Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:4091: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
  • CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
  • CVE-2023-2253: A flaw was found in the /v2/_catalog endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: n). This vulnerability allows a malicious user to submit an unreasonably large value for n, causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory.
Red Hat Security Data
#vulnerability#web#mac#linux#red_hat#dos#js#git#kubernetes#vmware#aws#alibaba#oauth#auth#ibm#rpm#docker#bitbucket

Synopsis

Moderate: OpenShift Container Platform 4.13.5 security update

Type/Severity

Security Advisory: Moderate

Topic

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.13.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.5 See the following advisory for the RPM packages for this release:

https://access.redhat.com/errata/RHSA-2023:4093

Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html

Security Fix(es):

  • golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
  • net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
  • distribution/distribution: DoS from malicious API request (CVE-2023-2253)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html

Solution

For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata
update: https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-12-release-notes.html

You may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags

The sha values for the release are:

(For x86_64 architecture)
The image digest is sha256:af19e94813478382e36ae1fa2ae7bbbff1f903dded6180f4eb0624afe6fc6cd4

(For s390x architecture)
The image digest is sha256:d4d2c747fade057e55f64e02a34bb752bd2cd1484b02f029d0842d346f872870

(For ppc64le architecture)
The image digest is sha256:48466f0b7c86292379c5d987ec37f0d4a4cc26a69357374e127a7293b230c943

(For aarch64 architecture)
The image digest is sha256:e9afcbe007e2440d2b862dc7709138df73dd851421d69c7f39f195301e0cda53

All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at
https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html

Affected Products

  • Red Hat OpenShift Container Platform 4.13 for RHEL 9 x86_64
  • Red Hat OpenShift Container Platform 4.13 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform for Power 4.13 for RHEL 9 ppc64le
  • Red Hat OpenShift Container Platform for Power 4.13 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 9 s390x
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 8 s390x
  • Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 9 aarch64
  • Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 8 aarch64

Fixes

  • BZ - 2161274 - CVE-2022-41717 golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests
  • BZ - 2178358 - CVE-2022-41723 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding
  • BZ - 2189886 - CVE-2023-2253 distribution/distribution: DoS from malicious API request
  • OCPBUGS-11974 - User telemetry is broken (inaccurate) due to the fact that page titles are not unique.
  • OCPBUGS-12206 - [4.13] Keep systemd journal using LZ4 compression (via new env var)
  • OCPBUGS-12256 - ptp operator socket management need rework since a few test case fails due to cleaning up the file before other processes are terminated.
  • OCPBUGS-12743 - [4.13] SNO cluster deployment failing due to authentication and console CO in degraded state
  • OCPBUGS-12785 - [release-4.13] Enable/Disable plugin options are not shown on Operator details page
  • OCPBUGS-13311 - Kubelet CA file not written by MCD firstboot
  • OCPBUGS-13323 - [4.13] Bootimage bump tracker
  • OCPBUGS-13642 - [release-4.13] OLM k8sResourcePrefix x-descriptor dropdown unexpectedly clears selections
  • OCPBUGS-13747 - [4.13] cgroupv1 support for cpu balancing is broken for non-SNO nodes
  • OCPBUGS-13752 - AdditionalTrustBundle is only included when doing mirroring
  • OCPBUGS-13809 - OVN image pre-puller pod uses `imagePullPolicy: Always` and blocks upgrade when there is no registry
  • OCPBUGS-13812 - [azure] Installer doesn’t validate diskType on ASH which lead to install fails with unsupported disktype
  • OCPBUGS-14030 - Invalid CA certificate bundle provided by service account token
  • OCPBUGS-14166 - Make Serverless form is broken
  • OCPBUGS-14189 - Route Checkbox getting checked even if it is unchecked during editing the Serverless Function form
  • OCPBUGS-14251 - Add new console metrics to cluster-monitoring-operator telemetry configuration (4.13)
  • OCPBUGS-14267 - [Openshift Pipelines] Metrics page is broken
  • OCPBUGS-14310 - Could not import multiple resources via JSON (while YAML supports this)
  • OCPBUGS-15130 - Helm Repository “Edit” button results in 404
  • OCPBUGS-15139 - The whereabouts-reconciler should not set an hard-coded node selector on the kubernetes.io/architecture label
  • OCPBUGS-15161 - CPMS: Surface cpms vs machine diff
  • OCPBUGS-15171 - CPO doesn’t skip AWS resource deletion for ‘Unknown’ OIDC state
  • OCPBUGS-15187 - images: RHEL-8 container image is missing `xz`
  • OCPBUGS-15224 - [4.13] openvswitch user is not in the hugetblfs group
  • OCPBUGS-15225 - while/after upgrading to OKD 4.11 2023-01-14 CoreDNS has a problem with UDP overflows
  • OCPBUGS-15228 - Create helm release page doesn’t show a YAML editor when schema isn’t available (httpd-imagestreams chart)
  • OCPBUGS-15230 - Allow installer to use existing Azure NSG during OpenShift IPI install
  • OCPBUGS-15246 - Bump to kubernetes 1.26.6
  • OCPBUGS-15281 - Leftover IngressController Preventing Clean Uninstall
  • OCPBUGS-15289 - GCP XPN Installs Require bindPrivateDNSZone Permission in host project
  • OCPBUGS-15330 - CPMSO: fix linting issue comment in test
  • OCPBUGS-15335 - PipelineRun failed with log ‘Tasks Completed: 3 (Failed: 1, Cancelled 0), Skipped: 1.’
  • OCPBUGS-15360 - Serverless functions UI warning is misleading
  • OCPBUGS-15372 - [4.13z] Duplicate acls cause network policy failure for namespaces with long names (>61 chars)
  • OCPBUGS-15376 - [4.13] Cleanup Tech debt: remove unused repo code
  • OCPBUGS-15410 - [release-4.13] Add Git Repository (PAC) doesn’t setup GitLab and Bitbucket configuration correct
  • OCPBUGS-15434 - [GWAPI] [4.13.z] The DNS provider failed to ensure the record, invalid value for name (gcp)
  • OCPBUGS-15457 - python-grpcio and python-protobuf are unneeded dependencies
  • OCPBUGS-15463 - [release-4.13] Unable to set protectKernelDefaults from “true” to “false” in kubelet.conf [release-4.13]
  • OCPBUGS-15465 - [CI Watcher] Testing uninstall of Business Automation Operator “attempts to uninstall the Operator and delete all Operand Instances, shows ‘Error Deleting Operands’ alert”
  • OCPBUGS-15557 - TUI stuck on agent installer network boot setup
  • OCPBUGS-15580 - updated nmstate builds will not work for MCO
  • OCPBUGS-15585 - [4.13] Cannot fix a misconfigured Egress Firewall
  • OCPBUGS-15586 - [4.13] NetworkPolicy not working as expected when allowing inbound traffic from any namespace
  • OCPBUGS-15589 - Dynamic conversion webhook clientConfig not retained as operator installs
  • OCPBUGS-15591 - GCP bootstrap VM should allow SecureBoot setting on 4.13 clusters
  • OCPBUGS-15606 - Can’t use git lfs in BuildConfig git source with strategy Docker
  • OCPBUGS-15608 - [release-4.13] Clean up old RHEL9 dockerfiles to reduce confusion
  • OCPBUGS-15720 - Helm Chart installation form hangs on create if JSON-schema is using 2019-09 or 2020-20 standard revisions
  • OCPBUGS-15721 - Helm Chart installation form hangs on create if JSON-schema contains unknown value format
  • OCPBUGS-15722 - Helm Chart installation screen fails to render if JSON schema contains remote $refs
  • OCPBUGS-15734 - [4.13] binary should be compiled on RHEL9
  • OCPBUGS-15736 - TuneD reverts node level profiles on termination
  • OCPBUGS-15738 - tuned daemonset rprivate default mount propagation with `hostPath: path: /` volumeMount breaks CSI driver relying on multipath
  • OCPBUGS-15746 - Alibaba clusters are TechPreview and should not be upgradeable
  • OCPBUGS-15756 - [release-4.13] Bump Jenkins and Jenkins Agent Base image versions
  • OCPBUGS-15777 - ironic-agent-image PRs permafailing due to udevadm command missing
  • OCPBUGS-15782 - [OSD] There is no error message shown on node label edit modal
  • OCPBUGS-15787 - Project admins cannot see ‘Pipelines’ section in ‘import from git’ from RHOCP4 web console
  • OCPBUGS-15808 - [4.13.x] Downstream OLM PSA plug-in is disabled
  • OCPBUGS-15848 - The upgrade Helm Release tab in OpenShift GUI Developer console is not refreshing with updated values.
  • OCPBUGS-10326 - Re-enable operator-install-single-namespace.spec.ts test
  • OCPBUGS-11143 - [Azure] Replace master failed as new master did not add into lb backend
  • OCPBUGS-14318 - [release-4.13] gather podDisruptionBudget only from openshift namespaces
  • OCPBUGS-14336 - [Openshift Pipelines] Link to Openshift Route from service is breaking because of hardcoded value of targetPort
  • OCPBUGS-14426 - Failed to list Kepler CSV
  • OCPBUGS-14459 - The MCD repeats a “State and Reason” log line even when nothing is happening
  • OCPBUGS-14482 - Sync RHEL9 Dockerfiles to regular Dockerfiles
  • OCPBUGS-14598 - Update Jenkins to use 4.13 images
  • OCPBUGS-14773 - (release-4.13) gather “gateway-mode-config” config map from “openshift-network-operator” namespace
  • OCPBUGS-14867 - When installing SNO with bootstrap in place it takes cluster-policy-controller 6 minutes to acquire the leader lease
  • OCPBUGS-14916 - images: RHEL-8-based container image is broken
  • OCPBUGS-14943 - visiting Configurations page returns error Cannot read properties of undefined (reading ‘apiGroup’)
  • OCPBUGS-15031 - (release-4.13) Insights config not correctly deserialized
  • OCPBUGS-15101 - IngressVIP getting attach to two nodes at once
  • OCPBUGS-15476 - Network Operator not setting its version and blocking upgrade completion
  • OCPBUGS-15481 - [CI Watcher] Broken pipeline-plugin e2e tests: PipelineResource CRD isn’t installed anymore
  • OCPBUGS-15512 - HCP Service Loadbalancer uses default SecurityGroup
  • OCPBUGS-15515 - CI fails on TestAWSELBConnectionIdleTimeout
  • OCPBUGS-15892 - 9% of OKD tests failing on error: tag latest failed: Internal error occurred: registry.centos.org/dotnet/dotnet-31-centos7:latest: Get "https://registry.centos.org/v2/": dial tcp: lookup registry.centos.org on 172.30.0.10:53: no such host
  • OCPBUGS-15962 - ovn-k8s-cni-overlay: /lib64/libc.so.6: version `GLIBC_2.34’ not found on 4.12-to-4.13
  • OCPBUGS-15965 - Active Endpoint Connection blocks cluster uninstallation
  • OCPBUGS-16084 - [4.13] OCP 4.14.0-ec.3 machine-api-controller pod crashing
  • OCPBUGS-7762 - openshift-tests does not file Azure Disk zone topology

CVEs

  • CVE-2022-4304
  • CVE-2022-4450
  • CVE-2022-41717
  • CVE-2022-41723
  • CVE-2022-46663
  • CVE-2023-0215
  • CVE-2023-0361
  • CVE-2023-0464
  • CVE-2023-0465
  • CVE-2023-0466
  • CVE-2023-1255
  • CVE-2023-1260
  • CVE-2023-2253
  • CVE-2023-2650
  • CVE-2023-2700
  • CVE-2023-3089
  • CVE-2023-24329
  • CVE-2023-24534
  • CVE-2023-24536
  • CVE-2023-24537
  • CVE-2023-24538
  • CVE-2023-24539
  • CVE-2023-27561
  • CVE-2023-29400
  • CVE-2023-32067

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-12-release-notes.html

aarch64

openshift4/cloud-network-config-controller-rhel8@sha256:3dfe8fac92a85105c681f97d178d1482b65194e8e574e6382580ae83abaf9dfd

openshift4/driver-toolkit-rhel9@sha256:e6eb04b510057198a7d83b2ba9867ab3547c473cf76fdf917408418826d6cb24

openshift4/egress-router-cni-rhel8@sha256:0a39861ea069f532cff8776fa778d5fb6321b130a060e414b45945e39d314896

openshift4/kubevirt-csi-driver-rhel8@sha256:29a2918d4fe7e242385d5275fad0c6038307b470d797cdded2115da12c889dc3

openshift4/network-tools-rhel8@sha256:a3a3ca6276eb2abc4468b3f07b9c82e2406c723af92262123f672f3db4f3e91c

openshift4/openshift-route-controller-manager-rhel8@sha256:26c171d942ae52a6760bd7d5c93ab45d512cba54d9ebac5c4f6360fb58b3f684

openshift4/ose-agent-installer-api-server-rhel8@sha256:9c92b78bc620388e4dfdb210766f92eb1f4c65c614c2495c40f370be8d2084b5

openshift4/ose-agent-installer-csr-approver-rhel8@sha256:6854e1ef70fab35ca00667e07bb10cb2f120c6563ec04cfd44de926712c3b7f4

openshift4/ose-agent-installer-node-agent-rhel8@sha256:936b70e5949b0d5ac156ecb1b6f4b5977a742392b7b0032763f5aefe7f8267ba

openshift4/ose-agent-installer-orchestrator-rhel8@sha256:d095a69e1d39b6bc4851842634663a57fcd91e3e30e4fc00755a64c6b5050116

openshift4/ose-apiserver-network-proxy-rhel8@sha256:062e5a363788caa67d62a485db24c12a44e6f6874ffcafcf772e75fcaf6e14cf

openshift4/ose-aws-cloud-controller-manager-rhel8@sha256:c0a2e206d917eafcb1332c6119d9bf9f7573cc7348a0b954d8957acb8f222939

openshift4/ose-aws-cluster-api-controllers-rhel8@sha256:8008e0da8758e3e065b45274e8908c44266e0b455395df5629ceb668e4c42724

openshift4/ose-aws-ebs-csi-driver-rhel8@sha256:2d0f3bce164d300c5c684e91f52e90f256ec036fd71ede727de2d2f8c589a8ba

openshift4/ose-aws-ebs-csi-driver-rhel8-operator@sha256:dad4141186927fbb93465e70cd6f606d990032fc7afe96be81784223f067ad0d

openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:008b6982758fd8d69b61999c48bc60b006a4fb4de90949da27faa6a1acf0645e

openshift4/ose-azure-cloud-controller-manager-rhel8@sha256:e0210e77b9d14d09c9c94530e0f38c048ac38788a3164737be8e0b967fae35fa

openshift4/ose-azure-cloud-node-manager-rhel8@sha256:695f58aa0b5e822b5c895bef747b4ec4085c9b8e3decbaa58b059daaa5d6d91f

openshift4/ose-azure-cluster-api-controllers-rhel8@sha256:ec3250636f1db7d1463db95bfdfff678d47e5075922f87dfbff24ceaf0b2113b

openshift4/ose-azure-disk-csi-driver-rhel8@sha256:50e8cd8166b2c3c69ef50d285338fd5ed886651995e65cc4aecda80ffb206d00

openshift4/ose-azure-disk-csi-driver-rhel8-operator@sha256:2bf5af7ffcef0edd1cbc56a5a3c3208fe8f0c8da389477b716b39b3d9892f347

openshift4/ose-azure-file-csi-driver-operator-rhel8@sha256:9e9c97717f96aeef8f8c0c45976bd6b8197f30e6f2a66e382256d7fad78844bb

openshift4/ose-azure-file-csi-driver-rhel8@sha256:acb652f90e80fe88ce7388dc7a64dca34184551a29342c0bb3dd93ff1d884321

openshift4/ose-baremetal-installer-rhel8@sha256:b0cc41bcec320701dfe64b2574ac434f341f7c3d73a51c210f22ca020f54f18f

openshift4/ose-baremetal-machine-controllers@sha256:9bbf347c33c59795f9efa4499b2f8c738416cb7abb64c652748d5b09984d217b

openshift4/ose-baremetal-rhel8-operator@sha256:36950edd0031cbf1f6f126307b4e86f1a17d26f009295d73996a792cd131eb7f

openshift4/ose-baremetal-runtimecfg-rhel8@sha256:e2e2f54b5acc7e64b70f5d9d845f8997808aa1eef8d7b7bd2d7dd0531d4922b2

openshift4/ose-cli@sha256:72e5e7583a3b4e1b483c88733dd1803f7576173450ac1fcff126d39b6f2cfe40

openshift4/ose-cli-artifacts@sha256:050aed1e0571f4c458840e533aaafd7e5c60ab302adc89f7978406b4a078a3e2

openshift4/ose-cloud-credential-operator@sha256:e7475614bcf4c0c8dd2f1f9d91b8a5c6c9a9ac4d7b06498c840aa05741f577ff

openshift4/ose-cluster-api-rhel8@sha256:45623508543442d885d865c328a3a3eaf051a30db4a617bbd6fa1c9a88826e72

openshift4/ose-cluster-authentication-operator@sha256:40037aa4dd0adc5ec1190ab1c9fb3b75b97316e6bd53a6eaf97d34ae2a3dd0cc

openshift4/ose-cluster-autoscaler@sha256:3f8553a17008ae522f39cff521728be53586e08c459fa20edd9aa5ce37f12e11

openshift4/ose-cluster-autoscaler-operator@sha256:6de757775a03158eb6a2fd7fa1706430a06104619e2c65dfcee70cbc98136af4

openshift4/ose-cluster-baremetal-operator-rhel8@sha256:f16eb44b5a416f561d87e3ca2e95f1f8ef8aaad0154fcd9d8f3b419ccb45175d

openshift4/ose-cluster-bootstrap@sha256:e9a650fbeabfccd3317ed27a420c94ef40ec77d6b747a00a7b1451042187b79b

openshift4/ose-cluster-capi-rhel8-operator@sha256:142f2f9ec170c49b260b386ec3186ae5115e536489a52e79f7749a0ff2ca72a3

openshift4/ose-cluster-capi-operator-container-rhel8@sha256:142f2f9ec170c49b260b386ec3186ae5115e536489a52e79f7749a0ff2ca72a3

openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:519879808a31b3ed9b494da7130f4f6a7500f6f5fa95a0074ac2b098720b8b7b

openshift4/ose-cluster-config-operator@sha256:fabccbbdf2bd59aa8459ed43c0d81fb4af84b567f723a22aae690ff803db32fd

openshift4/ose-cluster-control-plane-machine-set-operator-rhel8@sha256:200666dfbcc09706d92c7a28b6432acd4a58869dfd5033bc1975ccf748727a80

openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:61ecc25d588110955657a8113e499cca691fb18a4efd2341e99c8da551aa7a42

openshift4/ose-cluster-dns-operator@sha256:77e9da25eda969cf82dd747b2a4f73450cf8ea89804c216ddc9fba2db74cc9e3

openshift4/ose-cluster-etcd-rhel8-operator@sha256:19e5d72f794207ba66462512763d0a4210ff29c0a9488939da6c8a772cf29e73

openshift4/ose-cluster-image-registry-operator@sha256:4dc8c6182f12b9a7ac03a1e67586fb1ea5c35b8db71cc62551cd730f0b3694a5

