Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:4459: Red Hat Security Advisory: OpenShift Container Platform 4.13.8 packages and security update

Red Hat OpenShift Container Platform release 4.13.8 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a ‘/’ character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if executed with untrusted input.
  • CVE-2023-29400: A flaw was found in golang. Templates containing actions in unquoted HTML attributes, for example, “attr={{.}}”) executed with empty input, could result in output that has unexpected results when parsed due to HTML normalization rules. This issue may allow the injection of arbitrary attributes into tags.
Red Hat Security Data
#vulnerability#web#linux#red_hat#redis#kubernetes#ibm#rpm

Synopsis

Moderate: OpenShift Container Platform 4.13.8 packages and security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 4.13.8 is now available with updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.13.

Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.8. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHSA-2023:4456

Security Fix(es):

  • golang: html/template: improper sanitization of CSS values (CVE-2023-24539)
  • golang: html/template: improper handling of empty HTML attributes (CVE-2023-29400)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html

Affected Products

  • Red Hat OpenShift Container Platform 4.13 for RHEL 9 x86_64
  • Red Hat OpenShift Container Platform 4.13 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform for Power 4.13 for RHEL 9 ppc64le
  • Red Hat OpenShift Container Platform for Power 4.13 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 9 s390x
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 8 s390x
  • Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 9 aarch64
  • Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 8 aarch64

Fixes

  • BZ - 2196026 - CVE-2023-24539 golang: html/template: improper sanitization of CSS values
  • BZ - 2196029 - CVE-2023-29400 golang: html/template: improper handling of empty HTML attributes
  • OCPBUGS-17339 - Placeholder bug for OCP 4.13.0 rpm release

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html

Red Hat OpenShift Container Platform 4.13 for RHEL 9

SRPM

cri-tools-1.26.0-3.el9.src.rpm

SHA-256: f13adbeb9eda5ccbdaafec8d4587beeac52dd2c5366df18b2089b606691eed01

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.src.rpm

SHA-256: e0bbf18af946f79c71d6013c48d8bf8fa6983c70fdfcb730f95be89356b95abd

ovn23.06-23.06.0-51.el9fdp.src.rpm

SHA-256: 9f9f70ddbbe0eaaef455a1bbda5f7e522cc3d581cdcf37c985896ec4c464f601

ovn23.09-23.09.0-alpha.78.el9fdp.src.rpm

SHA-256: 7660ffe8fb186b37b8fea71d39fd1b97494dd9eceab0a865195c6474bb6c3bb7

x86_64

cri-tools-1.26.0-3.el9.x86_64.rpm

SHA-256: a0c6a5ced460a8b858fd2caae562d49556873e3f22114222f11ff51adccccfad

cri-tools-debuginfo-1.26.0-3.el9.x86_64.rpm

SHA-256: 64f1795ae5f72bfc47c4a90a9d511673a4d03f214b8cc413d026b3074818bf0e

cri-tools-debugsource-1.26.0-3.el9.x86_64.rpm

SHA-256: dfc8da892eca786b3f674ee03cb5cb5e6e7fc11a894d9dcf231dfb12a1200f50

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.x86_64.rpm

SHA-256: d78323860b1c8706659ae1736743cc6836d3e24c03bcb0c068891469aba84c8f

openshift-clients-redistributable-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.x86_64.rpm

