGSEGV: segmentation violation on s390x
- BZ - 2152023 - podman: ubi8 sticky bit removed from /tmp
- BZ - 2152736 - “docker build” doesn’t work anymore if it is targeting a podman server
- BZ - 2153894 - multiple dbus user processes being spawned
- BZ - 2158472 - Update shortnames.conf
- BZ - 2158632 - podman rm leaves running container behind
- BZ - 2161274 - CVE-2022-41717 golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests
- BZ - 2166091 - podman exec fails with Error: an exec session with ID already exists: exec session already exists
- BZ - 2182821 - podman v4.4.1 required in RHEL9.2.0
References
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index
Red Hat Enterprise Linux for x86_64 9
SRPM
podman-4.4.1-3.el9.src.rpm
SHA-256: ec0e511a4b0da9e00267750b4d163954635b0b1c6bffbff516063ca47775b4dc
x86_64
podman-4.4.1-3.el9.x86_64.rpm
SHA-256: 43f1565481742f86ad39d0d9cf4eb960e356ce2488cf6afe4ecdada47f2a8785
podman-debuginfo-4.4.1-3.el9.x86_64.rpm
SHA-256: b994625f62519d585c419114aa224faad39810cac48783efb4082f8cd3363c24
podman-debugsource-4.4.1-3.el9.x86_64.rpm
SHA-256: 5091a801e7610a7dc7b3036aa2c5ae46744fe8963b50277f95985eff697a420c
podman-docker-4.4.1-3.el9.noarch.rpm
SHA-256: 5913fa452021cace08cf641539d9158f0df58e6cd5258455ddff18314548aba3
podman-gvproxy-4.4.1-3.el9.x86_64.rpm
SHA-256: 71d522c036870da0f25fa3ba7e0f7bcf77759fc5d698aa70984f613b0a7f53cb
podman-gvproxy-debuginfo-4.4.1-3.el9.x86_64.rpm
SHA-256: fe9c51b1b20439e3acfe1c582a78209cb2aaff13c9805e6934a4f38e5ff3bb4e
podman-plugins-4.4.1-3.el9.x86_64.rpm
SHA-256: 23f5d77ea4d0cbc2e3871aed6a90983d4f1ae31a7ec04a43af43fdbb8e9c271e
podman-plugins-debuginfo-4.4.1-3.el9.x86_64.rpm
SHA-256: b804904626761e899cd2f056c2ac625cffdae6f9e15ace90c5f449e7262344b8
podman-remote-4.4.1-3.el9.x86_64.rpm
SHA-256: b5b082d643470014c4b260ca7e6d4379652db3ff1896bfc87f6d7a5e843e5e04
podman-remote-debuginfo-4.4.1-3.el9.x86_64.rpm
SHA-256: bb5e0f3c59aca1e50d3b6c999c704b1ef667b0db96e3a835df9c5111aead8336
podman-tests-4.4.1-3.el9.x86_64.rpm
SHA-256: cefdf344be103fc40ff40e4a1f5dd6e194802ecc769137aa467dade425f7cd95
Red Hat Enterprise Linux for IBM z Systems 9
SRPM
podman-4.4.1-3.el9.src.rpm
SHA-256: ec0e511a4b0da9e00267750b4d163954635b0b1c6bffbff516063ca47775b4dc
s390x
podman-4.4.1-3.el9.s390x.rpm
SHA-256: e62998113e9606abf64cbb2a8cd559034c8f493b0397939f2f397a1c1ec22917
podman-debuginfo-4.4.1-3.el9.s390x.rpm
SHA-256: 68a5e09215a51b2bc381aa85679bf69914152d97b1ea0277e6842144bf632702
podman-debugsource-4.4.1-3.el9.s390x.rpm
SHA-256: d3707052119e7f084c50e815ebc429701c99be820e55ee8d4f49b50110206e90
podman-docker-4.4.1-3.el9.noarch.rpm
SHA-256: 5913fa452021cace08cf641539d9158f0df58e6cd5258455ddff18314548aba3
podman-gvproxy-4.4.1-3.el9.s390x.rpm
SHA-256: 2d9cf6870e0534b3836dc026c9d81747414c4220d18b13fd7c90dbfdd46707a7
podman-gvproxy-debuginfo-4.4.1-3.el9.s390x.rpm
SHA-256: 6c755d1b0a45644332eaeb590b9345f5f4483fe74ae9013357c8f72b7cf6816e
podman-plugins-4.4.1-3.el9.s390x.rpm
SHA-256: b176b31f35929afd3baafb5b7488c3ddf7b2ca5d430fd5260df354aa6aae99dd
podman-plugins-debuginfo-4.4.1-3.el9.s390x.rpm
SHA-256: b580871ae69e64c9da203c68b6e0b3fda984feeeb5127b9793a34663d748af52
podman-remote-4.4.1-3.el9.s390x.rpm
SHA-256: 403554eeabce0b5187a2f47ec6d4dea638bec147a208fe37778fe7c5a2dcbf30
podman-remote-debuginfo-4.4.1-3.el9.s390x.rpm