openshift4/ose-cluster-ingress-operator@sha256:9aa309be61c2fe316c353113890b48ad88481dba49a6daeaedb15e6fe33c8c77

openshift4/ose-cluster-kube-apiserver-operator@sha256:57eb0e394bf6624438477a672f538cf0c678dcfed63dce0e59df3090359f3dca

openshift4/ose-cluster-kube-cluster-api-rhel8-operator@sha256:50ef3f70e2b035fa9484c55de00522981d35c03091eac7d7542d62b632a39cf9

openshift4/ose-cluster-kube-controller-manager-operator@sha256:27cb66b2a417d1d1b1963b5b30389709c57c0ec683f91b42562badedd9b46d35

openshift4/ose-cluster-kube-scheduler-operator@sha256:b71d021f38696bd124f94fcc39f179e5aa9d2f00226c82e03e03e7213eb2ab52

openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:b1fbf0b9cd76ac64a1b2ef5426f716540c60060396adeea6857c3c6183769f10

openshift4/ose-cluster-machine-approver@sha256:6f09ee5a11d19013d30ca31e678371a7226bffe40271a70b7609d2dbc170dff6

openshift4/ose-cluster-monitoring-operator@sha256:b97860b764261b2a70a13e55051a0f657e84169ac05cee0ef0f3512ada051b87

openshift4/ose-cluster-network-operator@sha256:9939a32a8aaaf039935d4160e9812c1df71920e569e8f352f43a86e887fd90cc

openshift4/ose-cluster-node-tuning-operator@sha256:4d9a55dd443097ae2942adb58f51c33f54a72a0684384dac496100a1b3da06dd

openshift4/ose-cluster-openshift-apiserver-operator@sha256:3c9e56c51eb06cffa1e2514df0022077c4b75af8e26c4322a2fcf90e077839bc

openshift4/ose-cluster-openshift-controller-manager-operator@sha256:2ce9d9a66fe42e671eb1cb54a0c94e37a707460b5561b1bb2289fe2cae3e2fe4

openshift4/ose-cluster-platform-operators-manager-rhel8@sha256:bc0dba330978c17649214becaabf80620d2ec6ae0ca1f794b36532cc09fb0a4b

openshift4/ose-cluster-policy-controller-rhel8@sha256:626be1400a2c6a44d7d93ce9d07a8a827b5c41907a6a7dd6e2ce13cc850feaeb

openshift4/ose-cluster-samples-operator@sha256:807424b66da74cf132383a2d76160815c6cde6931c499fa866a798da8aa47ea5

openshift4/ose-cluster-storage-operator@sha256:9665caff18e6ad3832233b6e9612ae59a27d247881624c97368ea436fc6867f3

openshift4/ose-cluster-update-keys@sha256:d4619a64408ae251ca063176f19c95e70d3483a8cae3d45b12db6e1c9e424deb

openshift4/ose-cluster-version-operator@sha256:8ac0f3d0affcdb9a81a5b653549d4d0de9222a8b8ee58e45946423258df71143

openshift4/ose-configmap-reloader@sha256:9169810bf54740bd10dcfa92b0913845d5d8f906961e85859cd55fd87bec6dae

openshift4/ose-console@sha256:feee26299a0a82e8a3e1f3569632c76cc22ca8a27cf6572568f1ff5d4a51b922

openshift4/ose-console-operator@sha256:934322ae42aca96d269cf2c0c3ad9c62f8647531383175ec24dfdd4b5cfe5860

openshift4/ose-container-networking-plugins-rhel8@sha256:948068ab6fabc246f8b387ffc11c3c2d23435525e5669468300ba8f5301fc9d5

openshift4/ose-coredns@sha256:d7933943e663c206816c10f0331c2364888101023b8a1abfdd096e2c38cfa4dd

openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:31d444fb272f440b8dee1608061652128c5f6c137b7f554d7f78a1437cad5587

openshift4/ose-csi-driver-shared-resource-rhel8@sha256:d46978a44f60dbc53abd6744cb6cd5a15f275825b0bbaf009495433ee82b0566

openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:26a756c5a63d607fd6afc5a534ce169eed907625fb8e28f65b06c49c89ce04c1

openshift4/ose-csi-external-attacher-rhel8@sha256:8ecaafd4e48bbbf81448c49e0be8c059ed3588bde52ff1162fe623b01f8083c6

openshift4/ose-csi-external-attacher@sha256:8ecaafd4e48bbbf81448c49e0be8c059ed3588bde52ff1162fe623b01f8083c6

openshift4/ose-csi-external-provisioner-rhel8@sha256:25bb12a4483cb03b43889ac37291ec363f509622511d9157173dcd21f9ae12ac

openshift4/ose-csi-external-provisioner@sha256:25bb12a4483cb03b43889ac37291ec363f509622511d9157173dcd21f9ae12ac

openshift4/ose-csi-external-resizer@sha256:a3cc5556b6e59d75c29e7136e46f4f7f0e3dbf51a122ef39da2ebefab68aeadd

openshift4/ose-csi-external-resizer-rhel8@sha256:a3cc5556b6e59d75c29e7136e46f4f7f0e3dbf51a122ef39da2ebefab68aeadd

openshift4/ose-csi-external-snapshotter-rhel8@sha256:1d599a6ab950f0be8325fc5d494e0745df605ea370f3f2fe3abed7727621647a

openshift4/ose-csi-external-snapshotter@sha256:1d599a6ab950f0be8325fc5d494e0745df605ea370f3f2fe3abed7727621647a

openshift4/ose-csi-livenessprobe-rhel8@sha256:3bb263732093dd99239c0bd759b80e4866f416cfcd2108b7e26261228f30cb0e

openshift4/ose-csi-livenessprobe@sha256:3bb263732093dd99239c0bd759b80e4866f416cfcd2108b7e26261228f30cb0e

openshift4/ose-csi-node-driver-registrar@sha256:199de7512b90ba5e8fd76aeba0bca6b8781547331aee709a48f10d2991c5b085

openshift4/ose-csi-node-driver-registrar-rhel8@sha256:199de7512b90ba5e8fd76aeba0bca6b8781547331aee709a48f10d2991c5b085

openshift4/ose-csi-snapshot-controller-rhel8@sha256:99d36fd143725370262350388e9fffcb52ada7699ab507efba5fe3e4de3a8b18

openshift4/ose-csi-snapshot-controller@sha256:99d36fd143725370262350388e9fffcb52ada7699ab507efba5fe3e4de3a8b18

openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:a14094842e3a2550c3217263094c1b66e6874494048f09de92860d851b5d5238

openshift4/ose-deployer@sha256:c72c018f3aa575f60baa20f250d80343e0985607b3e03af9437832359e610dc8

openshift4/ose-docker-builder@sha256:09bc6aa7a9272be404789dbf4c5036c253c7b17fefda0853a1e47de83d810f2d

openshift4/ose-docker-registry@sha256:ce630512acdbacec7065154c2522a84663dc8f5687ecc3df1d871aa674eea596

openshift4/ose-etcd@sha256:bb61d8ab4a1b1e1bd8ca524f6de13cbf33af30b40c26a95915224d5b500ed9a5

openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:d5975ad60437ba1f649dc895573b95c006a6322120071c93b2e3c782ff9ec11b

openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:3ed31c7b0c0260b1976e8e045baf4eb683205549358d78f49bf3dce91851976e

openshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:5f1031da6fe2c6900c11cd43fe424a87662c69859814a100db86aebe3968da2d

openshift4/ose-gcp-pd-csi-driver-rhel8@sha256:8b3e4285946efb4f51615abbd8bdaec74bb47927529ab7096131d69861694950

openshift4/ose-haproxy-router@sha256:2debb6eceb0446ec0d24e99c4e5b49b7b394bfd74b69761369b4982dad01e533

openshift4/ose-hyperkube@sha256:038b61ff1bf678fb05b2bf86a49ac08de04586fd9a77304b267a1343db62b4b2

openshift4/ose-hypershift-rhel8@sha256:ff39a91cd4e2dcd3aa6d4f29642ac54aeddc918989138583461f9a47254265cb

openshift4/ose-image-customization-controller-rhel8@sha256:be3587fab616fe1dba09c7435825cedba860416218a9f5fb84562e2589e8830e

openshift4/ose-insights-rhel8-operator@sha256:c1be8ad155ff76583c14ee55c55d21ebdf382042e66c840cc582a16751082f24

openshift4/ose-installer@sha256:43f3cb48a122d8bf0600fb3483f664c211ad1232dc2c222403efde33aaa48c15

openshift4/ose-installer-artifacts@sha256:b67e3c2d4c9b0d389e7410632c1e6cddbe9d2bf0b7a669e561e89f01dad63816

openshift4/ose-ironic-agent-rhel9@sha256:bb52a58845bcead488be7f556208d7eafef1861f3fdeb74c1d0fbb9915abcf53

openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:e2182c69f3b4e5600773e00392919fda5500de195a6fdac6207e528d18c55515

openshift4/ose-ironic-rhel9@sha256:a5f3149419e052425a1751fc365f1687b2b53d1f9c4deabb2b27f387a560809e

openshift4/ose-ironic-static-ip-manager-rhel9@sha256:84e9bea3f5551bb923d0ddc79ea77ba3674e1feaf6f71e3eb08424599a9060bf

openshift4/ose-k8s-prometheus-adapter@sha256:0395383b369121d7836422da38f7276a7b216e1df78aaeffc836f2027dfdd96c

openshift4/ose-keepalived-ipfailover@sha256:a1a48ff167f4c8c914f102cd08c2449c2c9edca52d2bb3d4b1478adaa720e047

openshift4/ose-kube-proxy@sha256:aefed0f94a8fa262eba4181e89efaf137b15cbd820da306a07f27aada60a68e2

openshift4/ose-kube-rbac-proxy@sha256:606b4147e49e54f833a712b8f87ca0dce3464b9168530d3200fb0ad683f62378

openshift4/ose-kube-state-metrics@sha256:411b6b4b0de4ceae800ab6c47a579cb52d25851597a3a9563ca1ec82df4ca782

openshift4/ose-kube-storage-version-migrator-rhel8@sha256:728a42988601b18a943e34c0d869c53661295fa6c8102aed9b86a241e2d27aee

openshift4/ose-kubevirt-cloud-controller-manager-rhel8@sha256:f7cea2b497c37d8b5cc551fdba96d900c6a530ec42c31a41d8ae6d12b7d0e69e

openshift4/ose-libvirt-machine-controllers@sha256:5821e737f91df4138af82ac0c10448540a1da7c69c60d7f9418add4ef4eb431a

openshift4/ose-machine-api-operator@sha256:0660021823c6df8d366d84a17c08968daf076594426c4daa95dcf43f909623b2

openshift4/ose-machine-api-provider-aws-rhel8@sha256:ee331908755dca4824a536bfb11a2e8b4f74bb94e49e4a857ac3a1adfa781fb7

openshift4/ose-machine-api-provider-azure-rhel8@sha256:d051ef4addf9835e1cf889ebf67595888f63b00365203b7fd6ab687978b33cfc

openshift4/ose-machine-api-provider-gcp-rhel8@sha256:35fe420ea4c7ddf9c6bddef246e15d499702f77531542b98997f692dac3ef7ee

openshift4/ose-machine-api-provider-openstack-rhel8@sha256:ffc93ff53f783f7c6aadeb8f9e8d8de474adb51a44b70bc8caa0da6da7ec8e80

openshift4/ose-machine-config-operator@sha256:d5c15e536fb613f88ccfb0f395eacca3a25a2893dafd993fc708d4385390398a

openshift4/ose-machine-os-images-rhel8@sha256:8d6357d2c341716b338dc7a8408046188821d6060cce59d24f7d73046b0ef73c

openshift4/ose-multus-admission-controller@sha256:82f43317684f6afefe985a9c5b7a863c13db43eab0570caf11dc8821f6322d06

openshift4/ose-multus-cni@sha256:7f6306cd91fdc4fff776d50b224126687d150b26f082afab6ebfe881ca480901

openshift4/ose-multus-networkpolicy-rhel8@sha256:18b1cf605a04915ce67db8f6de9d14f87080218e456c7f4c0b2c3129c7147e11

openshift4/ose-multus-route-override-cni-rhel8@sha256:8c93d7270ba65d1d4a2ec7c8112a8e7ea68ccc7c762719437275df10a77563e3

openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:6b28c27b5ce6703dbde8142cd4328bdec0ed9361a15a69f15fde00a6fd79a3a2

openshift4/ose-must-gather@sha256:ca9052dd8485b686000217fbce0431bab05487e0b67d61aac04ec801dfd30089

openshift4/ose-network-interface-bond-cni-rhel8@sha256:505284cfa2860e2b72fbbff8d75ea7f73a201514a77558eda6c8d008439b36c3

openshift4/ose-network-metrics-daemon-rhel8@sha256:9d446ebebff0893d1db133fbc76dbe070af3995630f1fc780262ec30861bc66d

openshift4/ose-oauth-apiserver-rhel8@sha256:fd1251ee79a4dfdfc24ca8e06d2c357c310eecfd29897da5a8028e1ed73df4ca

openshift4/ose-oauth-proxy@sha256:a759c001b590a793928e40165ca7cb91fcb9aea98e064184b64bfc8d591cd5de

openshift4/ose-oauth-server-rhel8@sha256:d43e30ce86b77b34db6fe2bf85db6fd6d5c820079ec44644a22a8dc27d353f96

openshift4/ose-olm-rukpak-rhel8@sha256:03e71ee7fdb2441c2428dad472a418d857887d42f8d5e3a08259c436b5a20e02

openshift4/ose-openshift-apiserver-rhel8@sha256:c78a14ff41580895fbd727a2229b2c418a437b2b754f00df8bd95063daf9a448

openshift4/ose-openshift-controller-manager-rhel8@sha256:9f3720a34b016770772af204baa88d99c00d5fb7c69e86742d8f2c32fc31f3e4

openshift4/ose-openshift-state-metrics-rhel8@sha256:042171c2b8acb3fa89ef10afbde34027c02fbe24d091f87a1de1c33748568847

openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:24a9dd858e022050a6c977bf470a221656d0875c97213e25a46f9aa6123a9461

openshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:c18903c70cd196e83bdeed2ed4afe4a45f7a48bb6d23245296a4a729528f41dc

openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:cb6bb4535180f4c8a46cde70cb98e1e7aafb015de0c76487851590f9da69fe7f

openshift4/ose-openstack-machine-controllers@sha256:202e35170b905ccb48fc396067db5f780d2d62c7f98b5616c546c502110348d5

openshift4/ose-operator-lifecycle-manager@sha256:099a4ad092732964f3a38fc541ea3d41f2fc09866634dc2df8db6c75ebd6c17d

openshift4/ose-operator-marketplace@sha256:bf0014595d983026fdcd51a507c096703a153942d54a69cb0637e0ebbbe62139

openshift4/ose-operator-registry@sha256:1c56f2da6166a5aa31cdf510b3ded600f9d263b7ff158163c7b241a39e569fec

openshift4/ose-ovirt-machine-controllers-rhel8@sha256:f0c0a5cc42b40446190cec4cf632a514bb8190a99d009599ebc1047fd8d1b108

openshift4/ose-ovn-kubernetes@sha256:53f8f8e16b07ca1eea36c184768e2d33339ea0b379e70ab7b51b451a2b8ac819

openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:9539c799ac29d2c59de76d02a75b5345b5bd9e577a1e81985cf4b84bd3f1d530

openshift4/ose-pod@sha256:4aeb47379f9241f35302bf4a89d32de63655cac69fcd75a2b2171e5c6557a393

openshift4/ose-prom-label-proxy@sha256:8d8515f5e9760d6f6158137c7db37de6507b752e6a1396355059f627a3915b35

openshift4/ose-prometheus@sha256:a2b87f05bd45fe337fcdc568d0868511d4da197f7efad0e3cef7473d4080d86c

openshift4/ose-prometheus-alertmanager@sha256:543dc605857d38232d497d642253dffe6fb81f1d68c762473b3cbe1037ef001b

openshift4/ose-prometheus-config-reloader@sha256:cfc6cd818442d7b8da4b0b0a78203f27c28a6b02ddb3176976f99d1955154547

openshift4/ose-prometheus-node-exporter@sha256:db83cbaad44354537797fa016f1c06a9a2988690a187f05b9e57814fffa37426

openshift4/ose-prometheus-operator@sha256:1c75c17917e0737e0baf3a6df44d9b24efc7292440f2aa282d4b59386eaf0826

openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:684a078ffec9c7940f876031d657eb60be1305c64417145a40df13be4864294c

openshift4/ose-sdn-rhel8@sha256:3498a7f41c4a4745062a83e3f9723bab8346ba57a34c0410b810ee760f132c3b

openshift4/ose-service-ca-operator@sha256:f7c38824d5516484fd0c17c5da43a007d2d0ccf1b746df8ae2bbb6640eb49917

openshift4/ose-telemeter@sha256:880c6df665c24db79401e9aa7b1624feb979a22d51c470b9c0ea0fd8ad5c222d

openshift4/ose-tests@sha256:02cd825a738a0435ab87dba562b48d3354448dec990861a1b736bd18decd8341

openshift4/ose-thanos-rhel8@sha256:060211b085dac96351313654c20cd37851b8c2f176902c3e244d4517a93c70b4

openshift4/ose-tools-rhel8@sha256:78ef4419910a0733a890752c1224140ea27f9399f78742ab785174944719d7fa

openshift4/ovirt-csi-driver-rhel8@sha256:0326a19debb0160458a6d25f0c6ce1ae5d3d2a37187e58b0ff7d8ddda8d1c0aa

openshift4/ovirt-csi-driver-rhel7@sha256:0326a19debb0160458a6d25f0c6ce1ae5d3d2a37187e58b0ff7d8ddda8d1c0aa

openshift4/ovirt-csi-driver-rhel8-operator@sha256:6857d38938dc573338d2da30cbdb07634511132b8e6134021eb4c7d90515c426

ppc64le

openshift4/cloud-network-config-controller-rhel8@sha256:f00cce3dddb294098c3d634167db9f703f7b3d27a78aa882bea464391f25f47f

openshift4/driver-toolkit-rhel9@sha256:f00dda75f07a5e71131ad313dab9fff6de93e49b903386efb9ead453c731bf99

openshift4/egress-router-cni-rhel8@sha256:8a2671229d05be3afcd10603621462718856f477724eae0db205ea26328ef6bb

openshift4/kubevirt-csi-driver-rhel8@sha256:834b5b22fd8770935cfd1b40c106a174edb26e99de9e1d360eccf06b0eb544fc

openshift4/network-tools-rhel8@sha256:802c5e7e1be7ad58da350a71feb76c558d6d4c50f6e2fd4ed577b6d8c1b97713

openshift4/openshift-route-controller-manager-rhel8@sha256:935df0582049b90a18a2bb9d93f55c2d494dbdab072eaff7baac814ef5199764

openshift4/ose-agent-installer-api-server-rhel8@sha256:e4373256b9316f6a11e72e8f9e9776dba63e5ee8e0ac4d0a01d6cb7aac672baa

openshift4/ose-agent-installer-csr-approver-rhel8@sha256:7bad717e1ca655dda9b865cb4f98c66a5d1ebc16f1cb45123a7c104549ed6896