SHA-256: a63ba369da2c58a1e4b97e6e3d5f5a1dc086ec84a3a7cf9b98f7ad683a9dbca3

ovn23.06-23.06.0-51.el9fdp.x86_64.rpm

SHA-256: 2a7b540c2f2b8f948041152f3b0d411c6f462c4f62865f35c79008f4d498a3c6

ovn23.06-central-23.06.0-51.el9fdp.x86_64.rpm

SHA-256: f63088bb4bcce89772f9a3ab436264ae2259fd2d7e15958e248c23f8a6ac43c9

ovn23.06-central-debuginfo-23.06.0-51.el9fdp.x86_64.rpm

SHA-256: 2102fae9cc7a2d8396125590ce0dcdda14e4a283dd5735fd6dfc94167101fc7f

ovn23.06-debuginfo-23.06.0-51.el9fdp.x86_64.rpm

SHA-256: 1fe7c0768e7f447b84f0445a050567dd8a1c471e7194e6fc32bd77a8bba78561

ovn23.06-debugsource-23.06.0-51.el9fdp.x86_64.rpm

SHA-256: 5b41251952037069e34a76f98b00f0429413f32945bcdce470171a3fbfd037c4

ovn23.06-host-23.06.0-51.el9fdp.x86_64.rpm

SHA-256: c5188f844290f638b85b455ea8f014d8bab5f8e8716000ca00e23d33c5cea2c1

ovn23.06-host-debuginfo-23.06.0-51.el9fdp.x86_64.rpm

SHA-256: 5cfac136fae047fb8831afaefc7bba5b31fb9c3cfd1642c0826b9e5bc2352597

ovn23.06-vtep-23.06.0-51.el9fdp.x86_64.rpm

SHA-256: 1a9e0904e82688166e7334f8ae7179ed49260b7336b509d46094a95b4a079a4f

ovn23.06-vtep-debuginfo-23.06.0-51.el9fdp.x86_64.rpm

SHA-256: a4d35a5a4c023d472eccc1232189cd0d19614d0b9734fe023686647df92e9f65

ovn23.09-23.09.0-alpha.78.el9fdp.x86_64.rpm

SHA-256: 85333def0d2883235bfb855218278c0ecec7555d6642b68bf6e2ef294017b800

ovn23.09-central-23.09.0-alpha.78.el9fdp.x86_64.rpm

SHA-256: 17880d16284e81bcb6c5a8dc0a58c4840327171e0a1980dd0b0e0a570514c08d

ovn23.09-central-debuginfo-23.09.0-alpha.78.el9fdp.x86_64.rpm

SHA-256: 5091b135a1dd84eeaddafca2ef369ec45debd7f43806ef0c372e2a85811330f0

ovn23.09-debuginfo-23.09.0-alpha.78.el9fdp.x86_64.rpm

SHA-256: 26d3f62945bf30ae7a7e881fecc4dd62f3b3298f5bff77910f07e4b194770260

ovn23.09-debugsource-23.09.0-alpha.78.el9fdp.x86_64.rpm

SHA-256: bfe6b8369963b5f41042a4c6f652f5b080d963a12f3b470fcec95b40615abb7b

ovn23.09-host-23.09.0-alpha.78.el9fdp.x86_64.rpm

SHA-256: 45f0148a621b55e8e6e9652da1cee968074694bf46b9f0afc55dbaafac32d3f7

ovn23.09-host-debuginfo-23.09.0-alpha.78.el9fdp.x86_64.rpm

SHA-256: 1f46442fc27b05d229630227f7bc1c385f1861183b29ee06f1dff6d33c369bca

ovn23.09-vtep-23.09.0-alpha.78.el9fdp.x86_64.rpm

SHA-256: b47c48c90620f0181659e3d362210a6c47b6caa3c331eb576c2afeaec259175a

ovn23.09-vtep-debuginfo-23.09.0-alpha.78.el9fdp.x86_64.rpm

SHA-256: 2607549273569baa0385831fab84a62ad3aaa73678f36c5ac8832ff8648d945b

Red Hat OpenShift Container Platform 4.13 for RHEL 8

SRPM

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.src.rpm

SHA-256: 5ace9936fe2d38e0644ad8d744f554c2b36ca07469aa3375de1edb71d7953b57

openshift-kuryr-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.src.rpm

SHA-256: 54213f69fd55615440ced97b9859e2942c1fc6e086ce3d3a1a49cb9652b9282e

x86_64

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.x86_64.rpm

SHA-256: a7654f9c6a5b6826ea46516a318821b5c8ea137541cfeeb87d343c45ca1aa42f

openshift-clients-redistributable-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.x86_64.rpm