SHA-256: b28c3d544dc11606fc841076084195b25994e8d1ab69c5630e1501b672b0e877
podman-tests-4.4.1-3.el9.s390x.rpm
SHA-256: e1e37f2d57c418e468cf1760f24cdce0488a88eb94593b2c25b5422a16b28a56
Red Hat Enterprise Linux for Power, little endian 9
SRPM
podman-4.4.1-3.el9.src.rpm
SHA-256: ec0e511a4b0da9e00267750b4d163954635b0b1c6bffbff516063ca47775b4dc
ppc64le
podman-4.4.1-3.el9.ppc64le.rpm
SHA-256: ab8f7b3f31e8e0558a006ac9be350bcbd989a3a856fe0e27a9e12147fdd4c869
podman-debuginfo-4.4.1-3.el9.ppc64le.rpm
SHA-256: 7f7510e1cd6e344c331b1b4df207cc0ff00c5c2d05ec8b349424e969ba36a1a6
podman-debugsource-4.4.1-3.el9.ppc64le.rpm
SHA-256: 743d173ad39ceeb520ca0fc103ae10506147b8b7e13a8d863428277b8f265dc3
podman-docker-4.4.1-3.el9.noarch.rpm
SHA-256: 5913fa452021cace08cf641539d9158f0df58e6cd5258455ddff18314548aba3
podman-gvproxy-4.4.1-3.el9.ppc64le.rpm
SHA-256: 8b587c00f104892a2baaeb7188338d7faec9381cc4f50ef8d5da7f0c794b2df0
podman-gvproxy-debuginfo-4.4.1-3.el9.ppc64le.rpm
SHA-256: dccc18e671101339922630aff30db3c243c4698cf73122520b369f18d646b21d
podman-plugins-4.4.1-3.el9.ppc64le.rpm
SHA-256: b2a7e645dd603eeaf573f683b508d1b4e656b5b59a56b265b42ec81b67ea126d
podman-plugins-debuginfo-4.4.1-3.el9.ppc64le.rpm
SHA-256: 632aa40d0c53f5916bc69d3d0b20a72e29ddf06f516790a10a04b6e56efe1c84
podman-remote-4.4.1-3.el9.ppc64le.rpm
SHA-256: 653fa0e60b51da5cc8fecd43155bfcb8eebc3053da5da794e21ba61aa41fdcee
podman-remote-debuginfo-4.4.1-3.el9.ppc64le.rpm
SHA-256: 29e29a7c5a7425254d0413b6e08d07fd7b852bf6d90d876f3503eec3c7faee36
podman-tests-4.4.1-3.el9.ppc64le.rpm
SHA-256: e5b8d08cb9578c6571040a14ab9d6ad647867323a1a1b9b5bafc85d41108c6d7
Red Hat Enterprise Linux for ARM 64 9
SRPM
podman-4.4.1-3.el9.src.rpm
SHA-256: ec0e511a4b0da9e00267750b4d163954635b0b1c6bffbff516063ca47775b4dc
aarch64
podman-4.4.1-3.el9.aarch64.rpm
SHA-256: 0396dccc0757f19fb842d1fe27b596e8519cf93560ab862e84357daa2461562b
podman-debuginfo-4.4.1-3.el9.aarch64.rpm
SHA-256: 98d08d58e5b00314b353812808d708802ab22f8cfe8e2fa34cee860537dbebe2
podman-debugsource-4.4.1-3.el9.aarch64.rpm
SHA-256: 9a7b97883ba328d2a57fc44d527f5bea1fc00a22912a629f0388f9f2da6ded29
podman-docker-4.4.1-3.el9.noarch.rpm
SHA-256: 5913fa452021cace08cf641539d9158f0df58e6cd5258455ddff18314548aba3
podman-gvproxy-4.4.1-3.el9.aarch64.rpm
SHA-256: 959ab8a9f2e7aa376d2505c785809c119f98c9c5778603e4ecce5e5aa3ed64e6
podman-gvproxy-debuginfo-4.4.1-3.el9.aarch64.rpm
SHA-256: 80aee22751b41aafc82ebb43519125329fb16f5b23a3eaa719ed9d86ed8549b2
podman-plugins-4.4.1-3.el9.aarch64.rpm
SHA-256: 09a5583dde6c0092561da63de13e45170b2176aa8943e25c40f95998a113d041
podman-plugins-debuginfo-4.4.1-3.el9.aarch64.rpm
SHA-256: a03653e27baec4159f4d4c611c91077eba1dab76e866f4a20c3ffd486d6903b7
podman-remote-4.4.1-3.el9.aarch64.rpm
SHA-256: ffe975b01779c153835c9121f23db558b6a277f9c53daa4cecf3f9993eac5634
podman-remote-debuginfo-4.4.1-3.el9.aarch64.rpm
SHA-256: 6b111334fbdbba5cfe326724c5317355f17a229ac0a69a3c8c30d5888ef5a243
podman-tests-4.4.1-3.el9.aarch64.rpm
SHA-256: 9d9f9286d1e806d0e8df8ba3606efabecd31f95658beb0a37b54d3045a2b45ea
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Gentoo Linux Security Advisory 202409-29 - Multiple vulnerabilities have been discovered in Docker, the worst of which could result in denial of service. Versions greater than or equal to 25.0.4 are affected.