openshift4/ose-agent-installer-node-agent-rhel8@sha256:aae01cea2881573195d2349322d0f97b532557cf69e90c73847125b35b66d091

openshift4/ose-agent-installer-orchestrator-rhel8@sha256:085f421f572bac5191783112f6252e1767202edce3eaf6233736e01b00de6449

openshift4/ose-apiserver-network-proxy-rhel8@sha256:d4165d8937701749646c5529768e6c04c63099816d7808ddd955a412e0ef88a5

openshift4/ose-baremetal-installer-rhel8@sha256:a8ddae6464fe52f9a1ba9fef3a18b73cfa364ea2ae24b31c4254c9b6d23b26f9

openshift4/ose-baremetal-machine-controllers@sha256:ca07b1cc158d985831faf49393777f8bbd26ae407f54c59b7f5ff2595166e345

openshift4/ose-baremetal-rhel8-operator@sha256:33a0dc6139aa43576fcc1de04005a896f1e525af364c5dc9e166f8fbf706a73f

openshift4/ose-baremetal-runtimecfg-rhel8@sha256:92937bf4be25fecddf6173b1d1ec2e2838334975a5d9d2b2d9074a9336c7e712

openshift4/ose-cli@sha256:37f3f67c7dbe31f889ad14b23b15d14f747facfc98211f20618eb9ac09a2582b

openshift4/ose-cli-artifacts@sha256:2836144df37a4b6fcd765ea3ced5e3a5cb32b2d99788da901e517dc3c8b19c8c

openshift4/ose-cloud-credential-operator@sha256:e29e9aeae38dbc59f152c3ddff312f26221b53df4f152c4bfff6f26dce37b586

openshift4/ose-cluster-api-rhel8@sha256:b874bf84dfe2d0a94c23f4c624ba7b42fa43a69ba622f927ac3f4519033ac31b

openshift4/ose-cluster-authentication-operator@sha256:d1d4db4e790edc269719a236b653ecf0106916e86a9280de984a098764801320

openshift4/ose-cluster-autoscaler@sha256:b02db60797a11c3b2bed361bc8a544a416917d1a8d240afa735f6ece1ac080f9

openshift4/ose-cluster-autoscaler-operator@sha256:31027d1aa6b4a163fb8241d77245df043bd05c986fb8565e53618f48fdca68d2

openshift4/ose-cluster-baremetal-operator-rhel8@sha256:71d65998f05b7e361676841eb58721644d3f83fab576f4b18ab4f2db402f2ad3

openshift4/ose-cluster-bootstrap@sha256:aae751fb31109a57f4d76685a674f3349806c5392290053169deaf200e1fc93c

openshift4/ose-cluster-capi-rhel8-operator@sha256:42f3a78f20fbb51b0af5cf92a9bd95ae0bce84e2879924b8fc1d45a9b76020e9

openshift4/ose-cluster-capi-operator-container-rhel8@sha256:42f3a78f20fbb51b0af5cf92a9bd95ae0bce84e2879924b8fc1d45a9b76020e9

openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:53235c86950afcab21bb2fda9673c94a0ee5105e0c9278460e9972d3b8fd00c1

openshift4/ose-cluster-config-operator@sha256:325514256b069b444cf8334c181d71835d279fde68094b8cc33a1ae81d0275a8

openshift4/ose-cluster-control-plane-machine-set-operator-rhel8@sha256:87a3ac3c6cd35aaee6fa94423280aee37c649a2c58bece6c43954b757307d98e

openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:e6149c5d4ac56ed376ecf669aef7bdac72e9cedffd635b801b802eb6920fe86b

openshift4/ose-cluster-dns-operator@sha256:c666ef420dad6b3bf9f412538aaf745b1cb8dff9439e5d33a2dba73b176b8ebc

openshift4/ose-cluster-etcd-rhel8-operator@sha256:0f8e846a6ea197dded5f2a550952fd4c8b7632657a7873eda30e902d6f10f601

openshift4/ose-cluster-image-registry-operator@sha256:fea8567254d8b8158763030591750e9b3eaa4dc0e3868aa230894f1e1373bc25

openshift4/ose-cluster-ingress-operator@sha256:8409e10c8979e3a3b386e1e6f8c7fa4cb1bcc17573618704ae9841f80ad4823a

openshift4/ose-cluster-kube-apiserver-operator@sha256:c0b71befbcaf2135482f778bc71b7ab996ceb7ba0c24490f78ed792bf0ecaf45

openshift4/ose-cluster-kube-cluster-api-rhel8-operator@sha256:ce19d3e7017faa5ed17e1e583612ccdc21c0fa76ccf9b55e7ac2586067ca55d7

openshift4/ose-cluster-kube-controller-manager-operator@sha256:7d024a1781a3505d98dc5df19a9f361d1e0b33d79c68eca77cca04a08ca9f5d7

openshift4/ose-cluster-kube-scheduler-operator@sha256:62391e074edbe0d1567436856e1e113dddef21bb0d9d56838c3fabe9c7edc154

openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:00d8f99e4dc9e78d3c2940224a95274051967ac96d799819a46c5295500d776d

openshift4/ose-cluster-machine-approver@sha256:6aeeb7cdeb86ee7763528b9ec42dbdaac3eec60bccdcb2221f8d213703ca14b0

openshift4/ose-cluster-monitoring-operator@sha256:2439afaa776b73b915d9bdfdfa9ecd36e320ccfaabbef87809f39dfc58e20ac8

openshift4/ose-cluster-network-operator@sha256:3ab729a1f8ed572c6c00364aa88356d9b5cfb6a7bb42b890a80927f36ab7a807

openshift4/ose-cluster-node-tuning-operator@sha256:06fbc9cfc9b5202f3857921eab83689f8744f958fef76c7015296458e45f5f1e

openshift4/ose-cluster-openshift-apiserver-operator@sha256:605274eb5ca763ae2d1e98d7f1c3eec9ee96bfc247fabc76a466baa66c695f69

openshift4/ose-cluster-openshift-controller-manager-operator@sha256:89fa9bd34a6149a03433bff15b262f8ae201828a6b86fe06068e9422fa671e80

openshift4/ose-cluster-platform-operators-manager-rhel8@sha256:47a496acf17006ca830bf8fe3585ab5b201c444b94b7ae3ead0a73eb462bd0d5

openshift4/ose-cluster-policy-controller-rhel8@sha256:7d1e726bbabda30ec90c21f34e2ec0fc19d1467ad9d4c5e0c15b09f09a98bee0

openshift4/ose-cluster-samples-operator@sha256:39401889c59a21c04027a7938eb0623671cd56c8e5f848d253bf4cb5bd13f0b0

openshift4/ose-cluster-storage-operator@sha256:070145ea7733bc692cfd80ba023b37bd8f17f58c732ba8bcca15160900ec3304

openshift4/ose-cluster-update-keys@sha256:8767352e862e3a5e83f1ba09984d23b475495aa8f56ed56df9a2aad2e963aa19

openshift4/ose-cluster-version-operator@sha256:3cbc06b61354b5eeae9f95cd9387f74a8ff97bdf273e99797c25f20acf8385b5

openshift4/ose-configmap-reloader@sha256:4e4de9d54d64bfd58a0425d1570c4c3f2515051cff895c697d3fc39b8846ae93

openshift4/ose-console@sha256:45e5ca6fedec48e3f582945227020589fe3d6fd9f1ba0b96b5c91227afd7532e

openshift4/ose-console-operator@sha256:2e4aed4a0c1ea75a106ab3be1a16c5d9e0cb8444795c8a176e9c8664194421ea

openshift4/ose-container-networking-plugins-rhel8@sha256:e9c245b27fcda2196611db173d9d6bb67f4d69d8b1101492cb39f5ca207f5299

openshift4/ose-coredns@sha256:f011df03572ad490121364ef76e7f6c8135963da1e2dee4560331be4f06d5eb8

openshift4/ose-csi-driver-manila-rhel8@sha256:4c360668f0cde83e4dbfddde1f310182a488f8634f1bc1e7e2c9a53654604754

openshift4/ose-csi-driver-manila-rhel8-operator@sha256:0a7d8999a3a64352456619909fcf42f894e61df7457b68d36e65e4b967cf8360

openshift4/ose-csi-driver-nfs-rhel8@sha256:9a08986ea2663bcd831c3171bd4606fed1fee2f0501b016bc5a4bdf5e6555c6e

openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:b90e50d526ebab93a97b730e3b4d4f6552f26c393a90ab4ccecc1465497d9886

openshift4/ose-csi-driver-shared-resource-rhel8@sha256:3ffcc3311fbc487ff17b74393b04b7ee5cebf90d99d89ee65f680f7c630a19f9

openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:35275dc70a0086681d376d7ab67643ecdb1c1ddeb2fded962674624f2018cc18

openshift4/ose-csi-external-attacher-rhel8@sha256:9b2549923737d358cc78f2871f42a1aaa4c0cd969f833871023c2765a1c95634

openshift4/ose-csi-external-attacher@sha256:9b2549923737d358cc78f2871f42a1aaa4c0cd969f833871023c2765a1c95634

openshift4/ose-csi-external-provisioner-rhel8@sha256:841f137e5d80d3bfbec873881fd5151b42de8ac5662c66b326dab1dcd206f31b

openshift4/ose-csi-external-provisioner@sha256:841f137e5d80d3bfbec873881fd5151b42de8ac5662c66b326dab1dcd206f31b

openshift4/ose-csi-external-resizer@sha256:00383278946b0b9b2e15cdf5c651bee84ab7fb055eae6952098245bbc7d9210c

openshift4/ose-csi-external-resizer-rhel8@sha256:00383278946b0b9b2e15cdf5c651bee84ab7fb055eae6952098245bbc7d9210c

openshift4/ose-csi-external-snapshotter-rhel8@sha256:b42e2b3fd2135cad8edb97d7b6cbd41523682e38d63e8fce18e01b8a7f7249da

openshift4/ose-csi-external-snapshotter@sha256:b42e2b3fd2135cad8edb97d7b6cbd41523682e38d63e8fce18e01b8a7f7249da

openshift4/ose-csi-livenessprobe-rhel8@sha256:0400860170c0c51784065f7a4a205913fe4f13a8604792fb0fd19918c0980b30

openshift4/ose-csi-livenessprobe@sha256:0400860170c0c51784065f7a4a205913fe4f13a8604792fb0fd19918c0980b30

openshift4/ose-csi-node-driver-registrar@sha256:c65196cdcf5e5a5cb49306781a053d3dd828908980e61bd597df4d3ab0358129

openshift4/ose-csi-node-driver-registrar-rhel8@sha256:c65196cdcf5e5a5cb49306781a053d3dd828908980e61bd597df4d3ab0358129

openshift4/ose-csi-snapshot-controller-rhel8@sha256:746dace9d8574d3bfd13e04ce42b1a3d56d8b1aabcd167c33d7ab5899f9aa7f0

openshift4/ose-csi-snapshot-controller@sha256:746dace9d8574d3bfd13e04ce42b1a3d56d8b1aabcd167c33d7ab5899f9aa7f0

openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:7821bd191753499a665bcc42f7afa3ee63bde0f32e93211a21fb2a4e9d6df448

openshift4/ose-deployer@sha256:becd10bc20a8e1033b13d498aa19491e926a829012c4866534b9aa8731d5ae86

openshift4/ose-docker-builder@sha256:d6697dad58626c71e36b592dcbfbe9526b7f69a296d544bd9302ef69d0b1a5fc

openshift4/ose-docker-registry@sha256:542f957cd6ab4e54983d2a5f79aa0211c4cc7bda89932f73108468ce92d5de17

openshift4/ose-etcd@sha256:333771d8f2d89d9be903d5be5689ccc3f9491a76299ed48919a0cf10872aa0e9

openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:27fa10651ee271e3c3e2e080b486e2aa5c6866a6de45ecf26b5aebb041f50465

openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:d184144d2f192840df6b4824edad2d01b16206d009be41eb179de882b98c4558

openshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:13850234febf5f4c9007eec5fd947bdf21c882f4ab47914284d1451bc8127546

openshift4/ose-gcp-pd-csi-driver-rhel8@sha256:1e4fa8616d1f95eb9db9db2ffbaa3293df6808126a1f7f7ff6d855521085f89d

openshift4/ose-haproxy-router@sha256:78cb4e2dac7d988b8f22d136ccd223346d456d1f6b67e10a1e938c12915798e7

openshift4/ose-hyperkube@sha256:1833bab5bf62327fb7cc87f5e1ce19ff5b1352a3824e9c06f86cb9b9e13ca3b9

openshift4/ose-hypershift-rhel8@sha256:32175d2d3949ae7b718183e263ea03de00da6f0add4f037510225680b584e379

openshift4/ose-ibmcloud-cluster-api-controllers-rhel8@sha256:e0d8fbaefcae4a430a3d383448914aac4425de1d19e5dd4c2bcde6a2c68bb621

openshift4/ose-insights-rhel8-operator@sha256:7a7aeaf7619ede6c76ea115d165a9471f8fe8207689b2ee549991595995fecc7

openshift4/ose-installer@sha256:1e0ba639200ee982a6bf8adcf56b43db6f260412cbd2148aaa9d574f70759093

openshift4/ose-installer-artifacts@sha256:6595e1ca9d2ed39f83f1aa1b7eb16c8166a9235277691e0f36b085b7adc54b60

openshift4/ose-k8s-prometheus-adapter@sha256:145dc467ce35077bbdfee5b67c9592b654e217c88307b866b17bf64a9a5b73fc

openshift4/ose-keepalived-ipfailover@sha256:28f5121731bd2cbea332aa99bb3f39b5350dfc5d98177ba694fa706186314da7

openshift4/ose-kube-proxy@sha256:911fd99df1226f903433ebb9e21d92cfce453ba3fea05831b0bbde39ce7a7aea

openshift4/ose-kube-rbac-proxy@sha256:f458cf2099a8c3e5beeb63697c1a880dbf627aed935dfe2bf61506db1d7c758e

openshift4/ose-kube-state-metrics@sha256:7e32562d2acda30a0f919b71425b960832cbf6bbc16361684ae182b1984fb5bf

openshift4/ose-kube-storage-version-migrator-rhel8@sha256:8bf9dddec139ba0aad8a86d958ba17ea0d5792e7aafe53eddbdea94027716bec

openshift4/ose-kubevirt-cloud-controller-manager-rhel8@sha256:1e060138f1d66db4b84294d1b14ef745b3f4e8de984c0c309ce59e58a1ece576

openshift4/ose-kuryr-cni-rhel8@sha256:f47cafcfbf21d15009ebcf4ce56af62ea97e78d43e6e38be22ed14667ff7c73b

openshift4/ose-kuryr-controller-rhel8@sha256:11c3d2ea22a3bf9182daa9b7a24f283e583c13faf23ce78fab4309036ecd116f

openshift4/ose-libvirt-machine-controllers@sha256:2662eb60a1e6d12274802e8ae8f88cac637c3eb96c1087301dc3c1721b4aed3c

openshift4/ose-machine-api-operator@sha256:ae44df31bb832aed74f7437bd74eae36ed7565b171d7ee0b3b93fbe479fc9233

openshift4/ose-machine-api-provider-gcp-rhel8@sha256:5afb17f18bdc717082b4743f1bb8d12423283bbdef82edb4b546e9ecf781734f

openshift4/ose-machine-api-provider-openstack-rhel8@sha256:590f87284f23bbed11447ed0fc598c964997a071297665142fcce2afedfcbcb8

openshift4/ose-machine-config-operator@sha256:6bac18af0b53b4f130dbed892a2a40b933985ee13f9dcdece90e3d679f21c520

openshift4/ose-machine-os-images-rhel8@sha256:a096760ee34b5420ba7cfaa7599b1c323d281fb1d7cfc1b37c44307785f9a6a0

openshift4/ose-multus-admission-controller@sha256:645a70abf7ee3356ed7f333a219f240b265fd48c3146239dd7977de1b0b238bf

openshift4/ose-multus-cni@sha256:6b02cd093303379112c060a77d1148a4a2ad17e85f4115ae6110c9e2b46129c8

openshift4/ose-multus-networkpolicy-rhel8@sha256:b6b3fb6de17424d831ab15c2d1fb20bad5bce56cc66464cb8b4a0f11327d2c37

openshift4/ose-multus-route-override-cni-rhel8@sha256:d01c2fee31cc00672c3d4b6349cf11b7ef73ffd80377a28a764621674c7609f5

openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:a4dd05bef3b6c3908a12c8f78d38926489d907a3499f0872cfc0d5106653ed36

openshift4/ose-must-gather@sha256:b2c91b5ba529b14b3d903bbe19b798122b38371f902e7710a00c5a27b1df0f12

openshift4/ose-network-interface-bond-cni-rhel8@sha256:613718b8e5f7e6095b90a9fdf42360458d326498c27b5800160599c02448fb1f

openshift4/ose-network-metrics-daemon-rhel8@sha256:e94c02cfbc261c61bc7ed649ac89243b647b475d63f0e8e8cf23a2a2f35912b0

openshift4/ose-oauth-apiserver-rhel8@sha256:2f0d49c1822f6297f85901ca7b11431a7d3307b0a228d1266f75891b0cd01357

openshift4/ose-oauth-proxy@sha256:a236313a24a2ddaeb10ed83993bf822dd21294e172ead8424965e079ceed6528

openshift4/ose-oauth-server-rhel8@sha256:54f9dfc7ecf164fcce9d6c3c332fec1ab1cb429af313a88eb9cc0565cd40123f

openshift4/ose-olm-rukpak-rhel8@sha256:8670c1832c0782bbb8a2532b74e7319ad27718ff8e9382425e52b02415ceae65

openshift4/ose-openshift-apiserver-rhel8@sha256:313451e42f57adaec5bb41b1f4ba177366d2d1a4c4f1fc75a345c147918b9405

openshift4/ose-openshift-controller-manager-rhel8@sha256:2a059e9cc411fbaace76b259f98ba3b52b1b0bde7134cbde8f8979d6f73264ae

openshift4/ose-openshift-state-metrics-rhel8@sha256:979ea5b2c0b9b5e9834482cee24843a983634faff5c0a830b17ef0b8dc8602ef

openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:99a01b2e5fff10f78d6deb98172e6c3bf00e6e57dfac7294be6af461da9f5f7b

openshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:1048834071aeaa0631be230095f5b79b13c9cde770bf9de77e6c19d5da71b621

openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:8073c2f00eaa82c7767b01e529841ec7cffabf75ad34c7a3514ad5a9707595bc

openshift4/ose-openstack-machine-controllers@sha256:25c32c8d13b68d50ebc08cd49ac81553c0d7a7dc9c4b05440e4a089334cd1082

openshift4/ose-operator-lifecycle-manager@sha256:5a7e6c0e34f1adc575e6017638db9d23b2bcce754c6864d0d4aead3e2c185b2b

openshift4/ose-operator-marketplace@sha256:ba025f6196f7cbc98e7e4009e2aad2d4b2d4c5b7f6d3c607103f678def50cd23

openshift4/ose-operator-registry@sha256:85f0c868e0f1b903afae9d0e2b142d0e1fed2de50106d48043e1442ce791ab8c

openshift4/ose-ovirt-machine-controllers-rhel8@sha256:bfe08bb06b88e39ac22870f2e59f6170bfe1d82554e217f79f1525167622afb6