SHA-256: d779b02463dfd9dc5f3c5368dd7d90618b31fa886e06ed0d8079e2f68805e5f5

openshift-kuryr-cni-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: c22a2d4fc812177b160246e3d1b64381451a88cac6d71c6431ba5ebbdc1968d7

openshift-kuryr-common-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: 330c1a6b08cf5f5376f5ddfaa7fe112794df97c73082e7ec153769566ab5a4d7

openshift-kuryr-controller-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: 598f4c073b5e77176fb16c9e677fee53af196d68543d0475c4c84ea599c15a55

python3-kuryr-kubernetes-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: b027ef279e87bc1e939608f52c96f9e664c025cf82317346253ecbb92799127f

Red Hat OpenShift Container Platform for Power 4.13 for RHEL 9

SRPM

cri-tools-1.26.0-3.el9.src.rpm

SHA-256: f13adbeb9eda5ccbdaafec8d4587beeac52dd2c5366df18b2089b606691eed01

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.src.rpm

SHA-256: e0bbf18af946f79c71d6013c48d8bf8fa6983c70fdfcb730f95be89356b95abd

ovn23.06-23.06.0-51.el9fdp.src.rpm

SHA-256: 9f9f70ddbbe0eaaef455a1bbda5f7e522cc3d581cdcf37c985896ec4c464f601

ovn23.09-23.09.0-alpha.78.el9fdp.src.rpm

SHA-256: 7660ffe8fb186b37b8fea71d39fd1b97494dd9eceab0a865195c6474bb6c3bb7

ppc64le

cri-tools-1.26.0-3.el9.ppc64le.rpm

SHA-256: 7e185cfa55a4b31fdf7bc497be5ced51ca0e6ae9ca96a53d2dafa4d0b699891f

cri-tools-debuginfo-1.26.0-3.el9.ppc64le.rpm

SHA-256: b68f94ac2f2d9f79499c0f7c59f8b2e430eefcb85d1ab297501e6309979d15f5

cri-tools-debugsource-1.26.0-3.el9.ppc64le.rpm

SHA-256: 743c09d3ae86a19d8d355ed2245903833bff700da1443f3824c219767b6bdb80

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.ppc64le.rpm

SHA-256: ad71fedcdffb44e7cc35f2da0e28c395b099cd7b4921dc06a95a4c993cd4f712

ovn23.06-23.06.0-51.el9fdp.ppc64le.rpm

SHA-256: 55fc614da28480c78ece70eb174cdd185a26b3c3db8eee3290a15c131853f555

ovn23.06-central-23.06.0-51.el9fdp.ppc64le.rpm

SHA-256: e124a4c96b1b58d9d5577283cb62696da5b140208cbc2aa330f638a68a2c09e4

ovn23.06-central-debuginfo-23.06.0-51.el9fdp.ppc64le.rpm

SHA-256: 077e5b9f216364e0081e16ce1361b3640f8df31eb2724f2901351b52c4456ecb

ovn23.06-debuginfo-23.06.0-51.el9fdp.ppc64le.rpm

SHA-256: de18f81aa917d4fe7e0a9a489ddc32b20a3bd553e1be011c8dbf76074d516e9f

ovn23.06-debugsource-23.06.0-51.el9fdp.ppc64le.rpm

SHA-256: e874c39be893bd503f75da393c793534a00602d11addf1620dc9b46bdab5f43d

ovn23.06-host-23.06.0-51.el9fdp.ppc64le.rpm

SHA-256: f0749387071da3634fa37fe6e4b71833764bd023741cdfaba7aa1961d62cd795

ovn23.06-host-debuginfo-23.06.0-51.el9fdp.ppc64le.rpm

SHA-256: 8a57174c8f5a91a07f41a2b5cdd762b551613ab39c1322046e2c00528dac776a