Gentoo Linux Security Advisory 202311-9 - Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. Versions greater than or equal to 1.20.10 are affected.
An update is now available for Red Hat Ansible Automation Platform 2.3 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys ca...
Red Hat Security Advisory 2023-3925-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.23.
Red Hat OpenShift Container Platform release 4.11.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23772: A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issu...
Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...
A new container image for Red Hat Ceph Storage 6.1 is now available in the Red Hat Ecosystem Catalog. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-42581: A flaw was found in the Ramda NPM package that involves prototype poisoning. This flaw allows attackers to supply a crafted object, affecting the integrity or availability of the application. * CVE-2022-1650: A flaw was found in the EventSource NPM Package. The description from the source states the following messa...
Red Hat Security Advisory 2023-1326-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, information leakage, out of bounds read, and remote SQL injection vulnerabilities.
Red Hat build of MicroShift release 4.13.0 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat build of MicroShift 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP head...
Red Hat OpenShift Virtualization release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27664: A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown. * CVE-2022-32149: A vulnerability was found in the golang.org/x/text/language pack...
An update for git-lfs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2880: A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy saniti...
Red Hat Security Advisory 2023-1372-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include a bypass vulnerability.
An update for collectd-libpod-stats is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very ...
An update for etcd is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid. * CVE-2022-2880: A flaw was found in the golang package, where requests forwarded by rev...
Red Hat Security Advisory 2023-1030-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.30.
Red Hat OpenShift Container Platform release 4.11.30 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total num...
Red Hat Security Advisory 2023-0899-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.53.
An update for service-binding-operator-bundle-container and service-binding-operator-container is now available for OpenShift Developer Tools and Services for OCP 4.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. W...
Red Hat Security Advisory 2023-0774-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.28. Issues addressed include denial of service and out of bounds read vulnerabilities.
Red Hat OpenShift Container Platform release 4.12.4 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total numb...
Red Hat OpenShift Container Platform release 4.12.3 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric...
OpenShift API for Data Protection (OADP) 1.0.7 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: A vulnerability was found in the golang.org/x/text/language package. An attacker can craft an Accept-Language header which ParseAcceptLanguage will take significant time to parse. This issue leads to a denial of service, and can impact availability. * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an at...
Red Hat Advanced Cluster Management for Kubernetes 2.7.0 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3517: A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service. * CVE-2022-30629: A flaw was found in the crypto/tls golang pa...
Red Hat Security Advisory 2022-6696-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. Issues addressed include crlf injection and denial of service vulnerabilities.
Red Hat Advanced Cluster Management for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-31150: nodejs16: CRLF injection in node-undici * CVE-2022-31151: nodejs/undici: Cookie headers uncleared on cross-origin redirect * CV...
Red Hat Security Advisory 2022-6535-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.5.
Red Hat Security Advisory 2022-6536-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.5.
Red Hat Security Advisory 2022-6536-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.5.
Red Hat OpenShift Container Platform release 4.11.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add
Red Hat OpenShift Container Platform release 4.11.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3121: gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
Red Hat Security Advisory 2022-6429-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include bypass, code execution, and denial of service vulnerabilities.
Red Hat Security Advisory 2022-6290-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. Issues addressed include a denial of service vulnerability.