openshift4/ose-ovn-kubernetes@sha256:8cd78365e356008c9313677aa9854e9ea11e0873f2977b8fc4693402cb900b17

openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:5c1a43e8f4821e2ad39dfd3ded8d6c9bf60a4ef605edd02826d4b8734c2f9df0

openshift4/ose-pod@sha256:67f8217112129ce9dbba6a5e3e8efe494c1b6e49f10248a4ec684cf88cddd93d

openshift4/ose-powervs-block-csi-driver-operator-rhel8@sha256:673f33b24db2a032ed81122fdb3005dbd82b72052a846fae3df763e23e68193f

openshift4/ose-powervs-block-csi-driver-rhel8@sha256:eacb4fc53777e210f44691c1b45a17fe401ed94cf666038ec9a4746c165d4b78

openshift4/ose-powervs-cloud-controller-manager-rhel8@sha256:c166be98f1074d3f1b765544a68c1c7aacb6f9c1daeddef02de7f81b6ee80742

openshift4/ose-powervs-machine-controllers-rhel8@sha256:b1f783eeadc699709d858a3581477940f1cbbe1922c3904002fdaaab732633cb

openshift4/ose-prom-label-proxy@sha256:8debf974e01641b18d551e4a543ebe729c53bcc8c685a78fe7cbed5f014e8512

openshift4/ose-prometheus@sha256:3e0e202f0fd2c4db3bed5ce66ace27922c8336e056f2b16793a4c28289dd5ab4

openshift4/ose-prometheus-alertmanager@sha256:064caffc568d114b4fd261c81a659187cd5fccc45193174d4f6951d721b1a334

openshift4/ose-prometheus-config-reloader@sha256:4c984e5be384a67c6b8583bd6891f864a1d4e63b1c4f8f7918de03da95b29e78

openshift4/ose-prometheus-node-exporter@sha256:86a18ff268b4d677b03ee422187f1ca97aff6f18720dd6067b92f8667f4e3c16

openshift4/ose-prometheus-operator@sha256:ee0416aa40dfa3be5e5e4b2aba807a279a3dbc0e90d110fe84bae3a3f86334d9

openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:f255e890a1d1958c9ee43210005d00e4fd8d5bdbc04aee5306127e4404bcfc3f

openshift4/ose-sdn-rhel8@sha256:6d3f8725a7b9b01bfb64dc0d0d4bef033667a2808b243e9ccf60c1aa19afea30

openshift4/ose-service-ca-operator@sha256:b76fbc44bf71ab3f2c2f1878576b06da2d850e880044ea100c9344ea34e9d537

openshift4/ose-telemeter@sha256:cf9567a08e7858cc183f7ec3af541c917d84b56bc19f680138328bfc4b1f3df0

openshift4/ose-tests@sha256:e7547a0b19e34acb473ae9430944f41c1f36bc2b3d4c8f7b64b691eb5f76c7d3

openshift4/ose-thanos-rhel8@sha256:8cbacd0d3b90264b8db78d1d42caed3334041ffddfbd7652a4dcc5a5d50e049e

openshift4/ose-tools-rhel8@sha256:08c78867fc210cb94709274835dee9aba1d97a15ccf373a6091f50f149d7e37d

openshift4/ovirt-csi-driver-rhel8@sha256:5e8ba5c8a68315f13c3964b92c981aef878da0bca75cf938ec2696003e204aaf

openshift4/ovirt-csi-driver-rhel7@sha256:5e8ba5c8a68315f13c3964b92c981aef878da0bca75cf938ec2696003e204aaf

openshift4/ovirt-csi-driver-rhel8-operator@sha256:17119225042835db13fe2a6c095b867b8b59724426f7169ec5ffb0d416437a2e

s390x

openshift4/cloud-network-config-controller-rhel8@sha256:465e88a64f338cb194a2cd4515aaa6c9e44c29de23b0108768561d5b86aca1f6

openshift4/driver-toolkit-rhel9@sha256:d84439c1d8d3c5b0199af5b229caf45db40eb51feaddc45e78970d2b49d1e056

openshift4/egress-router-cni-rhel8@sha256:d009bab7e8bf5dbdb61ffd938a0905acc23f7414991444df9591da059fd1276e

openshift4/kubevirt-csi-driver-rhel8@sha256:7cfe864030fa6994500c5e76b4a04e243187243dc83f920632967026d514a1c8

openshift4/network-tools-rhel8@sha256:6b025c194ad66dd24df8b0eaff833d463e3e5ab26d84456a21220da08e0ae898

openshift4/openshift-route-controller-manager-rhel8@sha256:e036b7b517eacd7144a20ee77f02b208eda4d3d7ede792e55575730419a994dd

openshift4/ose-agent-installer-api-server-rhel8@sha256:f6ed40265513c68d459b542c7886ba01d88e672626756d1a601a04d57e715955

openshift4/ose-agent-installer-csr-approver-rhel8@sha256:93f62432c5652077816b4cec62cd8fb5582522f5d8ea68004b16f3ef3931a2f9

openshift4/ose-agent-installer-node-agent-rhel8@sha256:c74a1f88acb31e324a5bfcb79e795131c21e2cb97f4e340eabc39341735af110

openshift4/ose-agent-installer-orchestrator-rhel8@sha256:eaf178c8255c7632156ef2c484b7fa77a3fb5aff73bdbfc8f74dec14a5e29831

openshift4/ose-apiserver-network-proxy-rhel8@sha256:1d04307ee857ff0d3658469774a1a02f335b9b427e31e1d838a05fab09bb2f09

openshift4/ose-baremetal-installer-rhel8@sha256:55f0f440baa77a14771cd0d6747334b00624969d553808e75891449b035f7875

openshift4/ose-baremetal-machine-controllers@sha256:85d9647e0bcb616543d771d08cdf25a7023e72d1139bf9ab66f58739564eb059

openshift4/ose-baremetal-rhel8-operator@sha256:504401a22675a9f4224275120badb9bf87e4073a85ff3b7977334442a4363939

openshift4/ose-baremetal-runtimecfg-rhel8@sha256:14f1fa20b08731cdb1bf90f8d4e41bff283c7db826dba9b5923053cac5ad3be1

openshift4/ose-cli@sha256:c3a808a99ee2175726826e9937be8a80e1e10d186afbebe5a851745fbbebc63e

openshift4/ose-cli-artifacts@sha256:66751b4ab0c079139cd967bb3ac9a71234a743ee5da3ddc0358b67abb3ed6bfc

openshift4/ose-cloud-credential-operator@sha256:09100ab4d6ff325d9eb186624022e837cf328c71c89995cf6f935a9f25bddcb4

openshift4/ose-cluster-api-rhel8@sha256:dfee6aa0484182c50cdb5918214fd6a04897643ee6111884793397ec0c5c1950

openshift4/ose-cluster-authentication-operator@sha256:acc1e1dd80667e555037971190efcb867f27688715b5b0b4bcec048417b55426

openshift4/ose-cluster-autoscaler@sha256:fffd9f5c5e5ef2d622b960480ad2bed5f24324d45e36b7a3f7be85eeb8eaa984

openshift4/ose-cluster-autoscaler-operator@sha256:53f64b5f54daeda17e848867b4c4fc7208183908ee14971ef2d70bdd539c6e0b

openshift4/ose-cluster-baremetal-operator-rhel8@sha256:33f8709a5492415729035e539192c954013ede6d93851cf805d7f33816dac2bf

openshift4/ose-cluster-bootstrap@sha256:31ff1f182783e0c602ae42a1c34282481911f1ec30ab798642e733ed0f2d919b

openshift4/ose-cluster-capi-rhel8-operator@sha256:e5a0714f96440b60ec585e24b18770d216d6c7b76e355156bf6b660af733d5b1

openshift4/ose-cluster-capi-operator-container-rhel8@sha256:e5a0714f96440b60ec585e24b18770d216d6c7b76e355156bf6b660af733d5b1

openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:4735e69db3671de902b260831103f7f90de8e32def98468365cdfeb5581db0df

openshift4/ose-cluster-config-operator@sha256:7b32586bb414cc413d0c68084fd39a61f9a5ba8ca252a938f5b917a4476e0159

openshift4/ose-cluster-control-plane-machine-set-operator-rhel8@sha256:c0222c563f57fa9269cc338c6d05b4a60450d3a5ec2da2b31dfdfc1f381ced47

openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:17628c2afe9164c2a6678c155623a12ef477258d6ceecad5e43bfae45490e7eb

openshift4/ose-cluster-dns-operator@sha256:e5b95b58209b8b5202c132f6b1f8c28aa5313dfca595ced9b8ee3231bb3f2853

openshift4/ose-cluster-etcd-rhel8-operator@sha256:2c793f353c2d986bd18c68edb49e1410bb71cae47db2e6fa280e4c159ea4c32a

openshift4/ose-cluster-image-registry-operator@sha256:0271036fbfdb49ed847565c2a4df40a16e6e98e3ac8fa52d7d2da6d031e6c861

openshift4/ose-cluster-ingress-operator@sha256:20e65f63de85c9081ba42a9febd403e04cdb3db3210403b0d137282c17cfb8e2

openshift4/ose-cluster-kube-apiserver-operator@sha256:18024c6ee408a11386abaa98c3720fa6ca5fe4991e2b812d5c020bf78ed89101

openshift4/ose-cluster-kube-cluster-api-rhel8-operator@sha256:d7a231d2a0644c24433ce4fd1461baf2a0afbf6c1886eebabd0587c1fa61d23f

openshift4/ose-cluster-kube-controller-manager-operator@sha256:2f2ec4199daee66413d806b640514a9fc7a4689ef60e081c5ee5dd5b9d71089b

openshift4/ose-cluster-kube-scheduler-operator@sha256:d534f15a35b164caca76929fde9ba35cf75fcb37f5acd9158d33932c19db0e35

openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:4fe59a90ee2dbc4ccac7c2473f392818eaa0080580d496b2331c7e4b933e56b6

openshift4/ose-cluster-machine-approver@sha256:72ee5e4b89577b185af3c395ada717403a3a6fefdc6b8ac7f7649c187a43a24b

openshift4/ose-cluster-monitoring-operator@sha256:43d42539a7880dae20113b53180cfe065b0a8512167e1a0fe8238992a11379af

openshift4/ose-cluster-network-operator@sha256:f84e47414cda598f1ad8f52abfcea59b828ad9e6b45f47c854ae592242452806

openshift4/ose-cluster-node-tuning-operator@sha256:de6269b8a4f917f2da50ecae3c1bc78ad9061fb2a8745b40935a9cb641e0c59a

openshift4/ose-cluster-openshift-apiserver-operator@sha256:520d521019cd1ba30ced0be4b90ec75a84124779ba4f9b7c6cf710e4e64044d5

openshift4/ose-cluster-openshift-controller-manager-operator@sha256:a7688ce5c931d5127e93414d58d4371f65ccb0f32c827889620f5612c05dea45

openshift4/ose-cluster-platform-operators-manager-rhel8@sha256:60492419898668da2b78ebb3004e33a2001a322291af5f224fe0b0db131b6bcb

openshift4/ose-cluster-policy-controller-rhel8@sha256:2f47e8c33e06ec972074ae95555f613d223e4f7a76e8b69d1ea3e3af8d273301

openshift4/ose-cluster-samples-operator@sha256:9e4193f17e794ae804d8c8180b703ac70e4a91c4b3e3c861db5fdee89cbfa84d

openshift4/ose-cluster-storage-operator@sha256:545742f97e9bea7cbfd07f48a45dc8aafadf5729e45c3969f612213dd0edff40

openshift4/ose-cluster-update-keys@sha256:959d6220eb73d4f8e9797971cf5ad6c544c349339e99152cec33fedc0692e9e7

openshift4/ose-cluster-version-operator@sha256:a4b21466fd12d5289567d0eeae373e604472ba623a92a5e8280fb7fbcb610e27

openshift4/ose-configmap-reloader@sha256:2836bf5521eda00ec8688e04d3051a4f545c650db8239d7321fb782963eabec9

openshift4/ose-console@sha256:237347908412343c83f21d0e188edaff8ff98c44a5435c628420298c2627a0b9

openshift4/ose-console-operator@sha256:36ff3a86b3d7555407ff4679639f4d1bf3da91338db100e421a49878b62e69e1

openshift4/ose-container-networking-plugins-rhel8@sha256:399217e89354add973c02fb1e818d91a0972601f907660996918436cb7e506bd

openshift4/ose-coredns@sha256:3ba54f4eece4480f4e76ee56a58368b944297ffeb74ce2e04657ad64bd16bcfb

openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:2c887ead90c7e7f660a1446a8a452e95646da465cc487311baffa5fe7bcdeeb0

openshift4/ose-csi-driver-shared-resource-rhel8@sha256:e80b1505cb2f48dcfc600d7b0f3a37d891b638ade621414ef205a7ffec868c92

openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:db2e587b6f4a614b93c2a31d4da85dabecf089eaa0812c6e2fe5452e30289892

openshift4/ose-csi-external-attacher-rhel8@sha256:383d9da58e5a2c9fb972f3bb1785e8a290ea21c3213c33912daa596de46b4c37

openshift4/ose-csi-external-attacher@sha256:383d9da58e5a2c9fb972f3bb1785e8a290ea21c3213c33912daa596de46b4c37

openshift4/ose-csi-external-provisioner-rhel8@sha256:e56885e2abe60b6a55861055c8accc4befed2a942abec738d62892d340ddd4f4

openshift4/ose-csi-external-provisioner@sha256:e56885e2abe60b6a55861055c8accc4befed2a942abec738d62892d340ddd4f4

openshift4/ose-csi-external-resizer@sha256:e7c8deca8c2b51a124677291d3ec723f831f3df67d382c04f7a00064fbd8d4ab

openshift4/ose-csi-external-resizer-rhel8@sha256:e7c8deca8c2b51a124677291d3ec723f831f3df67d382c04f7a00064fbd8d4ab

openshift4/ose-csi-external-snapshotter-rhel8@sha256:b19226c145c3d9aabf5b787caef23418a8f65e775d02100e2021dc5341abd122

openshift4/ose-csi-external-snapshotter@sha256:b19226c145c3d9aabf5b787caef23418a8f65e775d02100e2021dc5341abd122

openshift4/ose-csi-livenessprobe-rhel8@sha256:64468ad2217d5a3d55f3975bb942bdf30953c2daebf933da187d1e84adaa0160

openshift4/ose-csi-livenessprobe@sha256:64468ad2217d5a3d55f3975bb942bdf30953c2daebf933da187d1e84adaa0160

openshift4/ose-csi-node-driver-registrar@sha256:8df87fa456f95250bdd24a5c3e29c4844698ed750d28002b44632c423e719eab

openshift4/ose-csi-node-driver-registrar-rhel8@sha256:8df87fa456f95250bdd24a5c3e29c4844698ed750d28002b44632c423e719eab

openshift4/ose-csi-snapshot-controller-rhel8@sha256:c7b929df1163bb509f5567b187c3d6c3e9adcd999ffce9d140d64c0efb03e5a7

openshift4/ose-csi-snapshot-controller@sha256:c7b929df1163bb509f5567b187c3d6c3e9adcd999ffce9d140d64c0efb03e5a7

openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:916404095422c2a722b6c73fb47bd295ea6e456a1e6c754e74eb40b0769036e1

openshift4/ose-deployer@sha256:7932db4120d4179c86f41a2fbcfc7fa9274ff4bcb4691f28acfdc937618e48e2

openshift4/ose-docker-builder@sha256:9b6449b015ce2e972488e4bce51c920dfe14ed585ae02d9e72c5bae0b8804fc1

openshift4/ose-docker-registry@sha256:050de2cb3fa434296f28932dc78eb3792672ca6073069e3fab970be91492730c

openshift4/ose-etcd@sha256:a79a767c1d54f8633bd5d88ab9b165420bdc9ab009d25fa78616295c4c0624dc

openshift4/ose-haproxy-router@sha256:b4f38999da22070ef8a6bbbee01d8cbe8b9bbce26a35cab24dc46a026e09e73c

openshift4/ose-hyperkube@sha256:f5285a36df19ee9bbc427804508aaf4ed64d28fb7a7cce9c7d39f68ac58dfe16

openshift4/ose-hypershift-rhel8@sha256:35ee2b5a48a5002e16465a7edab963d80f45a6caefb8ee6c2c7a004271da47fd

openshift4/ose-ibm-cloud-controller-manager-rhel8@sha256:67e21fa7a4a6f6ee02d7419cc7a281d60a700428ac201f38f9b5273b53666ed9

openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8@sha256:49991ba361084febddb478abc96a352011795a9024ab683c176f344b5eb444ec

openshift4/ose-ibm-vpc-block-csi-driver-rhel8@sha256:23e7220504514848ccbbfc2983d6623ad380c82d0e05ccc2f3b503ffcb6ee76c

openshift4/ose-ibm-vpc-node-label-updater-rhel8@sha256:5531f8297b9631e48fc6f3194b193ffb9b2d0003d5812b27b5295ff87ce2cd30

openshift4/ose-ibmcloud-cluster-api-controllers-rhel8@sha256:a98db30906c345a512c3041c106ca34bc7a3e5e117a411986def7efd62d372f3

openshift4/ose-ibmcloud-machine-controllers-rhel8@sha256:4d91950d364f19acdca9c15c22e37e405f20c12628e4697b17c3f26c0407337d

openshift4/ose-insights-rhel8-operator@sha256:20d54a2752e43b8d41f20d7e538c37bbca33c36ba28a45404fe1e1bd57316f4f

openshift4/ose-installer@sha256:70385dc5d555a674bde842ed0693d22f1739f4e868f7b2683ec87a7423a7d53f

openshift4/ose-installer-artifacts@sha256:4afefd7bbf5f6c826dd82b63db7ad433c5c9b2e886935b9eb259c4011c92e4c6

openshift4/ose-k8s-prometheus-adapter@sha256:87f14ad36fded0e744bfdae7daedab0f75dd2bda83a0fc1f7f086f2cb057fd7f

openshift4/ose-keepalived-ipfailover@sha256:e0972988a24c14b11420287aac9eb752b8f3ab93e7d3e029d2d82de066e0cade

openshift4/ose-kube-proxy@sha256:240fb6b643f36133d8f584590b1f695b62ed0cf104f655a162ac3f3d1c11fd64

openshift4/ose-kube-rbac-proxy@sha256:23dd08460a22650558d92dc07770a7a3cfa48f6b89018fa635c896654552a2a7

openshift4/ose-kube-state-metrics@sha256:67379320c588766ad1decf401f36f60e19511d87942aa8da6757fc30cf2c669a

openshift4/ose-kube-storage-version-migrator-rhel8@sha256:577ff1e892925974ae571dca68a811b34f3a6fe89c0f9f6602aebc207c05aa0d

openshift4/ose-kubevirt-cloud-controller-manager-rhel8@sha256:dc7f51520142639e77952feed0528a38447783d6fb7ee389d7acaea1bcb065ae

openshift4/ose-libvirt-machine-controllers@sha256:c6b1855529984d5035ea4eec60865740517122445dd3f615340ce030ff09fdf2

openshift4/ose-machine-api-operator@sha256:44f5828fc487d50eda27dd152f8159305d48af49e86062d7eada2931a68e540f