ovn23.06-vtep-23.06.0-51.el9fdp.ppc64le.rpm

SHA-256: 64bc64f1de1fdf008e1e3cf244936ca7cdd54f1384b0d4d0943ba64476abea87

ovn23.06-vtep-debuginfo-23.06.0-51.el9fdp.ppc64le.rpm

SHA-256: e399a0165568b3e872a64190ae32293c5f41ca053c31f064cd4a0dcd839b69d7

ovn23.09-23.09.0-alpha.78.el9fdp.ppc64le.rpm

SHA-256: e092f7fc3a4fcd8491b5731fff9c7e86c78684419fccc3e7b0711e16fb784d34

ovn23.09-central-23.09.0-alpha.78.el9fdp.ppc64le.rpm

SHA-256: 733b21d0ba1182d65dc6e53e12ce7b63b2a99b95e0458ed49e6a9a46a84526db

ovn23.09-central-debuginfo-23.09.0-alpha.78.el9fdp.ppc64le.rpm

SHA-256: 3f15ca4996b61ce00520fd6d8525c1227d4169595b091193d59e4b8e66025402

ovn23.09-debuginfo-23.09.0-alpha.78.el9fdp.ppc64le.rpm

SHA-256: 7660eb63ec0deed10ec265b7d1dec3feb6b796e69b93935087ae385c3e1541f6

ovn23.09-debugsource-23.09.0-alpha.78.el9fdp.ppc64le.rpm

SHA-256: 55524965d31f4e3570627ce868974fe22e749abc53fca2ff90dabc8b5876012b

ovn23.09-host-23.09.0-alpha.78.el9fdp.ppc64le.rpm

SHA-256: 22f04778ae1b92416274beccaab1e029d9cfca51caf73932491f2a4ab2c98cd8

ovn23.09-host-debuginfo-23.09.0-alpha.78.el9fdp.ppc64le.rpm

SHA-256: c7e0c2b896e46f0d7e3c472905f44204e2fe334fa626ec7b310ff0bd7c82c810

ovn23.09-vtep-23.09.0-alpha.78.el9fdp.ppc64le.rpm

SHA-256: ce075354003568d8395ba0149ba5589d7877ef1694686c358eee6d10236e1ad8

ovn23.09-vtep-debuginfo-23.09.0-alpha.78.el9fdp.ppc64le.rpm

SHA-256: eb28d7c1f56c7ec377172c8a2933c732db36d789002b208fc3f685df0fbde696

Red Hat OpenShift Container Platform for Power 4.13 for RHEL 8

SRPM

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.src.rpm

SHA-256: 5ace9936fe2d38e0644ad8d744f554c2b36ca07469aa3375de1edb71d7953b57

openshift-kuryr-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.src.rpm

SHA-256: 54213f69fd55615440ced97b9859e2942c1fc6e086ce3d3a1a49cb9652b9282e

ppc64le

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.ppc64le.rpm

SHA-256: 7140e56635668cf242a1953aa517ca7b2a67a02116ceeda720c5582bc1acede7

openshift-kuryr-cni-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: c22a2d4fc812177b160246e3d1b64381451a88cac6d71c6431ba5ebbdc1968d7

openshift-kuryr-common-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: 330c1a6b08cf5f5376f5ddfaa7fe112794df97c73082e7ec153769566ab5a4d7

openshift-kuryr-controller-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: 598f4c073b5e77176fb16c9e677fee53af196d68543d0475c4c84ea599c15a55

python3-kuryr-kubernetes-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: b027ef279e87bc1e939608f52c96f9e664c025cf82317346253ecbb92799127f

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 9

SRPM

cri-tools-1.26.0-3.el9.src.rpm

SHA-256: f13adbeb9eda5ccbdaafec8d4587beeac52dd2c5366df18b2089b606691eed01

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.src.rpm

SHA-256: e0bbf18af946f79c71d6013c48d8bf8fa6983c70fdfcb730f95be89356b95abd

ovn23.06-23.06.0-51.el9fdp.src.rpm

SHA-256: 9f9f70ddbbe0eaaef455a1bbda5f7e522cc3d581cdcf37c985896ec4c464f601

ovn23.09-23.09.0-alpha.78.el9fdp.src.rpm

SHA-256: 7660ffe8fb186b37b8fea71d39fd1b97494dd9eceab0a865195c6474bb6c3bb7

s390x

cri-tools-1.26.0-3.el9.s390x.rpm

SHA-256: 9fd3c8298651f2c3c050296a07c7126b27d9705952cf364a2cebe9ae4acba478

cri-tools-debuginfo-1.26.0-3.el9.s390x.rpm

SHA-256: d1830a4458154a874fc937974ff51d6ca0277213972f84b0e9a354a0eff57c71

cri-tools-debugsource-1.26.0-3.el9.s390x.rpm

SHA-256: 215a131834534cd4a32b691385694298f3b01d3bc23555ab22055e9e56accd4a

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.s390x.rpm

SHA-256: 480b6f3b57d9e94d1928498972e6ba43ad1753cde8cc2b5d513099686b90944c

ovn23.06-23.06.0-51.el9fdp.s390x.rpm

SHA-256: 0e6338f1dd56ec0e651b8d31a0077bdf9bc92d1a73efb4ccad24576aebdbc67a

ovn23.06-central-23.06.0-51.el9fdp.s390x.rpm

SHA-256: d6c42589d1a73569829f69a391653203ae9132f31c192c4d3a46ec99e9213e99

ovn23.06-central-debuginfo-23.06.0-51.el9fdp.s390x.rpm

SHA-256: e10f40cf2f2a3be291dbab94143045a055ed1f87d78338fe8e5b2d64a1b741ec

ovn23.06-debuginfo-23.06.0-51.el9fdp.s390x.rpm

SHA-256: f53bfd53fbcb8b0f850029c6667b3e9b6058652cdd31b9e7ba50ab6618532aee

ovn23.06-debugsource-23.06.0-51.el9fdp.s390x.rpm

SHA-256: 30f8cb53d3efd6b931e207572cf7b32f0f867cccdc76eda40f9119e05e59f9f6

ovn23.06-host-23.06.0-51.el9fdp.s390x.rpm

SHA-256: b8236f8041e6a30d49b9ff2a38e3b36d594989e7a9bf2ddfb24f1ce1facb3522

ovn23.06-host-debuginfo-23.06.0-51.el9fdp.s390x.rpm

SHA-256: e2392b4bc11c94c528c0ea90958e34edcd1d0e5993fcbb69b8872d1a3bfa8803

ovn23.06-vtep-23.06.0-51.el9fdp.s390x.rpm

SHA-256: 0904f8bb40120a53298deeaf08df3bafe018b9663c753a6716f172b8b14dbec1

ovn23.06-vtep-debuginfo-23.06.0-51.el9fdp.s390x.rpm

SHA-256: e45a5cd4613ba71cbe87121b06924c9474a2c743dc024e0115000a566ec1c110

ovn23.09-23.09.0-alpha.78.el9fdp.s390x.rpm

SHA-256: febeadfe5447df56ae09a489e97f6de65c666d32505eab29a29fdb0fe5098a90

ovn23.09-central-23.09.0-alpha.78.el9fdp.s390x.rpm

SHA-256: 3f97583faabe3e8a9b308632758e17cbcb0677ad0e1369109fa56e42262a6ca1

ovn23.09-central-debuginfo-23.09.0-alpha.78.el9fdp.s390x.rpm

SHA-256: df86133f79743dd88d0dbac820714c2a6ebf6f381d36ad1f7eaed1ea088edaf4

ovn23.09-debuginfo-23.09.0-alpha.78.el9fdp.s390x.rpm

SHA-256: cd8b9fc370cff74bd1dd3f0830be0a2e7e9279ac5118079a2de8ddedb5f2b951

ovn23.09-debugsource-23.09.0-alpha.78.el9fdp.s390x.rpm

SHA-256: d1ed06eb4335f3e44b3bd16aa2af5545681b8f0643a51bdfd0b93c746d37b3e1

ovn23.09-host-23.09.0-alpha.78.el9fdp.s390x.rpm

SHA-256: c18162a88f7e5855b70e8b551b64837132149abd51e75cbcb710dbe8225d1a5b

ovn23.09-host-debuginfo-23.09.0-alpha.78.el9fdp.s390x.rpm

SHA-256: 873772b65ef6fda347ca9e1795a31cdfb0b61dcedf2ddcb023972120c853406f

ovn23.09-vtep-23.09.0-alpha.78.el9fdp.s390x.rpm

SHA-256: b4bfa29d92c772f3eda7bfec5d82df2f263af33cd8b2e0053d7f7c1e59c535e9

ovn23.09-vtep-debuginfo-23.09.0-alpha.78.el9fdp.s390x.rpm

SHA-256: 0ab4f12ac43daaf0623f8c54cc704846f7e3faa050e6d252f0169c06484faa63

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 8

SRPM

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.src.rpm

SHA-256: 5ace9936fe2d38e0644ad8d744f554c2b36ca07469aa3375de1edb71d7953b57

openshift-kuryr-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.src.rpm

SHA-256: 54213f69fd55615440ced97b9859e2942c1fc6e086ce3d3a1a49cb9652b9282e

s390x

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.s390x.rpm

SHA-256: 5e8ab235ebb756d2b6c25805a0d413ea46e7cefc5269bf68dea9802d21b5a6b4

openshift-kuryr-cni-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: c22a2d4fc812177b160246e3d1b64381451a88cac6d71c6431ba5ebbdc1968d7

openshift-kuryr-common-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: 330c1a6b08cf5f5376f5ddfaa7fe112794df97c73082e7ec153769566ab5a4d7

openshift-kuryr-controller-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: 598f4c073b5e77176fb16c9e677fee53af196d68543d0475c4c84ea599c15a55

python3-kuryr-kubernetes-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: b027ef279e87bc1e939608f52c96f9e664c025cf82317346253ecbb92799127f

Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 9

SRPM

cri-tools-1.26.0-3.el9.src.rpm

SHA-256: f13adbeb9eda5ccbdaafec8d4587beeac52dd2c5366df18b2089b606691eed01

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.src.rpm

SHA-256: e0bbf18af946f79c71d6013c48d8bf8fa6983c70fdfcb730f95be89356b95abd

ovn23.06-23.06.0-51.el9fdp.src.rpm

SHA-256: 9f9f70ddbbe0eaaef455a1bbda5f7e522cc3d581cdcf37c985896ec4c464f601

ovn23.09-23.09.0-alpha.78.el9fdp.src.rpm

SHA-256: 7660ffe8fb186b37b8fea71d39fd1b97494dd9eceab0a865195c6474bb6c3bb7

aarch64

cri-tools-1.26.0-3.el9.aarch64.rpm

SHA-256: 850f9d56d8910151f2a8e051daf20bfab9e91a7904dc33749a961ff0ae7f6da2

cri-tools-debuginfo-1.26.0-3.el9.aarch64.rpm

SHA-256: f1a43194da920503575a059fec120c6cfca971e2680db1cde138804deea35311

cri-tools-debugsource-1.26.0-3.el9.aarch64.rpm

SHA-256: 5fc31b358180873f61015145800ca7a50a2ef1c23d03f458d5e4b2ce640134a8

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.aarch64.rpm

SHA-256: 49e33b6d4a6c7eebf3d0e9c262a8a417259248d5c9aff08f69e6adf6b23d4f88

ovn23.06-23.06.0-51.el9fdp.aarch64.rpm

SHA-256: 2deccc8855a31239dcc9f3e44ab714be42e4d59e25e71632eaf0b348fb863f02

ovn23.06-central-23.06.0-51.el9fdp.aarch64.rpm

SHA-256: ab9f302f0981a0576ffabbf22763b065eb1f52cecac40101088b7e10278c4659

ovn23.06-central-debuginfo-23.06.0-51.el9fdp.aarch64.rpm

SHA-256: 403e195ffa56557ca88d954f0010a1b3ac5f1bdb6fae562e4f6e73673c738d93

ovn23.06-debuginfo-23.06.0-51.el9fdp.aarch64.rpm

SHA-256: 528240b679c5f924e1ce6819ba2d84e7d07e084804c5cef5cbc4045036a98971

ovn23.06-debugsource-23.06.0-51.el9fdp.aarch64.rpm

SHA-256: 3bf57716270198c8af39ba55207807ae75c86a200df5f8a49f4356358707fd50

ovn23.06-host-23.06.0-51.el9fdp.aarch64.rpm

SHA-256: 388cf4e39851a9aa84f1bca58ea24cd29f194df0ee323d85145ce1355acd580e

ovn23.06-host-debuginfo-23.06.0-51.el9fdp.aarch64.rpm

SHA-256: 357acab69832c3abc6304bde50252d01470ba05a865ddfdeb7c9d879c5788feb

ovn23.06-vtep-23.06.0-51.el9fdp.aarch64.rpm

SHA-256: c1fc5ad48ae0dd49918561bea38b341581a4d7a2adf6bf16527b5d31e9dc9eb6

ovn23.06-vtep-debuginfo-23.06.0-51.el9fdp.aarch64.rpm

SHA-256: ce251d00350172b7a00250718de1cd1b47fabc572ec0a8a3504c0e5cc4fb0379

ovn23.09-23.09.0-alpha.78.el9fdp.aarch64.rpm

SHA-256: a84d0ef0d0e4c1b07255bb2b36c2d1b7da86f909ee09a6a4a1ca7b6ec22ebb17

ovn23.09-central-23.09.0-alpha.78.el9fdp.aarch64.rpm