openshift4/ose-machine-api-provider-openstack-rhel8@sha256:7383f88b2e46856a68534dd1c604edc059a21e539aa1648e16f2f5ebc5b98702

openshift4/ose-machine-config-operator@sha256:8518d0cd8094213412fe081475bd740e532cb8e4fc52a95372dc314f8dfa6831

openshift4/ose-multus-admission-controller@sha256:e17fd99a872922d01d639ce6a8159b467db8bdebdb316f386dcde0ff60e5f1d9

openshift4/ose-multus-cni@sha256:c81e2b8dfe203862affb6838a094d1628862a5e03a60ed6d7c316ae99aae5d1d

openshift4/ose-multus-networkpolicy-rhel8@sha256:f5bfd9781ac3b6ddbef048c98cbb11489838bddca149a85abeb5fbf7f2cca25e

openshift4/ose-multus-route-override-cni-rhel8@sha256:922e54a4b541969de75511965a2df270a25eb7d1d31d358f60985b0dd0b59e20

openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:d90f6c0fbbdc35853e45e1f0c91d310258e88836b2aff63b967295a2b5f7893d

openshift4/ose-must-gather@sha256:708299db80e4906cda2e3623d7e98049779c2eb5151328e4ea8897f2bb26a489

openshift4/ose-network-interface-bond-cni-rhel8@sha256:7c9daf751d41e06b0cc74f1f4138b8e38674ae1175cef07ce7cc5f74533cc297

openshift4/ose-network-metrics-daemon-rhel8@sha256:869cc12000d4c3eb7c4bcbb802bc68d53273dad69045151544f7384d11d74d94

openshift4/ose-oauth-apiserver-rhel8@sha256:f479d4e1908d4a871fc4266e828f78441ae6243dbd6d6a438c1e7f54d411e567

openshift4/ose-oauth-proxy@sha256:fb5b9954da690b0e3c8df53d36edcda86371c8f71e57b782d65c75c5e6208dcc

openshift4/ose-oauth-server-rhel8@sha256:0e0b91a30b652bca508db5db623db647db818dc1ae7e2d79d2d15db763b84d51

openshift4/ose-olm-rukpak-rhel8@sha256:ea1ab17ee1197e74f30360c378bbdcc84f8c0fc6346dacdc0ae75827281529fb

openshift4/ose-openshift-apiserver-rhel8@sha256:e1a9db9bb61264052e1ed49875ec39f0ae6de635fa94aedc41aa4da04ac9c61a

openshift4/ose-openshift-controller-manager-rhel8@sha256:961f1cc223602dcabff6bbc73a3a587ad0676b349d05f47e1c27bb55a2bcf72d

openshift4/ose-openshift-state-metrics-rhel8@sha256:66b41491fc2d8697ce1470f0e5844f06fa6a6e04589e201726bc29f9e28412c4

openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:ee1e6086c76221f5df9bf889392ad8969b28f9d41e30d1bd49f8bbf2061f69e8

openshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:b3b252b4f87bacf34d09f335c16aa39a71835a2195e72fee740c78da6e4b9045

openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:e1b2f2075b791cd6799017a8387e0f8aba34dcb3ce16f833209d115f1093813d

openshift4/ose-openstack-machine-controllers@sha256:3a001d99bb725d774d83e172989af0fa88a022edc26d172595d29561784aaaab

openshift4/ose-operator-lifecycle-manager@sha256:941c380b416b64128a179467e1c300310afb387aabbfec42a3817a920db73f44

openshift4/ose-operator-marketplace@sha256:85689102564da53c16471e521ca8e28586ee648012a59f980d57c45c00ee4cda

openshift4/ose-operator-registry@sha256:698fc53f078f54c09ceb7654852027f50ed8e95ea67ee6561892571ca1bdfeff

openshift4/ose-ovirt-machine-controllers-rhel8@sha256:3b1e9e29e0fe79120e6389d1d61ac9a466d1c52fd150f9c13cf65964a9512375

openshift4/ose-ovn-kubernetes@sha256:b7a28f9396c35aca1b5c402ef80b9350bc6b0c2c1b9a943b6d5c969019bf5b9a

openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:8e5e3cccbea63a8842de1ed762c59857691f011501e8a1155896d49f49e1a933

openshift4/ose-pod@sha256:8fb5ab89d204e158523a914c8343eb0441f1313d9cc2d57e268f912af8f43f7a

openshift4/ose-prom-label-proxy@sha256:a9c9d85887b7f5e0673807d9f72c96eac8c1a46ec0625f8e57aa6f98a37efd29

openshift4/ose-prometheus@sha256:2ef9a79a844608f2de818e519fab02d9dd5f289fc7ed537b43fd8b8da5c71f26

openshift4/ose-prometheus-alertmanager@sha256:e2279541e9c9b83dad32da2eb1f91236c1bd2b8eed1ed70376a086e4050980af

openshift4/ose-prometheus-config-reloader@sha256:5d4f432ec5ddd379b3f7a17c0d6a1cf1e1132b31cfea04c7f1a96413dce47fa8

openshift4/ose-prometheus-node-exporter@sha256:014d26653b942c780624f9c48428be3f4d6aac77f97a3c588f8edf3a79d8d1b4

openshift4/ose-prometheus-operator@sha256:64a6c5c45628a4415d057fc014fd39ba31f47a3c702ee34314ac49e68ee48ec4

openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:da8ac8cd4252fd8958f8d5af21f5a369dcb7a64346718d87994139bdcc930632

openshift4/ose-sdn-rhel8@sha256:d82c2eb8a7e50a3e50d267909c01deeeac7e8df94ede7daacd257f11de081e06

openshift4/ose-service-ca-operator@sha256:7d66330f2a845bcc5b0fb1f957f19c7cec59c619675088733cac4a9c2b9b2b36

openshift4/ose-telemeter@sha256:8e4ff8d72ffe2934e6716c10783dc65839740e00d8b2ad5243a2fdb583d7145e

openshift4/ose-tests@sha256:4d747db0805104289bf8ef8f5cbee6966cb3b095b356277c3e868679bb615ea3

openshift4/ose-thanos-rhel8@sha256:85fc8bb9aa8f50eaab77536cb9d176d80960e153499d32c5d9357d6f439bc753

openshift4/ose-tools-rhel8@sha256:e6d0235ff5eb99f6406b2ee2935f6677e1334012bfb8fba9df14de6318acb579

openshift4/ovirt-csi-driver-rhel8@sha256:29e95147ead18535d30292d9b0b27b2805e50c3d73e74d342f45238a7b3fd934

openshift4/ovirt-csi-driver-rhel7@sha256:29e95147ead18535d30292d9b0b27b2805e50c3d73e74d342f45238a7b3fd934

openshift4/ovirt-csi-driver-rhel8-operator@sha256:73925ab3f902f67de479bafb053c936177f9fb603e5cf62a97134ed2d0b1ca3c

x86_64

openshift4/cloud-network-config-controller-rhel8@sha256:ee6d69662b4ba872db6f1bd76e01194875ef73591fad7c979b4ef6b13a7aa001

openshift4/driver-toolkit-rhel9@sha256:34586bda6e4661b46c44559dd15e2f2bd9e31a80b134cd6fdcf659c2ae21a74b

openshift4/egress-router-cni-rhel8@sha256:63dea6a6b1d01193fc2bdd62484fa0119284a3040b929bf78dd69edb2dfe74f7

openshift4/kubevirt-csi-driver-rhel8@sha256:dea58f77bca449d2613625e913ef3b4fce7de9182f0aec4cb68aaf4efe6802b1

openshift4/network-tools-rhel8@sha256:67e97d37ef5cf3fd57c71efd4778beda43bf3c55858f6e3889f3026c5e718a0b

openshift4/oc-mirror-plugin-rhel8@sha256:271ca4ff56ccc820e269f16b4b40be5fa0a928999cc0c3282252978d2ea00fec

openshift4/openshift-route-controller-manager-rhel8@sha256:801b5f076455a2bba7f82366182117dddd292fa34ff6237ef2d47061ade19aea

openshift4/ose-agent-installer-api-server-rhel8@sha256:a97f7d5ea185f5f06c5d9604b52bb4cc211bfb9455d90e32da98415d3d623e8f

openshift4/ose-agent-installer-csr-approver-rhel8@sha256:ec139e8f2e721e02af28e3af4cde65316409d42b5d9360b756908abcfdb1359e

openshift4/ose-agent-installer-node-agent-rhel8@sha256:eb0e6abf256c7452f3460665e786b0e27e896839ce41ba894e2429689b81a61a

openshift4/ose-agent-installer-orchestrator-rhel8@sha256:c826b2b6548ab6c25347fc09fd85b9b9c12c34d089bc9fdd21e835246275667f

openshift4/ose-alibaba-cloud-controller-manager-rhel8@sha256:dd81716a9df41055cc83fa5d3162d9337dc68b89254b1d7b58924e065e0afdfd

openshift4/ose-alibaba-cloud-csi-driver-container-rhel8@sha256:359b506567dc21ae6a0aaa6466f25b319b1f787f9715b60ed18c84671d426aa0

openshift4/ose-alibaba-disk-csi-driver-operator-container-rhel8@sha256:3e172bdd99f0a745ff4de328f599192de10fbc790733a95b8c49c9e779eb6064

openshift4/ose-alibaba-machine-controllers-rhel8@sha256:5a6b417c24bdc1ba7b1717fcfb471a72fcd3a811150c0a1941dac9c74ed900aa

openshift4/ose-apiserver-network-proxy-rhel8@sha256:be64e5a8e977d619ad655a02321e9260351687e1245ba72fc0680c17a3b1c82a

openshift4/ose-aws-cloud-controller-manager-rhel8@sha256:88b62f5038731ef4e1884cde756327c921a0e04f7b21f6cf9497fc91e1688b49

openshift4/ose-aws-cluster-api-controllers-rhel8@sha256:a699ebf1f26e9dac6a5ac63ae4a938255d40fe847aa8202ba87abc1991ad617e

openshift4/ose-aws-ebs-csi-driver-rhel8@sha256:bafdf5560187434f5b36b876a4361776466a12721190467654a7cc3fe0e95399

openshift4/ose-aws-ebs-csi-driver-rhel8-operator@sha256:9c95476f48a07c9216feacf30b7100a708fc37a3b79dd6fe569e433115e8be4f

openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:42c51b18fdd0cfea36c79b9d2e20e6737fe0006b654eb4a3b7f660ddfa9b1e8b

openshift4/ose-azure-cloud-controller-manager-rhel8@sha256:221d1f8cf4bb7417fcd6e6bde063f3b6eea2c8c4cdfb5c7dbcb999b2e2befeb3

openshift4/ose-azure-cloud-node-manager-rhel8@sha256:c8f59dc22f5a3d0219adf1b4a7f286ab1e680384fb6a6172e8ea5c58df63e460

openshift4/ose-azure-cluster-api-controllers-rhel8@sha256:daed26caf16c598558049913208c5604639625d22b37db07ee5ff489ca21d6c2

openshift4/ose-azure-disk-csi-driver-rhel8@sha256:6130e2ac732364f41f9770914b1e4dcdf75e343150744c75a9ff88f1e98c93f9

openshift4/ose-azure-disk-csi-driver-rhel8-operator@sha256:fb16bdf6e10ba13d2192000fd33c5c6d3c1c8f995a092c31b0b29c7665f31875

openshift4/ose-azure-file-csi-driver-operator-rhel8@sha256:9efdfaf8d05b380835d2378f020e8ee399c01846b5886809f09a3e7bdc779d91

openshift4/ose-azure-file-csi-driver-rhel8@sha256:13b49ace9089bf129354590ba36965c9851d3b571d348e1285cd63d79f6e4b40

openshift4/ose-baremetal-installer-rhel8@sha256:503e394ac7f4a3a48c4074b97fdfdc38417948cf2bdb6a2330d595239b7f8c7b

openshift4/ose-baremetal-machine-controllers@sha256:37355d51c4be3e1b13c0500a58c563f355659751f2072eda509b60ae24c3a3a0

openshift4/ose-baremetal-rhel8-operator@sha256:2452289fa7984874aa1e695ad33d7d90a4b6d7d7594ee2254d9d0e94b201e31b

openshift4/ose-baremetal-runtimecfg-rhel8@sha256:8addbdc47b88e35cd671876ec9b3cc3374e1a759011d35607e81d0c5021adbff

openshift4/ose-cli@sha256:32ab0603ce106edf18b5da1870dace1e37642680565bbec483bb8e6a1c06fe91

openshift4/ose-cli-artifacts@sha256:b863ccbe9a9fa6854e0a57c2de053ffac22a480c342a550f90f36494bf74dcd8

openshift4/ose-cloud-credential-operator@sha256:902c028e7871ad37f0aaf28e83f16cd2072fe521081767c00229292c6c4cadcf

openshift4/ose-cluster-api-rhel8@sha256:17cb9df4af28113a500c55e7d61b55e7d1a242e0a26bc2093775bb2cc0bbfad0

openshift4/ose-cluster-authentication-operator@sha256:1e7c12521db4afa08c6bacba99b9573c8ba90dc25d8a7d3ca1312a9c766e92df

openshift4/ose-cluster-autoscaler@sha256:3ab987d1c390ebeb8888dc12a33f3f2eda67d213b353aaa248fe4f1a5f2765bc

openshift4/ose-cluster-autoscaler-operator@sha256:182b342e5973afec8d506ed4ae72f67528a89093aa5b677adfb696ad7eb841a1

openshift4/ose-cluster-baremetal-operator-rhel8@sha256:eb4bb50455a80a148136feaee3fd010072f5557f5a90550d26ea7ea7b469dc52

openshift4/ose-cluster-bootstrap@sha256:ed2ccba3570f4721af977756f1b344f6d73d0a1ed5d31fa23f17b6b55c715738

openshift4/ose-cluster-capi-rhel8-operator@sha256:24225fda4dee7464496d5173cc929ecb8edc9ffbdaaea943ac3af931fc639ee0

openshift4/ose-cluster-capi-operator-container-rhel8@sha256:24225fda4dee7464496d5173cc929ecb8edc9ffbdaaea943ac3af931fc639ee0

openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:a8cb9345ed210a44760b6426e915a9c17912ad1f9f71bae5fedbc5f49544225c

openshift4/ose-cluster-config-operator@sha256:45f4f745bbbff9c479f7fed638dfecc719cb038b37bcd2816d933004c863e3a6

openshift4/ose-cluster-control-plane-machine-set-operator-rhel8@sha256:e79d792f758ad47ca515a79de707488ee10e27e63c1a2a1a3843b60dec706bca

openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:c2269c9374eebe0a87920845aaa47ab27e76bd943f53a18b7bbc11f6d788c141

openshift4/ose-cluster-dns-operator@sha256:fa7b737e0bf9c421f57d614e888dfdf5843c15e8deae3c20a4a6e2c2fe8a98ec

openshift4/ose-cluster-etcd-rhel8-operator@sha256:184c12994be8732331a19f259cd80515da93c60fabe9d3d3e114b8a51841c45f

openshift4/ose-cluster-image-registry-operator@sha256:7532c3fa391ccb3456f37743fc6b37e625b1141a2ee1edea34bf43016b6603b6

openshift4/ose-cluster-ingress-operator@sha256:d2ec0a65474b403e6e809cbb1da178c09c638ef0a5a28c300243daf03e8e2432

openshift4/ose-cluster-kube-apiserver-operator@sha256:5b3e418adfd856439dc62797c3514ecf9f79625d60b395c2a624141051798b2a

openshift4/ose-cluster-kube-cluster-api-rhel8-operator@sha256:a23622a9114f3c56e1f68a7c47a1fb2a88da5c92ee44d72d68d375a3e4d487a6

openshift4/ose-cluster-kube-controller-manager-operator@sha256:c3a08e873d8c9c76df06de46c5b06b873e1d83f0871af8f3fad6ee4d0d98e416

openshift4/ose-cluster-kube-scheduler-operator@sha256:fe258d740a987fade84ad31a8d3febd6b43373a859e81aa817b76372e35a6474

openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:c565a57048a62fdbeb3528847246467bee214ffc364ba502b4501c981458dccc

openshift4/ose-cluster-machine-approver@sha256:d958ac8b8092dec0e31c6c6a8138377f42d8ae7189a160ea9a14b338cea238b9

openshift4/ose-cluster-monitoring-operator@sha256:b4b696b8f59492e3904529b0c3e409f81d6e6ad52f3d3e6a0d5c1119a032bcd0

openshift4/ose-cluster-network-operator@sha256:60becea80ed789f727a9c5e2ac8f9bf172d9ec8b7bac837466f595fb0eb97ad3

openshift4/ose-cluster-node-tuning-operator@sha256:c8f2c68bb1bf958c10b0bd775d7a88b87fe97c05ac26396ef145c2d66d79be0f

openshift4/ose-cluster-openshift-apiserver-operator@sha256:e2a386fb3c0b3fcae1660d790e01eaa4f2c44cb8a532b4500ed7dd6d12bf1168

openshift4/ose-cluster-openshift-controller-manager-operator@sha256:fc323d69f6f47d2b6a7f1a8a3d4fbec35e0e42512fa035417bd374b17a874b0b

openshift4/ose-cluster-platform-operators-manager-rhel8@sha256:1431b07f511e6bc41062fdb9296b620d906a77779f8a570f0f9a22f2b13ac5d2

openshift4/ose-cluster-policy-controller-rhel8@sha256:34701223f98aedffd113cad4fdfd15e5196607f6321633241ddc21157d780e7b

openshift4/ose-cluster-samples-operator@sha256:b7d11ce7b9969a416713fa1a8183ecf7a8338baf2d6cff84017b38edf1fb9a5b

openshift4/ose-cluster-storage-operator@sha256:6204dc6caa6d81e0f6f4f8b0bfc0462891407129938577accab652516297e9d2

openshift4/ose-cluster-update-keys@sha256:9cb29b467e20da831daee2391c033c273b653758f78b77e80dfba90d76b9b2ea

openshift4/ose-cluster-version-operator@sha256:9985b0e09bd9f6133c72cb2f0f56fff6a94c3ecc1210a195e22fe1c182e31949

openshift4/ose-configmap-reloader@sha256:cc61c82d03006a7524a4e834223e27d1cf022375066daa09a1f6e3e878aaf07b

openshift4/ose-console@sha256:4df9a1b3515c7d22d999384a77c37fde704498e69ab581290fafafd0d266c5ad

openshift4/ose-console-operator@sha256:c972e3dbc6dd3c994d1058769d64d3553fe43524d99f91c49031c7efafa27ef3

openshift4/ose-container-networking-plugins-rhel8@sha256:8030bb8e0d7dd5f9189b1dad4a860f60c01a0a807f3b8230f0a2d052128136e2

openshift4/ose-coredns@sha256:8eb6714b4a1e9e2df3e09e1a815825ba3d7b417422621b2f61a9bc62bbd47e12

openshift4/ose-csi-driver-manila-rhel8@sha256:910da52a204debd36613fecbd32e363cda53b8107d10018b2497df16c616dcf2

openshift4/ose-csi-driver-manila-rhel8-operator@sha256:12f0a04cb8e2adbeb4e18e873738673a876cbdb1c736489d60c4de9e1ddd53c7

openshift4/ose-csi-driver-nfs-rhel8@sha256:d8eb7902c3060459ad56fb1beee786c8b93bd5d17f3a30a187b181e48b975a19

openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:3562bb6db08f493ff6e10efa3ede017f10dd435d414593ca293b63d213be4dc1

openshift4/ose-csi-driver-shared-resource-rhel8@sha256:996f70a20c86339513bf5036a57e5ebcd8b8069de44ad376c5b60f71aa3279f8

openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:a3548d8de5a187095bc0edae3b3fd03c939e506b0082081bbcae4e9e60c1f2e1

openshift4/ose-csi-external-attacher-rhel8@sha256:f8672859aeaaf325ff46d14b3f9bd040a45c782bedd14860bb06f190b3d88bf7

openshift4/ose-csi-external-attacher@sha256:f8672859aeaaf325ff46d14b3f9bd040a45c782bedd14860bb06f190b3d88bf7

openshift4/ose-csi-external-provisioner-rhel8@sha256:19df4d69b6c1a9833e0a57433eb140ea5af1b4ad1c6b50f8ff28f4c7a22bf5f8

openshift4/ose-csi-external-provisioner@sha256:19df4d69b6c1a9833e0a57433eb140ea5af1b4ad1c6b50f8ff28f4c7a22bf5f8

openshift4/ose-csi-external-resizer@sha256:99f5a0a67e7776a7e79f7edb235aaa4da96491ba2373463a1c02835623dc72f6

openshift4/ose-csi-external-resizer-rhel8@sha256:99f5a0a67e7776a7e79f7edb235aaa4da96491ba2373463a1c02835623dc72f6

openshift4/ose-csi-external-snapshotter-rhel8@sha256:02701b227a32d2baa98c0a74833085b72744b61db0c205bc8989fa5c28cec264

openshift4/ose-csi-external-snapshotter@sha256:02701b227a32d2baa98c0a74833085b72744b61db0c205bc8989fa5c28cec264

openshift4/ose-csi-livenessprobe-rhel8@sha256:ea654a2c8a71863e6144267ab47d612fe49ab4eb5460f07a1367a90ec18c119f

openshift4/ose-csi-livenessprobe@sha256:ea654a2c8a71863e6144267ab47d612fe49ab4eb5460f07a1367a90ec18c119f

openshift4/ose-csi-node-driver-registrar@sha256:362dd0fb05869eb1a6d888ef6426e7659362e7dfc8d187db67c78c713c10a9e5

openshift4/ose-csi-node-driver-registrar-rhel8@sha256:362dd0fb05869eb1a6d888ef6426e7659362e7dfc8d187db67c78c713c10a9e5

openshift4/ose-csi-snapshot-controller-rhel8@sha256:3ed582b9d0916e8838b12491990ea96075efe59004f9cd6c145cfad186a4d63a

openshift4/ose-csi-snapshot-controller@sha256:3ed582b9d0916e8838b12491990ea96075efe59004f9cd6c145cfad186a4d63a

openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:cba25282520c6f065b58ea208923ac6f3c341da6b32c877b4d5d0b72c116162c

openshift4/ose-deployer@sha256:49bfbbbf768c2c7f893bd49d6b87c2c2925e879b7e8a18eb01222b4184e4a71e

openshift4/ose-docker-builder@sha256:b76ebe257424c1a19fe3c4e5eb14cf3bf29930a6bfd7811e1648c2da0aebb16a

openshift4/ose-docker-registry@sha256:9292538fd1a9b69752115d81062b93ed4d5d5a12ca94db31349ae90c9b365ccd

openshift4/ose-etcd@sha256:892330e982fc250890b619e5862fd4840e0e5ada538f41623d592fd40a08d2ad

openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:35328ee26837f5091e49589b0e2cbfb25c36a69afb5f1e3c152d252a77eda3c7

openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:47ac79c7d16b4d61c4efbd8526e934f7593b14cdd648bb5240222340fa5fb442

openshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:9f04ee5115ec12eafea7e5141a3d6c3cdc9b46c4557e69dba3994d8a1a7b76a1

openshift4/ose-gcp-pd-csi-driver-rhel8@sha256:7987110032311e4e4310f3aa50c9b58f9a88075d03a84762548a5b86d5135913

openshift4/ose-haproxy-router@sha256:8994a5aaeb5a2fd575dd3defebb03260f3a77e2433d2df752aa26dbc5bfd0469

openshift4/ose-hyperkube@sha256:45b6102f73f81830007847efb72dfc3b09831c2a77a9c534e8e867389e956b5f

openshift4/ose-hypershift-rhel8@sha256:16af52e38bfa31cbc1c4ddb3d76bc2469b581ae104e26288e090189fcb0bc7a4

openshift4/ose-ibm-cloud-controller-manager-rhel8@sha256:d4e5d70b899d63551567e24a8031458814308b27082b3f2eb8c16c72d1d8c619

openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8@sha256:bd95b45ec8f01dca96d0ade1bbe84c1d8c680a5f2fd0f484e9dc344c02dcd10f

openshift4/ose-ibm-vpc-block-csi-driver-rhel8@sha256:a0b82027e18d0f16d867afb59b7d66fe2ac807700fe1a4e49449f80cf2894dd8

openshift4/ose-ibm-vpc-node-label-updater-rhel8@sha256:97fc7767837d3403f809fd21ddbb1cb045428860016a84e2899cd12673f79a4c

openshift4/ose-ibmcloud-cluster-api-controllers-rhel8@sha256:373d46b53cd60ca03a5fb267553c8054fafd118f9febd3c9add50ab3a30849d9

openshift4/ose-ibmcloud-machine-controllers-rhel8@sha256:afb74cc8f655979cf7ca220943994350375217a58ac9ec1d46041defb5221d58

openshift4/ose-image-customization-controller-rhel8@sha256:78005fc4d2e7b14a582e07f75ff31f96c9a2e8ad7768abf6fd53aa3ea8c18116

openshift4/ose-insights-rhel8-operator@sha256:aefec1d7d0eafd9314fdbc09bbfd368fb0cc39656ba9cce8633faf1e240aef08

openshift4/ose-installer@sha256:a5e1974f6cf0e76a1f3199f4935ed33d3e05027c3d97bc671b6e943fbe37c2f9

openshift4/ose-installer-artifacts@sha256:cbf04537e04a8f4b6a8de2afb3f83b6ae8ad787919f362705707fa9e88e0f4c9

openshift4/ose-ironic-agent-rhel9@sha256:082b9a100b65b9f183aca1970ae8e7f6bd9f4f632ad419c304f0b514870d76d2

openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:8efc5bba86da2c9007c49e79a7e348f54a76bcd3341b9c3871c5e07d6bb1decc

openshift4/ose-ironic-rhel9@sha256:8a8bd0153393c77486ed17e23037d9b7c2d178b2a334575501d51c495d59d9b4

openshift4/ose-ironic-static-ip-manager-rhel9@sha256:c05035307738d2f76319a72ae0f5edd5655e4ed84921c4a21b2dbc798ea901b2

openshift4/ose-k8s-prometheus-adapter@sha256:537e3ab534fdc22efb9aa3012d25a73f7a785618564706dc2ecdc7a1af05c012

openshift4/ose-keepalived-ipfailover@sha256:a3f2b808e6a76fc6a8953b3d9399bf37ba484f970832a3ffea5c2e5d06ed40a3

openshift4/ose-kube-proxy@sha256:650009bca82ea9f6dc274755ddf5681e82a02ed9c0441923f4bab4683ae37ae8

openshift4/ose-kube-rbac-proxy@sha256:128b19e8edffbac60a7c7fea0ee834de589a779fbae56b38bd1de1687b598d32

openshift4/ose-kube-state-metrics@sha256:6fb7d64f013a6a452566e0816f9577a393e068830b6f9f969e4f1bf0e6904be0

openshift4/ose-kube-storage-version-migrator-rhel8@sha256:4c20d48d2fbe2117b726de21934924d0ecbd368aab58cff8e93f8689d2e9971f

openshift4/ose-kubevirt-cloud-controller-manager-rhel8@sha256:afad864df95dbcff76002f2432913e7f078d48fa6e2cf1189ab81064abb2f7f3

openshift4/ose-kuryr-cni-rhel8@sha256:3ff5a0e34d9ddafd96fe2304fc60fbb83ce167b29422ab09265f984c0aeb7e65

openshift4/ose-kuryr-controller-rhel8@sha256:4feac6c5abd8aca97551c5619a65e977dd4bcc5a18071b4cd98f637c26c760c5

openshift4/ose-libvirt-machine-controllers@sha256:513315ac5a0bfdbb3e0b5024ca6ddbb6d75ed698565ca99ac0268b153d5810b9

openshift4/ose-machine-api-operator@sha256:21f69ab1cb0d6c7b5c2ba733169734ed36aa5cd59934b348d252875c50626354

openshift4/ose-machine-api-provider-aws-rhel8@sha256:fa89b0a139049139fb858c0fcfda07c885af0583742fb64e0cf73080c6808e5b

openshift4/ose-machine-api-provider-azure-rhel8@sha256:7e340689c46d84d029a6502d201f15f75c011267c1a82c86583073a5e09a4365

openshift4/ose-machine-api-provider-gcp-rhel8@sha256:fa015cf92e655ae191dd2c1dd01e698ec5078852bb208f3fbde65ddda0511e81

openshift4/ose-machine-api-provider-openstack-rhel8@sha256:7f4df7cac43f4c7f41b2268d5018f9f5e5145ff96aca7a978e6b37a418bbdd88

openshift4/ose-machine-config-operator@sha256:242c9a1ad3afbebad681d0dbd529e507aa2281fb6fab7ce10a600b3873820936

openshift4/ose-machine-os-images-rhel8@sha256:57d579f1989a5b1e6d73fa02d2ab96a70664e3c067ee6d8dce73deb2bc10adee

openshift4/ose-multus-admission-controller@sha256:48b302b2cf38b061362e182a3001f4ab7eb567ca492aae61677f7758a04c82bd

openshift4/ose-multus-cni@sha256:a4801b649ad0e50c5ab42771ede0794c92e1f7091583d2d109be15f0e56534d3

openshift4/ose-multus-networkpolicy-rhel8@sha256:2949eaa1faf860c960db7689e3290e5631479f78f6381dec075d0de49824e7b7

openshift4/ose-multus-route-override-cni-rhel8@sha256:f9df57f2eb6e26ede39474a57900bf1352faff0b45297932a8df3bbefa5776da

openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:4d71fe53735f06aae32134c9355fb807476d97ed33fa112995d04089424711e1

openshift4/ose-must-gather@sha256:cad6837b9b36ad87b7914c649aaf37097b4e4aa783284c1659813dab5085f00c

openshift4/ose-network-interface-bond-cni-rhel8@sha256:ec7ec1b5a8651678cdddca4e3b37e53c9fcf39f994e1b8b1d36892494b48a259

openshift4/ose-network-metrics-daemon-rhel8@sha256:23bb53f3111ee3fc63339f2930495c49d14ed73a3add5e85b6493e5e508532bc

openshift4/ose-nutanix-cloud-controller-manager-rhel8@sha256:4238a07e902a0d3b8dde3d7a961e5dbdc5da37f1b2c4c519a5edf0d0ad62037a

openshift4/ose-nutanix-machine-controllers-rhel8@sha256:40c52652ee21f9ac256fdd5728d8494304eccacf3e70a249a756776e8bb46c4d

openshift4/ose-oauth-apiserver-rhel8@sha256:533e07c9b519a04e7f6f4520b97d32477022d32d1f3ae2ae127062212b83a360

openshift4/ose-oauth-proxy@sha256:5710554c08735126986b7c553cdb9a31bf97071c7adceda20f7aa116f35e867f

openshift4/ose-oauth-server-rhel8@sha256:57cde39a122733df8a2034bf16fa31a11c1dc8942dfcc92abf6267798db1236c

openshift4/ose-olm-rukpak-rhel8@sha256:21d3099d9056b4f88cb4d6a83d82f1cd31d598f3b67af748c747d7052f25cbd5

openshift4/ose-openshift-apiserver-rhel8@sha256:e95fb825bef0df356440f6dbcb570c224a0ddc4f053bd890c2aff40151ca274e

openshift4/ose-openshift-controller-manager-rhel8@sha256:582a7e911268e36114f0e9901253161ea018560503df613daa52f01ef5feaa06

openshift4/ose-openshift-state-metrics-rhel8@sha256:b13247f4c6a4267a334936b9c6bb65068ac230f7ec0f3dc1d845c28758556fab

openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:fb7b9551a8931b8857c384b475a51d02dfebe36c75bc5fa64440d755228dea94

openshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:c9a1d3360990729ab91a7685a1caabd2958ec4d72f0f3cb4d59ce227e6e9b3b8

openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:aee3b9d07962c86a7e7279e99dd75c8878da5e1db380fb52a306d9e3d41cde80

openshift4/ose-openstack-machine-controllers@sha256:1d442c58069215859b940073443854e5a6f16efa609c81a1de5e2b5b35dc1ec9

openshift4/ose-operator-lifecycle-manager@sha256:01803d504c6d357da3c1dede01073b8119e947bb2f2e6bfa7e4d95ca34c4cdcf

openshift4/ose-operator-marketplace@sha256:93f1216bcbe0e3fc7f79787ccf55b9644b97f04a6124465c54234ea0594e7cbc

openshift4/ose-operator-registry@sha256:d0e025887a7bf5ffdbace08576087bbab79834be7dc6ef6b4f166ce9ee575c6e

openshift4/ose-ovirt-machine-controllers-rhel8@sha256:802dae645f0fed07bb0d793da3e717856bee08f692b4d8588ce1c6f2e9f69887

openshift4/ose-ovn-kubernetes@sha256:509cc83c3fec144a7b0f645d009a07718eccb76ef3e6a643bca22f895fc6a23e

openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:e4a96b9a70004ca6decc656c7546141764bbc73a12b99c043a499c7300b81143

openshift4/ose-pod@sha256:2404cdd25b4831e09e6c8c8a1f7faab5542392f87171a48d76c335cda41d4d13

openshift4/ose-powervs-block-csi-driver-operator-rhel8@sha256:68be174207c85fa16fb0ca86e7f0b8e0042d1d48c763ff8e2a5d565a2d87696e

openshift4/ose-powervs-block-csi-driver-rhel8@sha256:85ba74878783f1e5501310459cc84e080a240a4fd3bf4a6ccbac6561a38209ae

openshift4/ose-powervs-cloud-controller-manager-rhel8@sha256:69d1a3858770a38906d5e1e8363c477e9098edcb95edf9ab318bec01988fc49c

openshift4/ose-powervs-machine-controllers-rhel8@sha256:c734d4626b71031fc55e736bcd7ad1c21784813a55829e6f007f5fb174d61487

openshift4/ose-prom-label-proxy@sha256:bec992c22e612c353d939ca4b9e907b0ae2f165537ca3187d1abb7fd5ea2c31e

openshift4/ose-prometheus@sha256:fb38759c9d3768032983d9ecae86c17e958c46f6578e6c4b64b7cac3020f2954

openshift4/ose-prometheus-alertmanager@sha256:2931c3c4be4739f00b4f0af33727f2fae0db3d15f021389b92a313f0681ab68b

openshift4/ose-prometheus-config-reloader@sha256:6b06707c007314b2ad3b9ab02ed0c51b86b19e9630545a0ffa5788c9d497a1b8

openshift4/ose-prometheus-node-exporter@sha256:644d8025bdd91481e73a4ada06886ed0987e30b52e8e541359aab610d8e4be09

openshift4/ose-prometheus-operator@sha256:8924276c37289792f74b9779b8aae11d7a6a73aeebcd40d4eebb64547f0c8de7

openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:5ebe9d82c765766f002de5db83a190c33748bb2abcbb0316dac66701a0618df5

openshift4/ose-sdn-rhel8@sha256:c64cfe38193fd28b2d0c191d508adf6eee2fec4c956dd8901f6d2856152ffc5e

openshift4/ose-service-ca-operator@sha256:1f13b1a815db576785605f0c8dccaee2df094300c1f458960571e226afb60adb

openshift4/ose-telemeter@sha256:917980b40af8741af3acaeade9fdfda4cf8cbbd1148ba149eeea4622c406fca5

openshift4/ose-tests@sha256:e03f9a09deaf63f555267612f5ee228d128dc0769e0b8deb2f8e1f0fa7a7df10

openshift4/ose-thanos-rhel8@sha256:46d8bd6825cae34d2a5ac2c22162d85dd39228b0e503734606aeee4bfbfa2a44

openshift4/ose-tools-rhel8@sha256:c3138c33ed8264bacc02538f748996687e48c537990b163c866b4c4b30da7e89

openshift4/ose-vsphere-csi-driver-operator-rhel8@sha256:4be25a807344bf86ec58d065a1c4b0f5a28436d8cc18eb61a58960e0a91418a7

openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8@sha256:4be25a807344bf86ec58d065a1c4b0f5a28436d8cc18eb61a58960e0a91418a7

openshift4/ose-vsphere-csi-driver-rhel8@sha256:98f57ee16f2fbb7240ce422d485af5f57a130a2384740f3bab625324490df9a4

openshift4/ose-vmware-vsphere-csi-driver-rhel8@sha256:98f57ee16f2fbb7240ce422d485af5f57a130a2384740f3bab625324490df9a4

openshift4/ose-vsphere-cloud-controller-manager-rhel8@sha256:1dca506bf14c7208e551c72dd52c3066d393c7981b338b46ca17a4e5792ee37d

openshift4/ose-vsphere-cluster-api-controllers-rhel8@sha256:19f7515e1ba7e6c7bd5ed9fee623620c1040e785bdbabb8f935fb46ce8a1569f

openshift4/ose-vsphere-csi-driver-syncer-rhel8@sha256:9ccff8caa502595d53ad96de0316772c6d3a7dc30837596e2f31062bd7bd5ea6

openshift4/ose-vsphere-problem-detector-rhel8@sha256:bb9f0a6e6fe8dd15b0b9f66ac40c71ecababf61ebe75ca2fb45359543acd8af2

openshift4/ovirt-csi-driver-rhel8@sha256:0a20b3bb7c30ae66bf9dc9cac22689d14774de8f01c3a37edbb4e8c436d67cce

openshift4/ovirt-csi-driver-rhel7@sha256:0a20b3bb7c30ae66bf9dc9cac22689d14774de8f01c3a37edbb4e8c436d67cce

openshift4/ovirt-csi-driver-rhel8-operator@sha256:a4442c40c08808d01807d56d33a6aee0194cee6941f4d7fce1b8e19b9b01f228

Related news

Gentoo Linux Security Advisory 202408-07

Gentoo Linux Security Advisory 202408-7 - Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service. Versions greater than or equal to 1.22.3 are affected.

Red Hat Security Advisory 2024-3467-03

Red Hat Security Advisory 2024-3467-03 - An update for etcd is now available for Red Hat OpenStack Platform 16.1 on Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Gentoo Linux Security Advisory 202402-08

Gentoo Linux Security Advisory 202402-8 - Multiple vulnerabilities have been found in OpenSSL, the worst of which could result in denial of service. Versions greater than or equal to 3.0.10 are affected.

Red Hat Security Advisory 2023-7626-03

Red Hat Security Advisory 2023-7626-03 - Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 2 is now available. Issues addressed include buffer overflow, denial of service, information leakage, and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-7625-03

Red Hat Security Advisory 2023-7625-03 - An update is now available for Red Hat JBoss Core Services. Issues addressed include buffer overflow, denial of service, and information leakage vulnerabilities.