SHA-256: 2391d97b9805d62f8103fa27cff8f8fe9618dfa154658c4a75639ddf9c570915

ovn23.09-central-debuginfo-23.09.0-alpha.78.el9fdp.aarch64.rpm

SHA-256: 7a201380d88558219d3c96ac5d246a5a5f75bded90dfb55c6f2831537879b001

ovn23.09-debuginfo-23.09.0-alpha.78.el9fdp.aarch64.rpm

SHA-256: 156b04a68f81a9635f9493bb05be591182c245893c168dcc3e78719d93f9d41c

ovn23.09-debugsource-23.09.0-alpha.78.el9fdp.aarch64.rpm

SHA-256: dee720cc2229520b690dc937616a7d160cf23268e4e02b2144f1849eacaa6fc2

ovn23.09-host-23.09.0-alpha.78.el9fdp.aarch64.rpm

SHA-256: 9f586662d89c7711199f06981b91513ed035fe3c9607c72209aea42282678e35

ovn23.09-host-debuginfo-23.09.0-alpha.78.el9fdp.aarch64.rpm

SHA-256: 89af8a513ad93ad4db726a66566d5d8cb07099a96a4f2c098d3cc79a3af98067

ovn23.09-vtep-23.09.0-alpha.78.el9fdp.aarch64.rpm

SHA-256: 6a246c6cccdc1afcfd47edb5c3046524240936ac9ada86e0e3d951156daa8448

ovn23.09-vtep-debuginfo-23.09.0-alpha.78.el9fdp.aarch64.rpm

SHA-256: 9acd0e1d1b541fd2d42f4a1afd796b6f7b5c37fbaee5b112f9557f25b0488c21

Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 8

SRPM

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.src.rpm

SHA-256: 5ace9936fe2d38e0644ad8d744f554c2b36ca07469aa3375de1edb71d7953b57

openshift-kuryr-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.src.rpm

SHA-256: 54213f69fd55615440ced97b9859e2942c1fc6e086ce3d3a1a49cb9652b9282e

aarch64

openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.aarch64.rpm

SHA-256: ec5664ab6a6fbc82e1e22ec17fe37cec6bd904a1b43df9ab1f164387e3c61262

openshift-kuryr-cni-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: c22a2d4fc812177b160246e3d1b64381451a88cac6d71c6431ba5ebbdc1968d7

openshift-kuryr-common-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: 330c1a6b08cf5f5376f5ddfaa7fe112794df97c73082e7ec153769566ab5a4d7

openshift-kuryr-controller-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: 598f4c073b5e77176fb16c9e677fee53af196d68543d0475c4c84ea599c15a55

python3-kuryr-kubernetes-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm

SHA-256: b027ef279e87bc1e939608f52c96f9e664c025cf82317346253ecbb92799127f

Related news

Gentoo Linux Security Advisory 202408-07

Gentoo Linux Security Advisory 202408-7 - Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service. Versions greater than or equal to 1.22.3 are affected.

RHSA-2023:5421: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.3.2 security updates and bug fixes

Multicluster Engine for Kubernetes 2.3.2 General Availability release images, which contain security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41721: A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead read the body of the HTTP request, which could be attacker-manipulate...

RHSA-2023:4657: Red Hat Security Advisory: Secondary Scheduler Operator for Red Hat OpenShift 1.1.2 security update

Secondary Scheduler Operator for Red Hat OpenShift 1.1.2 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24532: A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh. * CVE-2023-24534: A flaw was found in Golang Go...

Red Hat Security Advisory 2023-4664-01

Red Hat Security Advisory 2023-4664-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.3 images. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-4090-01

Red Hat Security Advisory 2023-4090-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.5.

Red Hat Security Advisory 2023-4090-01

Red Hat Security Advisory 2023-4090-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.5.

RHSA-2023:4091: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server c...

RHSA-2023:4091: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server c...

RHSA-2023:3918: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.5 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.5 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in H...

RHSA-2023:3918: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.5 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.5 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in H...

RHSA-2023:3905: Red Hat Security Advisory: Network observability 1.3.0 for Openshift

Network Observability 1.3.0 for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted input. * CVE-2023-24540: A flaw was found in golang,...

RHSA-2023:3905: Red Hat Security Advisory: Network observability 1.3.0 for Openshift

Network Observability 1.3.0 for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted input. * CVE-2023-24540: A flaw was found in golang,...

Ubuntu Security Notice USN-6140-1

Ubuntu Security Notice 6140-1 - It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. It was discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10.

Ubuntu Security Notice USN-6140-1

Ubuntu Security Notice 6140-1 - It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. It was discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10.

Red Hat Security Advisory 2023-3445-01

Red Hat Security Advisory 2023-3445-01 - An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-3445-01

Red Hat Security Advisory 2023-3445-01 - An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Issues addressed include a denial of service vulnerability.

RHSA-2023:3445: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-28235: A flaw was found in etcd, where etc-io could allow a remote attacker to gain elevated privileges on the system caused by a vulnerability in the debug function. By sending a specially crafted request, an attacker can gain elevated privileges. * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause e...

RHSA-2023:3445: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-28235: A flaw was found in etcd, where etc-io could allow a remote attacker to gain elevated privileges on the system caused by a vulnerability in the debug function. By sending a specially crafted request, an attacker can gain elevated privileges. * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause e...

RHSA-2023:3435: Red Hat Security Advisory: Red Hat Advanced Cluster Security 3.74 for Kubernetes security update

An update is now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted inpu...

RHSA-2023:3435: Red Hat Security Advisory: Red Hat Advanced Cluster Security 3.74 for Kubernetes security update

An update is now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted inpu...

Red Hat Security Advisory 2023-3415-01

Red Hat Security Advisory 2023-3415-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes security and bug fixes.

Red Hat Security Advisory 2023-3415-01

Red Hat Security Advisory 2023-3415-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes security and bug fixes.

RHSA-2023:3323: Red Hat Security Advisory: go-toolset-1.19 and go-toolset-1.19-golang security update

An update for go-toolset-1.19 and go-toolset-1.19-golang is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24537: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service. * CVE-2023-24538: A flaw was found in Golang Go. This flaw ...

RHSA-2023:3323: Red Hat Security Advisory: go-toolset-1.19 and go-toolset-1.19-golang security update

An update for go-toolset-1.19 and go-toolset-1.19-golang is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24537: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service. * CVE-2023-24538: A flaw was found in Golang Go. This flaw ...