CVE-2023-45085: Releases - HyperCloud Docs

An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process.  In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.

CVE-2021-39008: Security Bulletin: IBM QRadar Wincollect is vulnerable to using components with known vulnerabilities

IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a privileged user to obtain sensitive information due to missing best practices. IBM X-Force ID: 213551.

CVE-2023-5622: [R1] Nessus Network Monitor 6.3.0 Fixes Multiple Vulnerabilities

Under certain conditions, Nessus Network Monitor could allow a low privileged user to escalate privileges to NT AUTHORITY\SYSTEM on Windows hosts by replacing a specially crafted file.

Red Hat Security Advisory 2023-5976-01

Red Hat Security Advisory 2023-5976-01 - An update is now available for Service Telemetry Framework 1.5.2. Issues addressed include a denial of service vulnerability.

CVE-2023-22130: Oracle Critical Patch Update Advisory - October 2023

Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). The supported version that is affected is 8.8.60. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

Gentoo Linux Security Advisory 202310-11

Gentoo Linux Security Advisory 202310-11 - A filtering bypass in less may allow denial of service. Versions greater than or equal to 608-r2 are affected.

Red Hat Security Advisory 2023-5390-01

Red Hat Security Advisory 2023-5390-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.36. Issues addressed include a denial of service vulnerability.

RHSA-2023:5390: Red Hat Security Advisory: OpenShift Container Platform 4.12.36 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.36 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2253: A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vul...

GHSA-92hx-3mh6-hc49: kube-apiserver authentication bypass vulnerability

An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch one that they already have access to. This might allow evasion of SCC admission restrictions, thereby gaining control of a privileged pod.

CVE-2023-1260: cve-details

An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch one that they already have access to. This might allow evasion of SCC admission restrictions, thereby gaining control of a privileged pod.

Red Hat Security Advisory 2023-5314-01

Red Hat Security Advisory 2023-5314-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.

RHSA-2023:5314: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.6 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.6 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21698: A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability. * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream cou...

Red Hat Security Advisory 2023-5155-01

Red Hat Security Advisory 2023-5155-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.13. Issues addressed include a denial of service vulnerability.

RHSA-2023:5155: Red Hat Security Advisory: [impact]: OpenShift Container Platform 4.13.13 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.13 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2253: A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vul...

Red Hat Security Advisory 2023-4898-01

Red Hat Security Advisory 2023-4898-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.67.

Ubuntu Security Notice USN-6336-1

Ubuntu Security Notice 6336-1 - It was discovered that Docker Registry incorrectly handled certain crafted input, A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. It was discovered that Docker Registry incorrectly handled certain crafted input. An attacker could possibly use this issue to cause a denial of service.

Red Hat Security Advisory 2023-4862-01

Red Hat Security Advisory 2023-4862-01 - Multicluster Engine for Kubernetes 2.3.1 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a bypass vulnerability.

RHSA-2023:4657: Red Hat Security Advisory: Secondary Scheduler Operator for Red Hat OpenShift 1.1.2 security update

Secondary Scheduler Operator for Red Hat OpenShift 1.1.2 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24532: A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh. * CVE-2023-24534: A flaw was found in Golang Go...

Red Hat Security Advisory 2023-4664-01

Red Hat Security Advisory 2023-4664-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.3 images. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-4654-01

Red Hat Security Advisory 2023-4654-01 - Red Hat Advanced Cluster Management for Kubernetes 2.7.7 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.

RHSA-2023:4664: Red Hat Security Advisory: OpenShift Virtualization 4.13.3 Images security and bug fix update

Red Hat OpenShift Virtualization release 4.13.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Con...

Red Hat Security Advisory 2023-4627-01

Red Hat Security Advisory 2023-4627-01 - Migration Toolkit for Applications 6.2.0 Images. Issues addressed include a denial of service vulnerability.

RHSA-2023:4459: Red Hat Security Advisory: OpenShift Container Platform 4.13.8 packages and security update

Red Hat OpenShift Container Platform release 4.13.8 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/'...

RHSA-2023:4335: Red Hat Security Advisory: Security Update for cert-manager Operator for Red Hat OpenShift 1.10.3

cert-manager Operator for Red Hat OpenShift 1.10.3 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specia...

Red Hat Security Advisory 2023-4472-01

Red Hat Security Advisory 2023-4472-01 - Version 1.29.1 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.10, 4.11, 4.12, and 4.13. This release includes security and bug fixes, and enhancements.

RHSA-2023:4472: Red Hat Security Advisory: Release of OpenShift Serverless 1.29.1

Red Hat OpenShift Serverless version 1.29.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containin...

RHSA-2023:4437: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.1 security and bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.13.1 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

Red Hat Security Advisory 2023-4312-01

Red Hat Security Advisory 2023-4312-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.46.

RHSA-2023:4312: Red Hat Security Advisory: OpenShift Container Platform 4.11.46 security update

Red Hat OpenShift Container Platform release 4.11.46 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1260: An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "p...

Red Hat Security Advisory 2023-4226-01

Red Hat Security Advisory 2023-4226-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.6.

Red Hat Security Advisory 2023-4225-01

Red Hat Security Advisory 2023-4225-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.6.

Red Hat Security Advisory 2023-4290-01

Red Hat Security Advisory 2023-4290-01 - OpenShift sandboxed containers 1.4.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

Red Hat Security Advisory 2023-4293-01

Red Hat Security Advisory 2023-4293-01 - The Migration Toolkit for Containers (MTC) 1.7.11 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate.

RHSA-2023:4226: Red Hat Security Advisory: OpenShift Container Platform 4.13.6 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.6 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number...

RHSA-2023:4290: Red Hat Security Advisory: OpenShift sandboxed containers 1.4.1 security update

OpenShift sandboxed containers 1.4.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

RHSA-2023:4225: Red Hat Security Advisory: OpenShift Container Platform 4.13.6 security and extras update

Red Hat OpenShift Container Platform release 4.13.6 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.

RHSA-2023:4287: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.5 security and bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.5 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

Red Hat Security Advisory 2023-4282-01

Red Hat Security Advisory 2023-4282-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-4093-01

Red Hat Security Advisory 2023-4093-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.5. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-4091-01

Red Hat Security Advisory 2023-4091-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.5. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-4090-01

Red Hat Security Advisory 2023-4090-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.5.

RHSA-2023:4093: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1260: An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "po...

RHSA-2023:4093: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1260: An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "po...

RHSA-2023:4093: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1260: An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "po...

RHSA-2023:4093: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1260: An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "po...

RHSA-2023:4093: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1260: An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "po...

RHSA-2023:4093: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1260: An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "po...

RHSA-2023:4093: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1260: An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "po...

RHSA-2023:4093: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1260: An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "po...

RHSA-2023:4093: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1260: An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "po...

RHSA-2023:4090: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server c...

RHSA-2023:4238: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.9 security and bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.11.9 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

Red Hat Security Advisory 2023-4053-01

Red Hat Security Advisory 2023-4053-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.45. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-4204-01

Red Hat Security Advisory 2023-4204-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters. After deploying the VolSync operator, it can create and maintain copies of your persistent data.

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

RHSA-2023:4113: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.3.5 security update

Red Hat OpenShift Service Mesh 2.3.5 Containers Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptog...

RHSA-2023:4112: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.8 security update

Red Hat OpenShift Service Mesh 2.2.8 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modu...

Red Hat Security Advisory 2023-4036-01

Red Hat Security Advisory 2023-4036-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-4035-01

Red Hat Security Advisory 2023-4035-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include buffer overflow and denial of service vulnerabilities.

Red Hat Security Advisory 2023-3976-01

Red Hat Security Advisory 2023-3976-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.24.

RHSA-2023:4035: Red Hat Security Advisory: nodejs:18 security update

An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4904: A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity. * CVE-2023-31124: A flaw was found in c-ares. This issue occurs...

RHSA-2023:4036: Red Hat Security Advisory: nodejs security update

An update for nodejs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-31124: A flaw was found in c-ares. This issue occurs when cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross-compiling aarch64 android. As a result, it will downgrade to rand(), which could allow an attacker to utilize the lack of entropy by not using a CSPRNG. * C...

RHSA-2023:3976: Red Hat Security Advisory: OpenShift Container Platform 4.12.24 packages and security update

Red Hat OpenShift Container Platform release 4.12.24 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1260: An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "po...

RHSA-2023:4003: Red Hat Security Advisory: Red Hat Service Interconnect 1.4 Release security update

This is release 1.4 of the rpms for Red Hat Service Interconnect. Red Hat Service Interconnect 1.4 introduces a service network, linking TCP and HTTP services across the hybrid cloud. A service network enables communication between services running in different network locations or sites. It allows geographically distributed services to connect as if they were all running in the same site. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2879: A flaw was found in the gol...

RHSA-2023:4003: Red Hat Security Advisory: Red Hat Service Interconnect 1.4 Release security update

This is release 1.4 of the rpms for Red Hat Service Interconnect. Red Hat Service Interconnect 1.4 introduces a service network, linking TCP and HTTP services across the hybrid cloud. A service network enables communication between services running in different network locations or sites. It allows geographically distributed services to connect as if they were all running in the same site. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2879: A flaw was found in the gol...

RHSA-2023:4003: Red Hat Security Advisory: Red Hat Service Interconnect 1.4 Release security update

This is release 1.4 of the rpms for Red Hat Service Interconnect. Red Hat Service Interconnect 1.4 introduces a service network, linking TCP and HTTP services across the hybrid cloud. A service network enables communication between services running in different network locations or sites. It allows geographically distributed services to connect as if they were all running in the same site. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2879: A flaw was found in the gol...

Red Hat Security Advisory 2023-3925-01

Red Hat Security Advisory 2023-3925-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.23.

Red Hat Security Advisory 2023-3925-01

Red Hat Security Advisory 2023-3925-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.23.

Red Hat Security Advisory 2023-3925-01

Red Hat Security Advisory 2023-3925-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.23.

Red Hat Security Advisory 2023-3925-01

Red Hat Security Advisory 2023-3925-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.23.

Red Hat Security Advisory 2023-3925-01

Red Hat Security Advisory 2023-3925-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.23.

Red Hat Security Advisory 2023-3925-01

Red Hat Security Advisory 2023-3925-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.23.

Red Hat Security Advisory 2023-3925-01

Red Hat Security Advisory 2023-3925-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.23.

Red Hat Security Advisory 2023-3925-01

Red Hat Security Advisory 2023-3925-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.23.

Red Hat Security Advisory 2023-3924-01

Red Hat Security Advisory 2023-3924-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.23.

RHSA-2023:3924: Red Hat Security Advisory: OpenShift Container Platform 4.12.23 security update

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...

RHSA-2023:3925: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...

RHSA-2023:3925: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...

RHSA-2023:3925: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...

RHSA-2023:3925: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...

RHSA-2023:3925: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...

RHSA-2023:3925: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...

RHSA-2023:3925: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...

RHSA-2023:3925: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...

RHSA-2023:3925: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...

Red Hat Security Advisory 2023-3915-01

Red Hat Security Advisory 2023-3915-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.44.

RHSA-2023:3910: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.10.63 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server...

RHSA-2023:3914: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.11.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23772: A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issu...

CVE-2023-3089: cve-details

A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

RHSA-2023:3943: Red Hat Security Advisory: ACS 4.1 enhancement and security update

Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes new features and bug fixes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability. * CVE...

RHSA-2023:3943: Red Hat Security Advisory: ACS 4.1 enhancement and security update

Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes new features and bug fixes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability. * CVE...

RHSA-2023:3943: Red Hat Security Advisory: ACS 4.1 enhancement and security update

Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes new features and bug fixes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability. * CVE...

RHSA-2023:3943: Red Hat Security Advisory: ACS 4.1 enhancement and security update

Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes new features and bug fixes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability. * CVE...

RHSA-2023:3935: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24329: A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This...

RHSA-2023:3934: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24329: A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blan...

RHSA-2023:3918: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.5 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.5 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in H...

RHSA-2023:3918: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.5 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.5 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in H...

RHSA-2023:3918: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.5 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.5 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in H...

RHSA-2023:3918: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.5 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.5 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in H...

RHSA-2023:3918: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.5 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.5 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in H...

RHSA-2023:3918: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.5 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.5 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in H...

RHSA-2023:3905: Red Hat Security Advisory: Network observability 1.3.0 for Openshift

Network Observability 1.3.0 for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted input. * CVE-2023-24540: A flaw was found in golang,...

RHSA-2023:3905: Red Hat Security Advisory: Network observability 1.3.0 for Openshift

Network Observability 1.3.0 for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted input. * CVE-2023-24540: A flaw was found in golang,...

RHSA-2023:3905: Red Hat Security Advisory: Network observability 1.3.0 for Openshift

Network Observability 1.3.0 for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted input. * CVE-2023-24540: A flaw was found in golang,...

RHSA-2023:3905: Red Hat Security Advisory: Network observability 1.3.0 for Openshift

Network Observability 1.3.0 for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted input. * CVE-2023-24540: A flaw was found in golang,...

RHSA-2023:3905: Red Hat Security Advisory: Network observability 1.3.0 for Openshift

Network Observability 1.3.0 for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted input. * CVE-2023-24540: A flaw was found in golang,...

RHSA-2023:3905: Red Hat Security Advisory: Network observability 1.3.0 for Openshift

Network Observability 1.3.0 for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted input. * CVE-2023-24540: A flaw was found in golang,...

RHSA-2023:3905: Red Hat Security Advisory: Network observability 1.3.0 for Openshift

Network Observability 1.3.0 for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted input. * CVE-2023-24540: A flaw was found in golang,...

RHSA-2023:3888: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.4 for OpenShift image security enhancement update

A new image is available for Red Hat Single Sign-On 7.6.4, running on OpenShift Container Platform 3.10 and 3.11, and 4.12.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4361: Keycloak, an open-source identity and access management solution, has a cross-site scripting (XSS) vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirect_uri. * CVE-2023...

Red Hat Security Advisory 2023-3612-01

Red Hat Security Advisory 2023-3612-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.4. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-3612-01

Red Hat Security Advisory 2023-3612-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.4. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-3612-01

Red Hat Security Advisory 2023-3612-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.4. Issues addressed include a denial of service vulnerability.

Ubuntu Security Notice USN-6188-1

Ubuntu Security Notice 6188-1 - Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service.

Red Hat Security Advisory 2023-3776-01

Red Hat Security Advisory 2023-3776-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.

CVE-2023-32463: DSA-2023-200: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

CVE-2023-32463: DSA-2023-200: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

CVE-2023-32463: DSA-2023-200: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

CVE-2023-32463: DSA-2023-200: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

RHSA-2023:3614: Red Hat Security Advisory: OpenShift Container Platform 4.13.4 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.4 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number...

Red Hat Security Advisory 2023-3715-01

Red Hat Security Advisory 2023-3715-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a memory leak vulnerability.

Red Hat Security Advisory 2023-3725-01

Red Hat Security Advisory 2023-3725-01 - The "less" utility is a text file browser that resembles "more", but allows users to move backwards in the file as well as forwards. Since "less" does not read the entire input file at startup, it also starts more quickly than ordinary text editors.

Red Hat Security Advisory 2023-3722-01

Red Hat Security Advisory 2023-3722-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer over-read and denial of service vulnerabilities.

Red Hat Security Advisory 2023-3722-01

Red Hat Security Advisory 2023-3722-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer over-read and denial of service vulnerabilities.

Red Hat Security Advisory 2023-3722-01

Red Hat Security Advisory 2023-3722-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer over-read and denial of service vulnerabilities.

Red Hat Security Advisory 2023-3722-01

Red Hat Security Advisory 2023-3722-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer over-read and denial of service vulnerabilities.

Red Hat Security Advisory 2023-3722-01

Red Hat Security Advisory 2023-3722-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer over-read and denial of service vulnerabilities.

RHSA-2023:3725: Red Hat Security Advisory: less security update

An update for less is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-46663: A vulnerability was found in less. This flaw allows crafted data to result in "less -R" not filtering ANSI escape sequences sent to the terminal.

Red Hat Security Advisory 2023-3665-01

Red Hat Security Advisory 2023-3665-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-3660-01

Red Hat Security Advisory 2023-3660-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API. Issues addressed include a denial of service vulnerability.

RHSA-2023:3662: Red Hat Security Advisory: c-ares security update

An update for c-ares is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32067: c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful shutdown of the connection...

Red Hat Security Advisory 2023-3624-01

Red Hat Security Advisory 2023-3624-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-3624-01

Red Hat Security Advisory 2023-3624-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-3624-01

Red Hat Security Advisory 2023-3624-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-3624-01

Red Hat Security Advisory 2023-3624-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-3559-01

Red Hat Security Advisory 2023-3559-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API. Issues addressed include a denial of service vulnerability.

RHSA-2023:3624: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.10 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.10 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A flaw was found in Golang Go, where it is vulnerable to a denial of service cause...

RHSA-2023:3624: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.10 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.10 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A flaw was found in Golang Go, where it is vulnerable to a denial of service cause...

RHSA-2023:3624: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.10 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.10 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A flaw was found in Golang Go, where it is vulnerable to a denial of service cause...

RHSA-2023:3624: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.10 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.10 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A flaw was found in Golang Go, where it is vulnerable to a denial of service cause...

RHSA-2023:3540: Red Hat Security Advisory: OpenShift Container Platform 4.13.3 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A ...

RHSA-2023:3540: Red Hat Security Advisory: OpenShift Container Platform 4.13.3 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A ...

RHSA-2023:3540: Red Hat Security Advisory: OpenShift Container Platform 4.13.3 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A ...

RHSA-2023:3540: Red Hat Security Advisory: OpenShift Container Platform 4.13.3 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A ...

RHSA-2023:3540: Red Hat Security Advisory: OpenShift Container Platform 4.13.3 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A ...

RHSA-2023:3540: Red Hat Security Advisory: OpenShift Container Platform 4.13.3 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A ...

RHSA-2023:3555: Red Hat Security Advisory: python security update

An update for python is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24329: A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity.

RHSA-2023:3556: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24329: A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity.

RHSA-2023:3550: Red Hat Security Advisory: python security update

An update for python is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24329: A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity.

Debian Security Advisory 5419-1

Debian Linux Security Advisory 5419-1 - Two vulnerabilities were discovered in c-ares, an asynchronous name resolver library.

CVE-2023-2253: Invalid Bug ID

A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory.

Ubuntu Security Notice USN-6140-1

Ubuntu Security Notice 6140-1 - It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. It was discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10.

Ubuntu Security Notice USN-6140-1

Ubuntu Security Notice 6140-1 - It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. It was discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10.

Ubuntu Security Notice USN-6140-1

Ubuntu Security Notice 6140-1 - It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. It was discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10.

Ubuntu Security Notice USN-6140-1

Ubuntu Security Notice 6140-1 - It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. It was discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10.

Ubuntu Security Notice USN-6140-1

Ubuntu Security Notice 6140-1 - It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. It was discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10.

Red Hat Security Advisory 2023-3447-01

Red Hat Security Advisory 2023-3447-01 - An update for etcd is now available for Red Hat OpenStack Platform 16.1 (Train).

Red Hat Security Advisory 2023-3445-01

Red Hat Security Advisory 2023-3445-01 - An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Issues addressed include a denial of service vulnerability.

RHSA-2023:3455: Red Hat Security Advisory: Release of OpenShift Serverless 1.29.0

OpenShift Serverless version 1.29.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System (CVSS) base score.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker ...

RHSA-2023:3455: Red Hat Security Advisory: Release of OpenShift Serverless 1.29.0

OpenShift Serverless version 1.29.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System (CVSS) base score.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker ...

RHSA-2023:3455: Red Hat Security Advisory: Release of OpenShift Serverless 1.29.0

OpenShift Serverless version 1.29.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System (CVSS) base score.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker ...

RHSA-2023:3455: Red Hat Security Advisory: Release of OpenShift Serverless 1.29.0

OpenShift Serverless version 1.29.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System (CVSS) base score.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker ...

Red Hat Security Advisory 2023-3304-01

Red Hat Security Advisory 2023-3304-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.1. Issues addressed include denial of service and traversal vulnerabilities.

Red Hat Security Advisory 2023-3305-02

Red Hat Security Advisory 2023-3305-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.1.

RHSA-2023:3354: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update

An update is now available for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 on Red Hat Enterprise Linux versions 7 and 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2006-20001: A flaw was found in the mod_dav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service. * CVE-2022-4304: A timing-based side channel exists in the Open...

RHSA-2023:3354: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update

An update is now available for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 on Red Hat Enterprise Linux versions 7 and 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2006-20001: A flaw was found in the mod_dav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service. * CVE-2022-4304: A timing-based side channel exists in the Open...

RHSA-2023:3354: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update

An update is now available for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 on Red Hat Enterprise Linux versions 7 and 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2006-20001: A flaw was found in the mod_dav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service. * CVE-2022-4304: A timing-based side channel exists in the Open...

RHSA-2023:3355: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2006-20001: A flaw was found in the mod_dav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service. * CVE-2022-4304: A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficien...

RHSA-2023:3355: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2006-20001: A flaw was found in the mod_dav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service. * CVE-2022-4304: A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficien...

CVE-2023-28043: DSA-2023-164: Dell Secure Connect Gateway Security Update for Multiple Vulnerabilities

Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text.

CVE-2023-28043: DSA-2023-164: Dell Secure Connect Gateway Security Update for Multiple Vulnerabilities

Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text.

CVE-2023-28043: DSA-2023-164: Dell Secure Connect Gateway Security Update for Multiple Vulnerabilities

Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text.

Red Hat Security Advisory 2023-3415-01

Red Hat Security Advisory 2023-3415-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes security and bug fixes.

Red Hat Security Advisory 2023-3415-01

Red Hat Security Advisory 2023-3415-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes security and bug fixes.

Debian Security Advisory 5417-1

Debian Linux Security Advisory 5417-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.

Debian Security Advisory 5417-1

Debian Linux Security Advisory 5417-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.

Debian Security Advisory 5417-1

Debian Linux Security Advisory 5417-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.

Debian Security Advisory 5417-1

Debian Linux Security Advisory 5417-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.

Ubuntu Security Notice USN-6126-1

Ubuntu Security Notice 6126-1 - It was discovered that libvirt incorrectly handled the nwfilter driver. A local attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. It was discovered that libvirt incorrectly handled queries for the SR-IOV PCI device capabilities. A local attacker could possibly use this issue to cause libvirt to consume resources, leading to a denial of service.

RHSA-2023:3373: Red Hat Security Advisory: Migration Toolkit for Runtimes security update

An update for mtr-operator-bundle-container, mtr-operator-container, mtr-web-container, and mtr-web-executor-container is now available for Migration Toolkit for Runtimes 1 on RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-46877: A flaw was found in Jackson Databind. This issue may allow a malicious user to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization. * CVE-2022-41854: Those using Sn...

RHSA-2023:3304: Red Hat Security Advisory: OpenShift Container Platform 4.13.1 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-17419: The Miek Gieben DNS library is vulnerable to a denial of service caused by a segmentation violation in setTA in scan_rr.go. By persuading a victim to open a specially-crafted file, a ...

Ubuntu Security Notice USN-6119-1

Ubuntu Security Notice 6119-1 - Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. Anton Romanov discovered that OpenSSL incorrectly handled AES-XTS cipher decryption on 64-bit ARM platforms. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04.

Ubuntu Security Notice USN-6119-1

Ubuntu Security Notice 6119-1 - Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. Anton Romanov discovered that OpenSSL incorrectly handled AES-XTS cipher decryption on 64-bit ARM platforms. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04.

CVE-2023-2650

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. T...

RHSA-2023:3305: Red Hat Security Advisory: OpenShift Container Platform 4.13.1 security and extras update

Red Hat OpenShift Container Platform release 4.13.1 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.

Debian Security Advisory 5414-1

Debian Linux Security Advisory 5414-1 - Jose Gomez discovered that the Catalog API endpoint in the Docker registry implementation did not sufficiently enforce limits, which could result in denial of service.

Red Hat Security Advisory 2023-3323-01

Red Hat Security Advisory 2023-3323-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

Red Hat Security Advisory 2023-3323-01

Red Hat Security Advisory 2023-3323-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

Red Hat Security Advisory 2023-3323-01

Red Hat Security Advisory 2023-3323-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

CVE-2023-31130: Release 1.19.1 · c-ares/c-ares

c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1.

RHSA-2023:3325: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.1.7 security fixes and container updates

Multicluster Engine for Kubernetes 2.1.7 General Availability release images, which address security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32313: A flaw was found in the vm2. After making a vm, the inspect method is read-write for console.log, which allows an attacker to edit options for console.log. This issue impacts the integrity by changing the log subsystem. * CVE-2023-32314: A flaw was found in the vm2 sandbox. When a ho...

Red Hat Security Advisory 2023-3296-01

Red Hat Security Advisory 2023-3296-01 - Multicluster Engine for Kubernetes 2.2.4 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

RHSA-2023:3323: Red Hat Security Advisory: go-toolset-1.19 and go-toolset-1.19-golang security update

An update for go-toolset-1.19 and go-toolset-1.19-golang is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24537: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service. * CVE-2023-24538: A flaw was found in Golang Go. This flaw ...

Ubuntu Security Notice USN-6088-1

Ubuntu Security Notice 6088-1 - It was discovered that runC incorrectly made /sys/fs/cgroup writable when in rootless mode. An attacker could possibly use this issue to escalate privileges. It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could possibly use this issue to escalate privileges. It was discovered that runC incorrectly handled /proc and /sys mounts inside a container. An attacker could possibly use this issue to bypass AppArmor, and potentially SELinux.

Red Hat Security Advisory 2023-1325-01

Red Hat Security Advisory 2023-1325-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, and information leakage vulnerabilities.

Red Hat Security Advisory 2023-1328-01

Red Hat Security Advisory 2023-1328-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include denial of service and out of bounds read vulnerabilities.

Red Hat Security Advisory 2023-1326-01

Red Hat Security Advisory 2023-1326-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, information leakage, out of bounds read, and remote SQL injection vulnerabilities.

RHSA-2023:1329: Red Hat Security Advisory: OpenShift Container Platform 4.13.0 bug fix and security update

Red Hat build of MicroShift release 4.13.0 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat build of MicroShift 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP head...

RHSA-2023:1326: Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update

Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4235: A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If p...

Red Hat Security Advisory 2023-1327-01

Red Hat Security Advisory 2023-1327-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.0.

RHSA-2023:2866: Red Hat Security Advisory: git-lfs security and bug fix update

An update for git-lfs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2880: A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy saniti...

CVE-2023-2700: Invalid Bug ID

A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup.

GHSA-hqxw-f8mx-cpmw: distribution catalog API endpoint can lead to OOM via malicious user input

### Impact Systems that run `distribution` built after a specific commit running on memory-restricted environments can suffer from denial of service by a crafted malicious `/v2/_catalog` API endpoint request. ### Patches Upgrade to at least 2.8.2-beta.1 if you are running `v2.8.x` release. If you use the code from the main branch, update at least to the commit after [f55a6552b006a381d9167e328808565dd2bf77dc](https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc). ### Workarounds There is no way to work around this issue without patching. Restrict access to the affected API endpoint: see the recommendations section. ### References `/v2/_catalog` endpoint accepts a parameter to control the maximum amount of records returned (query string: `n`). When not given the default `n=100` is used. The server trusts that `n` has an acceptable value, however when using a maliciously large value, it allocates an array/slice of `n` of strings before fi...

CVE-2023-24540: [security] Go 1.20.4 and Go 1.19.9 are released

Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution.

CVE-2023-29400

Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.

CVE-2023-24540: [security] Go 1.20.4 and Go 1.19.9 are released

Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution.

Red Hat Security Advisory 2023-2367-01

Red Hat Security Advisory 2023-2367-01 - The Container Network Interface project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.

RHSA-2023:2283: Red Hat Security Advisory: skopeo security and bug fix update

An update for skopeo is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30629: A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption. * CVE-2022-41717: A flaw was found in the net/http library of the golang package. Thi...

RHSA-2023:2253: Red Hat Security Advisory: buildah security and bug fix update

An update for buildah is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30629: A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption. * CVE-2022-41717: A flaw was found in the net/http library of the golang package. Th...

Red Hat Security Advisory 2023-2107-01

Red Hat Security Advisory 2023-2107-01 - The Migration Toolkit for Containers (MTC) 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-2107-01

Red Hat Security Advisory 2023-2107-01 - The Migration Toolkit for Containers (MTC) 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-2107-01

Red Hat Security Advisory 2023-2107-01 - The Migration Toolkit for Containers (MTC) 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-2107-01

Red Hat Security Advisory 2023-2107-01 - The Migration Toolkit for Containers (MTC) 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. Issues addressed include a denial of service vulnerability.

RHSA-2023:2098: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.0.8 security updates and bug fixes

Multicluster Engine for Kubernetes 2.0.8 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.

RHSA-2023:2098: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.0.8 security updates and bug fixes

Multicluster Engine for Kubernetes 2.0.8 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.

RHSA-2023:2098: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.0.8 security updates and bug fixes

Multicluster Engine for Kubernetes 2.0.8 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.

RHSA-2023:2098: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.0.8 security updates and bug fixes

Multicluster Engine for Kubernetes 2.0.8 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.

Red Hat Security Advisory 2023-2023-01

Red Hat Security Advisory 2023-2023-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

Red Hat Security Advisory 2023-2023-01

Red Hat Security Advisory 2023-2023-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

Red Hat Security Advisory 2023-2023-01

Red Hat Security Advisory 2023-2023-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

Red Hat Security Advisory 2023-2023-01

Red Hat Security Advisory 2023-2023-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

Ubuntu Security Notice USN-6039-1

Ubuntu Security Notice 6039-1 - It was discovered that OpenSSL was not properly managing file locks when processing policy constraints. If a user or automated system were tricked into processing a certificate chain with specially crafted policy constraints, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. David Benjamin discovered that OpenSSL was not properly performing the verification of X.509 certificate chains that include policy constraints, which could lead to excessive resource consumption. If a user or automated system were tricked into processing a specially crafted X.509 certificate chain that includes policy constraints, a remote attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice USN-6039-1

Ubuntu Security Notice 6039-1 - It was discovered that OpenSSL was not properly managing file locks when processing policy constraints. If a user or automated system were tricked into processing a certificate chain with specially crafted policy constraints, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. David Benjamin discovered that OpenSSL was not properly performing the verification of X.509 certificate chains that include policy constraints, which could lead to excessive resource consumption. If a user or automated system were tricked into processing a specially crafted X.509 certificate chain that includes policy constraints, a remote attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice USN-6039-1

Ubuntu Security Notice 6039-1 - It was discovered that OpenSSL was not properly managing file locks when processing policy constraints. If a user or automated system were tricked into processing a certificate chain with specially crafted policy constraints, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. David Benjamin discovered that OpenSSL was not properly performing the verification of X.509 certificate chains that include policy constraints, which could lead to excessive resource consumption. If a user or automated system were tricked into processing a specially crafted X.509 certificate chain that includes policy constraints, a remote attacker could possibly use this issue to cause a denial of service.

RHSA-2023:2023: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.7 Bug Fix and security update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.11.7 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40186: A flaw was found in HashiCorp Vault and Vault Enterprise, where they could allow a locally authenticated attacker to gain unauthorized access to the system, caused by a flaw in the alias naming schema implementation for mount accessors with shared alias n...

RHSA-2023:2023: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.7 Bug Fix and security update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.11.7 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40186: A flaw was found in HashiCorp Vault and Vault Enterprise, where they could allow a locally authenticated attacker to gain unauthorized access to the system, caused by a flaw in the alias naming schema implementation for mount accessors with shared alias n...

RHSA-2023:2023: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.7 Bug Fix and security update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.11.7 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40186: A flaw was found in HashiCorp Vault and Vault Enterprise, where they could allow a locally authenticated attacker to gain unauthorized access to the system, caused by a flaw in the alias naming schema implementation for mount accessors with shared alias n...

RHSA-2023:2023: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.7 Bug Fix and security update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.11.7 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40186: A flaw was found in HashiCorp Vault and Vault Enterprise, where they could allow a locally authenticated attacker to gain unauthorized access to the system, caused by a flaw in the alias naming schema implementation for mount accessors with shared alias n...

Ubuntu Security Notice USN-6038-1

Ubuntu Security Notice 6038-1 - It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting into a denial of service.

Ubuntu Security Notice USN-6038-1

Ubuntu Security Notice 6038-1 - It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting into a denial of service.

Ubuntu Security Notice USN-6038-1

Ubuntu Security Notice 6038-1 - It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting into a denial of service.

CVE-2023-1731: Meinberg Security Advisory: [MBGSA-2023.02] LANTIME-Firmware V7.06.013

In LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.

CVE-2023-1731: Meinberg Security Advisory: [MBGSA-2023.02] LANTIME-Firmware V7.06.013

In LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.

CVE-2023-1731: Meinberg Security Advisory: [MBGSA-2023.02] LANTIME-Firmware V7.06.013

In LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.

CVE-2023-1255

Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash. Impact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM platform can crash in rare circumstances. The AES-XTS algorithm is usually used for disk encryption. The AES-XTS cipher decryption implementation for 64 bit ARM platform will read past the end of the ciphertext buffer if the ciphertext size is 4 mod 5, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext buffer is unmapped, this will trigger a crash which results in a denial of service. If an attacker can control the size and location of the ciphertext buffer being decrypted by an application using AES-XTS on 64 bit ARM, the application is affected. This is fairly unlikely making this issue a Low severity one.

RHSA-2023:1887: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.2.3 security updates and bug fixes

Multicluster Engine for Kubernetes 2.2.3 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server. * CVE-2023-29017: A flaw was found in vm2 where the component...

RHSA-2023:1887: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.2.3 security updates and bug fixes

Multicluster Engine for Kubernetes 2.2.3 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server. * CVE-2023-29017: A flaw was found in vm2 where the component...

RHSA-2023:1887: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.2.3 security updates and bug fixes

Multicluster Engine for Kubernetes 2.2.3 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server. * CVE-2023-29017: A flaw was found in vm2 where the component...

RHSA-2023:1887: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.2.3 security updates and bug fixes

Multicluster Engine for Kubernetes 2.2.3 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server. * CVE-2023-29017: A flaw was found in vm2 where the component...

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...

CVE-2023-28642: AppArmor/SELinux bypass with symlinked /proc

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked `/proc`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.

RHSA-2023:1310: Red Hat Security Advisory: Logging Subsystem for Red Hat OpenShift - 5.5.9 security update

An update is now available for Logging Subsystem for Red Hat OpenShift - 5.5.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large...

RHSA-2023:1310: Red Hat Security Advisory: Logging Subsystem for Red Hat OpenShift - 5.5.9 security update

An update is now available for Logging Subsystem for Red Hat OpenShift - 5.5.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large...

RHSA-2023:1310: Red Hat Security Advisory: Logging Subsystem for Red Hat OpenShift - 5.5.9 security update

An update is now available for Logging Subsystem for Red Hat OpenShift - 5.5.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large...

CVE-2023-0465

Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.

CVE-2023-0466

The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.

CVE-2023-0464

A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.

RHSA-2023:1275: Red Hat Security Advisory: Red Hat OpenStack Platform (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid. * CVE-2022-2880: A flaw was found in the golang package, where requests forwarded by rev...

CVE-2023-25947: en/security-disclosure/2023/2023-03.md · OpenHarmony/security - Gitee.com

The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package.

CVE-2023-25947: en/security-disclosure/2023/2023-03.md · OpenHarmony/security - Gitee.com

The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package.

CVE-2023-25947: en/security-disclosure/2023/2023-03.md · OpenHarmony/security - Gitee.com

The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package.

Red Hat Security Advisory 2023-1030-01

Red Hat Security Advisory 2023-1030-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.30.

Red Hat Security Advisory 2023-1079-01

Red Hat Security Advisory 2023-1079-01 - An update for osp-director-downloader-container, osp-director-agent-container and osp-director-operator-container is now available for Red Hat OpenStack Platform 16.2 (Train).

RHSA-2023:1141: Red Hat Security Advisory: gnutls security and bug fix update

An update for gnutls is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0361: A timing side-channel vulnerability was found in RSA ClientKeyExchange messages in GnuTLS. This side-channel may be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, the attacker would need to send a large amount of specially crafted messages to the v...

RHSA-2023:1030: Red Hat Security Advisory: OpenShift Container Platform 4.11.30 security update

Red Hat OpenShift Container Platform release 4.11.30 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total num...

CVE-2023-27561: CVE-2019-19921 re-introduction/regression · Issue #3751 · opencontainers/runc

runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.

CVE-2022-41724: [security] Go 1.20.1 and Go 1.19.6 are released

Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client certificates (by setting Config.ClientAuth >= RequestClientCert).

Red Hat Security Advisory 2023-0774-01

Red Hat Security Advisory 2023-0774-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.28. Issues addressed include denial of service and out of bounds read vulnerabilities.

CVE-2023-24329: Python URL Parse Problem – PointerNull

An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

GHSA-vvpx-j8f3-3w6h: Uncontrolled Resource Consumption

A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.

Ubuntu Security Notice USN-5848-1

Ubuntu Security Notice 5848-1 - David Leadbeater discovered that less was not properly handling escape sequences when displaying raw control characters. A maliciously formed OSC 8 hyperlink could possibly be used by an attacker to cause a denial of service.

GHSA-r7jw-wp68-3xch: openssl-src vulnerable to Use-after-free following `BIO_new_NDEF`

The public API function `BIO_new_NDEF` is a helper function used for streaming ASN.1 data via a `BIO`. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a `BIO` from the caller, prepends a new `BIO_f_asn1` filter `BIO` onto the front of it to form a `BIO` chain, and then returns the new head of the `BIO` chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter `BIO` is freed and the function returns a `NULL` result indicating a failure. However, in this case, the `BIO` chain is not properly cleaned up and the `BIO` passed by the caller still retains internal pointers to the previously freed filter `BIO`. If the caller then goes on to call `BIO_pop()` on the `BIO` then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function `B64...

CVE-2022-46663: End OSC8 hyperlink on invalid embedded escape sequence. · gwsw/less@a78e135

In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal.