Headline
RHSA-2023:4459: Red Hat Security Advisory: OpenShift Container Platform 4.13.8 packages and security update
Red Hat OpenShift Container Platform release 4.13.8 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a ‘/’ character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if executed with untrusted input.
- CVE-2023-29400: A flaw was found in golang. Templates containing actions in unquoted HTML attributes, for example, “attr={{.}}”) executed with empty input, could result in output that has unexpected results when parsed due to HTML normalization rules. This issue may allow the injection of arbitrary attributes into tags.
Synopsis
Moderate: OpenShift Container Platform 4.13.8 packages and security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
Red Hat OpenShift Container Platform release 4.13.8 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.13.
Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.8. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2023:4456
Security Fix(es):
- golang: html/template: improper sanitization of CSS values (CVE-2023-24539)
- golang: html/template: improper handling of empty HTML attributes (CVE-2023-29400)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html
Affected Products
- Red Hat OpenShift Container Platform 4.13 for RHEL 9 x86_64
- Red Hat OpenShift Container Platform 4.13 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform for Power 4.13 for RHEL 9 ppc64le
- Red Hat OpenShift Container Platform for Power 4.13 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 9 s390x
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 8 s390x
- Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 9 aarch64
- Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 8 aarch64
Fixes
- BZ - 2196026 - CVE-2023-24539 golang: html/template: improper sanitization of CSS values
- BZ - 2196029 - CVE-2023-29400 golang: html/template: improper handling of empty HTML attributes
- OCPBUGS-17339 - Placeholder bug for OCP 4.13.0 rpm release
References
- https://access.redhat.com/security/updates/classification/#moderate
- https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html
Red Hat OpenShift Container Platform 4.13 for RHEL 9
SRPM
cri-tools-1.26.0-3.el9.src.rpm
SHA-256: f13adbeb9eda5ccbdaafec8d4587beeac52dd2c5366df18b2089b606691eed01
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.src.rpm
SHA-256: e0bbf18af946f79c71d6013c48d8bf8fa6983c70fdfcb730f95be89356b95abd
ovn23.06-23.06.0-51.el9fdp.src.rpm
SHA-256: 9f9f70ddbbe0eaaef455a1bbda5f7e522cc3d581cdcf37c985896ec4c464f601
ovn23.09-23.09.0-alpha.78.el9fdp.src.rpm
SHA-256: 7660ffe8fb186b37b8fea71d39fd1b97494dd9eceab0a865195c6474bb6c3bb7
x86_64
cri-tools-1.26.0-3.el9.x86_64.rpm
SHA-256: a0c6a5ced460a8b858fd2caae562d49556873e3f22114222f11ff51adccccfad
cri-tools-debuginfo-1.26.0-3.el9.x86_64.rpm
SHA-256: 64f1795ae5f72bfc47c4a90a9d511673a4d03f214b8cc413d026b3074818bf0e
cri-tools-debugsource-1.26.0-3.el9.x86_64.rpm
SHA-256: dfc8da892eca786b3f674ee03cb5cb5e6e7fc11a894d9dcf231dfb12a1200f50
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.x86_64.rpm
SHA-256: d78323860b1c8706659ae1736743cc6836d3e24c03bcb0c068891469aba84c8f
openshift-clients-redistributable-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.x86_64.rpm
SHA-256: a63ba369da2c58a1e4b97e6e3d5f5a1dc086ec84a3a7cf9b98f7ad683a9dbca3
ovn23.06-23.06.0-51.el9fdp.x86_64.rpm
SHA-256: 2a7b540c2f2b8f948041152f3b0d411c6f462c4f62865f35c79008f4d498a3c6
ovn23.06-central-23.06.0-51.el9fdp.x86_64.rpm
SHA-256: f63088bb4bcce89772f9a3ab436264ae2259fd2d7e15958e248c23f8a6ac43c9
ovn23.06-central-debuginfo-23.06.0-51.el9fdp.x86_64.rpm
SHA-256: 2102fae9cc7a2d8396125590ce0dcdda14e4a283dd5735fd6dfc94167101fc7f
ovn23.06-debuginfo-23.06.0-51.el9fdp.x86_64.rpm
SHA-256: 1fe7c0768e7f447b84f0445a050567dd8a1c471e7194e6fc32bd77a8bba78561
ovn23.06-debugsource-23.06.0-51.el9fdp.x86_64.rpm
SHA-256: 5b41251952037069e34a76f98b00f0429413f32945bcdce470171a3fbfd037c4
ovn23.06-host-23.06.0-51.el9fdp.x86_64.rpm
SHA-256: c5188f844290f638b85b455ea8f014d8bab5f8e8716000ca00e23d33c5cea2c1
ovn23.06-host-debuginfo-23.06.0-51.el9fdp.x86_64.rpm
SHA-256: 5cfac136fae047fb8831afaefc7bba5b31fb9c3cfd1642c0826b9e5bc2352597
ovn23.06-vtep-23.06.0-51.el9fdp.x86_64.rpm
SHA-256: 1a9e0904e82688166e7334f8ae7179ed49260b7336b509d46094a95b4a079a4f
ovn23.06-vtep-debuginfo-23.06.0-51.el9fdp.x86_64.rpm
SHA-256: a4d35a5a4c023d472eccc1232189cd0d19614d0b9734fe023686647df92e9f65
ovn23.09-23.09.0-alpha.78.el9fdp.x86_64.rpm
SHA-256: 85333def0d2883235bfb855218278c0ecec7555d6642b68bf6e2ef294017b800
ovn23.09-central-23.09.0-alpha.78.el9fdp.x86_64.rpm
SHA-256: 17880d16284e81bcb6c5a8dc0a58c4840327171e0a1980dd0b0e0a570514c08d
ovn23.09-central-debuginfo-23.09.0-alpha.78.el9fdp.x86_64.rpm
SHA-256: 5091b135a1dd84eeaddafca2ef369ec45debd7f43806ef0c372e2a85811330f0
ovn23.09-debuginfo-23.09.0-alpha.78.el9fdp.x86_64.rpm
SHA-256: 26d3f62945bf30ae7a7e881fecc4dd62f3b3298f5bff77910f07e4b194770260
ovn23.09-debugsource-23.09.0-alpha.78.el9fdp.x86_64.rpm
SHA-256: bfe6b8369963b5f41042a4c6f652f5b080d963a12f3b470fcec95b40615abb7b
ovn23.09-host-23.09.0-alpha.78.el9fdp.x86_64.rpm
SHA-256: 45f0148a621b55e8e6e9652da1cee968074694bf46b9f0afc55dbaafac32d3f7
ovn23.09-host-debuginfo-23.09.0-alpha.78.el9fdp.x86_64.rpm
SHA-256: 1f46442fc27b05d229630227f7bc1c385f1861183b29ee06f1dff6d33c369bca
ovn23.09-vtep-23.09.0-alpha.78.el9fdp.x86_64.rpm
SHA-256: b47c48c90620f0181659e3d362210a6c47b6caa3c331eb576c2afeaec259175a
ovn23.09-vtep-debuginfo-23.09.0-alpha.78.el9fdp.x86_64.rpm
SHA-256: 2607549273569baa0385831fab84a62ad3aaa73678f36c5ac8832ff8648d945b
Red Hat OpenShift Container Platform 4.13 for RHEL 8
SRPM
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.src.rpm
SHA-256: 5ace9936fe2d38e0644ad8d744f554c2b36ca07469aa3375de1edb71d7953b57
openshift-kuryr-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.src.rpm
SHA-256: 54213f69fd55615440ced97b9859e2942c1fc6e086ce3d3a1a49cb9652b9282e
x86_64
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.x86_64.rpm
SHA-256: a7654f9c6a5b6826ea46516a318821b5c8ea137541cfeeb87d343c45ca1aa42f
openshift-clients-redistributable-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.x86_64.rpm
SHA-256: d779b02463dfd9dc5f3c5368dd7d90618b31fa886e06ed0d8079e2f68805e5f5
openshift-kuryr-cni-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: c22a2d4fc812177b160246e3d1b64381451a88cac6d71c6431ba5ebbdc1968d7
openshift-kuryr-common-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: 330c1a6b08cf5f5376f5ddfaa7fe112794df97c73082e7ec153769566ab5a4d7
openshift-kuryr-controller-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: 598f4c073b5e77176fb16c9e677fee53af196d68543d0475c4c84ea599c15a55
python3-kuryr-kubernetes-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: b027ef279e87bc1e939608f52c96f9e664c025cf82317346253ecbb92799127f
Red Hat OpenShift Container Platform for Power 4.13 for RHEL 9
SRPM
cri-tools-1.26.0-3.el9.src.rpm
SHA-256: f13adbeb9eda5ccbdaafec8d4587beeac52dd2c5366df18b2089b606691eed01
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.src.rpm
SHA-256: e0bbf18af946f79c71d6013c48d8bf8fa6983c70fdfcb730f95be89356b95abd
ovn23.06-23.06.0-51.el9fdp.src.rpm
SHA-256: 9f9f70ddbbe0eaaef455a1bbda5f7e522cc3d581cdcf37c985896ec4c464f601
ovn23.09-23.09.0-alpha.78.el9fdp.src.rpm
SHA-256: 7660ffe8fb186b37b8fea71d39fd1b97494dd9eceab0a865195c6474bb6c3bb7
ppc64le
cri-tools-1.26.0-3.el9.ppc64le.rpm
SHA-256: 7e185cfa55a4b31fdf7bc497be5ced51ca0e6ae9ca96a53d2dafa4d0b699891f
cri-tools-debuginfo-1.26.0-3.el9.ppc64le.rpm
SHA-256: b68f94ac2f2d9f79499c0f7c59f8b2e430eefcb85d1ab297501e6309979d15f5
cri-tools-debugsource-1.26.0-3.el9.ppc64le.rpm
SHA-256: 743c09d3ae86a19d8d355ed2245903833bff700da1443f3824c219767b6bdb80
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.ppc64le.rpm
SHA-256: ad71fedcdffb44e7cc35f2da0e28c395b099cd7b4921dc06a95a4c993cd4f712
ovn23.06-23.06.0-51.el9fdp.ppc64le.rpm
SHA-256: 55fc614da28480c78ece70eb174cdd185a26b3c3db8eee3290a15c131853f555
ovn23.06-central-23.06.0-51.el9fdp.ppc64le.rpm
SHA-256: e124a4c96b1b58d9d5577283cb62696da5b140208cbc2aa330f638a68a2c09e4
ovn23.06-central-debuginfo-23.06.0-51.el9fdp.ppc64le.rpm
SHA-256: 077e5b9f216364e0081e16ce1361b3640f8df31eb2724f2901351b52c4456ecb
ovn23.06-debuginfo-23.06.0-51.el9fdp.ppc64le.rpm
SHA-256: de18f81aa917d4fe7e0a9a489ddc32b20a3bd553e1be011c8dbf76074d516e9f
ovn23.06-debugsource-23.06.0-51.el9fdp.ppc64le.rpm
SHA-256: e874c39be893bd503f75da393c793534a00602d11addf1620dc9b46bdab5f43d
ovn23.06-host-23.06.0-51.el9fdp.ppc64le.rpm
SHA-256: f0749387071da3634fa37fe6e4b71833764bd023741cdfaba7aa1961d62cd795
ovn23.06-host-debuginfo-23.06.0-51.el9fdp.ppc64le.rpm
SHA-256: 8a57174c8f5a91a07f41a2b5cdd762b551613ab39c1322046e2c00528dac776a
ovn23.06-vtep-23.06.0-51.el9fdp.ppc64le.rpm
SHA-256: 64bc64f1de1fdf008e1e3cf244936ca7cdd54f1384b0d4d0943ba64476abea87
ovn23.06-vtep-debuginfo-23.06.0-51.el9fdp.ppc64le.rpm
SHA-256: e399a0165568b3e872a64190ae32293c5f41ca053c31f064cd4a0dcd839b69d7
ovn23.09-23.09.0-alpha.78.el9fdp.ppc64le.rpm
SHA-256: e092f7fc3a4fcd8491b5731fff9c7e86c78684419fccc3e7b0711e16fb784d34
ovn23.09-central-23.09.0-alpha.78.el9fdp.ppc64le.rpm
SHA-256: 733b21d0ba1182d65dc6e53e12ce7b63b2a99b95e0458ed49e6a9a46a84526db
ovn23.09-central-debuginfo-23.09.0-alpha.78.el9fdp.ppc64le.rpm
SHA-256: 3f15ca4996b61ce00520fd6d8525c1227d4169595b091193d59e4b8e66025402
ovn23.09-debuginfo-23.09.0-alpha.78.el9fdp.ppc64le.rpm
SHA-256: 7660eb63ec0deed10ec265b7d1dec3feb6b796e69b93935087ae385c3e1541f6
ovn23.09-debugsource-23.09.0-alpha.78.el9fdp.ppc64le.rpm
SHA-256: 55524965d31f4e3570627ce868974fe22e749abc53fca2ff90dabc8b5876012b
ovn23.09-host-23.09.0-alpha.78.el9fdp.ppc64le.rpm
SHA-256: 22f04778ae1b92416274beccaab1e029d9cfca51caf73932491f2a4ab2c98cd8
ovn23.09-host-debuginfo-23.09.0-alpha.78.el9fdp.ppc64le.rpm
SHA-256: c7e0c2b896e46f0d7e3c472905f44204e2fe334fa626ec7b310ff0bd7c82c810
ovn23.09-vtep-23.09.0-alpha.78.el9fdp.ppc64le.rpm
SHA-256: ce075354003568d8395ba0149ba5589d7877ef1694686c358eee6d10236e1ad8
ovn23.09-vtep-debuginfo-23.09.0-alpha.78.el9fdp.ppc64le.rpm
SHA-256: eb28d7c1f56c7ec377172c8a2933c732db36d789002b208fc3f685df0fbde696
Red Hat OpenShift Container Platform for Power 4.13 for RHEL 8
SRPM
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.src.rpm
SHA-256: 5ace9936fe2d38e0644ad8d744f554c2b36ca07469aa3375de1edb71d7953b57
openshift-kuryr-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.src.rpm
SHA-256: 54213f69fd55615440ced97b9859e2942c1fc6e086ce3d3a1a49cb9652b9282e
ppc64le
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.ppc64le.rpm
SHA-256: 7140e56635668cf242a1953aa517ca7b2a67a02116ceeda720c5582bc1acede7
openshift-kuryr-cni-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: c22a2d4fc812177b160246e3d1b64381451a88cac6d71c6431ba5ebbdc1968d7
openshift-kuryr-common-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: 330c1a6b08cf5f5376f5ddfaa7fe112794df97c73082e7ec153769566ab5a4d7
openshift-kuryr-controller-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: 598f4c073b5e77176fb16c9e677fee53af196d68543d0475c4c84ea599c15a55
python3-kuryr-kubernetes-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: b027ef279e87bc1e939608f52c96f9e664c025cf82317346253ecbb92799127f
Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 9
SRPM
cri-tools-1.26.0-3.el9.src.rpm
SHA-256: f13adbeb9eda5ccbdaafec8d4587beeac52dd2c5366df18b2089b606691eed01
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.src.rpm
SHA-256: e0bbf18af946f79c71d6013c48d8bf8fa6983c70fdfcb730f95be89356b95abd
ovn23.06-23.06.0-51.el9fdp.src.rpm
SHA-256: 9f9f70ddbbe0eaaef455a1bbda5f7e522cc3d581cdcf37c985896ec4c464f601
ovn23.09-23.09.0-alpha.78.el9fdp.src.rpm
SHA-256: 7660ffe8fb186b37b8fea71d39fd1b97494dd9eceab0a865195c6474bb6c3bb7
s390x
cri-tools-1.26.0-3.el9.s390x.rpm
SHA-256: 9fd3c8298651f2c3c050296a07c7126b27d9705952cf364a2cebe9ae4acba478
cri-tools-debuginfo-1.26.0-3.el9.s390x.rpm
SHA-256: d1830a4458154a874fc937974ff51d6ca0277213972f84b0e9a354a0eff57c71
cri-tools-debugsource-1.26.0-3.el9.s390x.rpm
SHA-256: 215a131834534cd4a32b691385694298f3b01d3bc23555ab22055e9e56accd4a
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.s390x.rpm
SHA-256: 480b6f3b57d9e94d1928498972e6ba43ad1753cde8cc2b5d513099686b90944c
ovn23.06-23.06.0-51.el9fdp.s390x.rpm
SHA-256: 0e6338f1dd56ec0e651b8d31a0077bdf9bc92d1a73efb4ccad24576aebdbc67a
ovn23.06-central-23.06.0-51.el9fdp.s390x.rpm
SHA-256: d6c42589d1a73569829f69a391653203ae9132f31c192c4d3a46ec99e9213e99
ovn23.06-central-debuginfo-23.06.0-51.el9fdp.s390x.rpm
SHA-256: e10f40cf2f2a3be291dbab94143045a055ed1f87d78338fe8e5b2d64a1b741ec
ovn23.06-debuginfo-23.06.0-51.el9fdp.s390x.rpm
SHA-256: f53bfd53fbcb8b0f850029c6667b3e9b6058652cdd31b9e7ba50ab6618532aee
ovn23.06-debugsource-23.06.0-51.el9fdp.s390x.rpm
SHA-256: 30f8cb53d3efd6b931e207572cf7b32f0f867cccdc76eda40f9119e05e59f9f6
ovn23.06-host-23.06.0-51.el9fdp.s390x.rpm
SHA-256: b8236f8041e6a30d49b9ff2a38e3b36d594989e7a9bf2ddfb24f1ce1facb3522
ovn23.06-host-debuginfo-23.06.0-51.el9fdp.s390x.rpm
SHA-256: e2392b4bc11c94c528c0ea90958e34edcd1d0e5993fcbb69b8872d1a3bfa8803
ovn23.06-vtep-23.06.0-51.el9fdp.s390x.rpm
SHA-256: 0904f8bb40120a53298deeaf08df3bafe018b9663c753a6716f172b8b14dbec1
ovn23.06-vtep-debuginfo-23.06.0-51.el9fdp.s390x.rpm
SHA-256: e45a5cd4613ba71cbe87121b06924c9474a2c743dc024e0115000a566ec1c110
ovn23.09-23.09.0-alpha.78.el9fdp.s390x.rpm
SHA-256: febeadfe5447df56ae09a489e97f6de65c666d32505eab29a29fdb0fe5098a90
ovn23.09-central-23.09.0-alpha.78.el9fdp.s390x.rpm
SHA-256: 3f97583faabe3e8a9b308632758e17cbcb0677ad0e1369109fa56e42262a6ca1
ovn23.09-central-debuginfo-23.09.0-alpha.78.el9fdp.s390x.rpm
SHA-256: df86133f79743dd88d0dbac820714c2a6ebf6f381d36ad1f7eaed1ea088edaf4
ovn23.09-debuginfo-23.09.0-alpha.78.el9fdp.s390x.rpm
SHA-256: cd8b9fc370cff74bd1dd3f0830be0a2e7e9279ac5118079a2de8ddedb5f2b951
ovn23.09-debugsource-23.09.0-alpha.78.el9fdp.s390x.rpm
SHA-256: d1ed06eb4335f3e44b3bd16aa2af5545681b8f0643a51bdfd0b93c746d37b3e1
ovn23.09-host-23.09.0-alpha.78.el9fdp.s390x.rpm
SHA-256: c18162a88f7e5855b70e8b551b64837132149abd51e75cbcb710dbe8225d1a5b
ovn23.09-host-debuginfo-23.09.0-alpha.78.el9fdp.s390x.rpm
SHA-256: 873772b65ef6fda347ca9e1795a31cdfb0b61dcedf2ddcb023972120c853406f
ovn23.09-vtep-23.09.0-alpha.78.el9fdp.s390x.rpm
SHA-256: b4bfa29d92c772f3eda7bfec5d82df2f263af33cd8b2e0053d7f7c1e59c535e9
ovn23.09-vtep-debuginfo-23.09.0-alpha.78.el9fdp.s390x.rpm
SHA-256: 0ab4f12ac43daaf0623f8c54cc704846f7e3faa050e6d252f0169c06484faa63
Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 8
SRPM
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.src.rpm
SHA-256: 5ace9936fe2d38e0644ad8d744f554c2b36ca07469aa3375de1edb71d7953b57
openshift-kuryr-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.src.rpm
SHA-256: 54213f69fd55615440ced97b9859e2942c1fc6e086ce3d3a1a49cb9652b9282e
s390x
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.s390x.rpm
SHA-256: 5e8ab235ebb756d2b6c25805a0d413ea46e7cefc5269bf68dea9802d21b5a6b4
openshift-kuryr-cni-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: c22a2d4fc812177b160246e3d1b64381451a88cac6d71c6431ba5ebbdc1968d7
openshift-kuryr-common-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: 330c1a6b08cf5f5376f5ddfaa7fe112794df97c73082e7ec153769566ab5a4d7
openshift-kuryr-controller-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: 598f4c073b5e77176fb16c9e677fee53af196d68543d0475c4c84ea599c15a55
python3-kuryr-kubernetes-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: b027ef279e87bc1e939608f52c96f9e664c025cf82317346253ecbb92799127f
Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 9
SRPM
cri-tools-1.26.0-3.el9.src.rpm
SHA-256: f13adbeb9eda5ccbdaafec8d4587beeac52dd2c5366df18b2089b606691eed01
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.src.rpm
SHA-256: e0bbf18af946f79c71d6013c48d8bf8fa6983c70fdfcb730f95be89356b95abd
ovn23.06-23.06.0-51.el9fdp.src.rpm
SHA-256: 9f9f70ddbbe0eaaef455a1bbda5f7e522cc3d581cdcf37c985896ec4c464f601
ovn23.09-23.09.0-alpha.78.el9fdp.src.rpm
SHA-256: 7660ffe8fb186b37b8fea71d39fd1b97494dd9eceab0a865195c6474bb6c3bb7
aarch64
cri-tools-1.26.0-3.el9.aarch64.rpm
SHA-256: 850f9d56d8910151f2a8e051daf20bfab9e91a7904dc33749a961ff0ae7f6da2
cri-tools-debuginfo-1.26.0-3.el9.aarch64.rpm
SHA-256: f1a43194da920503575a059fec120c6cfca971e2680db1cde138804deea35311
cri-tools-debugsource-1.26.0-3.el9.aarch64.rpm
SHA-256: 5fc31b358180873f61015145800ca7a50a2ef1c23d03f458d5e4b2ce640134a8
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.aarch64.rpm
SHA-256: 49e33b6d4a6c7eebf3d0e9c262a8a417259248d5c9aff08f69e6adf6b23d4f88
ovn23.06-23.06.0-51.el9fdp.aarch64.rpm
SHA-256: 2deccc8855a31239dcc9f3e44ab714be42e4d59e25e71632eaf0b348fb863f02
ovn23.06-central-23.06.0-51.el9fdp.aarch64.rpm
SHA-256: ab9f302f0981a0576ffabbf22763b065eb1f52cecac40101088b7e10278c4659
ovn23.06-central-debuginfo-23.06.0-51.el9fdp.aarch64.rpm
SHA-256: 403e195ffa56557ca88d954f0010a1b3ac5f1bdb6fae562e4f6e73673c738d93
ovn23.06-debuginfo-23.06.0-51.el9fdp.aarch64.rpm
SHA-256: 528240b679c5f924e1ce6819ba2d84e7d07e084804c5cef5cbc4045036a98971
ovn23.06-debugsource-23.06.0-51.el9fdp.aarch64.rpm
SHA-256: 3bf57716270198c8af39ba55207807ae75c86a200df5f8a49f4356358707fd50
ovn23.06-host-23.06.0-51.el9fdp.aarch64.rpm
SHA-256: 388cf4e39851a9aa84f1bca58ea24cd29f194df0ee323d85145ce1355acd580e
ovn23.06-host-debuginfo-23.06.0-51.el9fdp.aarch64.rpm
SHA-256: 357acab69832c3abc6304bde50252d01470ba05a865ddfdeb7c9d879c5788feb
ovn23.06-vtep-23.06.0-51.el9fdp.aarch64.rpm
SHA-256: c1fc5ad48ae0dd49918561bea38b341581a4d7a2adf6bf16527b5d31e9dc9eb6
ovn23.06-vtep-debuginfo-23.06.0-51.el9fdp.aarch64.rpm
SHA-256: ce251d00350172b7a00250718de1cd1b47fabc572ec0a8a3504c0e5cc4fb0379
ovn23.09-23.09.0-alpha.78.el9fdp.aarch64.rpm
SHA-256: a84d0ef0d0e4c1b07255bb2b36c2d1b7da86f909ee09a6a4a1ca7b6ec22ebb17
ovn23.09-central-23.09.0-alpha.78.el9fdp.aarch64.rpm
SHA-256: 2391d97b9805d62f8103fa27cff8f8fe9618dfa154658c4a75639ddf9c570915
ovn23.09-central-debuginfo-23.09.0-alpha.78.el9fdp.aarch64.rpm
SHA-256: 7a201380d88558219d3c96ac5d246a5a5f75bded90dfb55c6f2831537879b001
ovn23.09-debuginfo-23.09.0-alpha.78.el9fdp.aarch64.rpm
SHA-256: 156b04a68f81a9635f9493bb05be591182c245893c168dcc3e78719d93f9d41c
ovn23.09-debugsource-23.09.0-alpha.78.el9fdp.aarch64.rpm
SHA-256: dee720cc2229520b690dc937616a7d160cf23268e4e02b2144f1849eacaa6fc2
ovn23.09-host-23.09.0-alpha.78.el9fdp.aarch64.rpm
SHA-256: 9f586662d89c7711199f06981b91513ed035fe3c9607c72209aea42282678e35
ovn23.09-host-debuginfo-23.09.0-alpha.78.el9fdp.aarch64.rpm
SHA-256: 89af8a513ad93ad4db726a66566d5d8cb07099a96a4f2c098d3cc79a3af98067
ovn23.09-vtep-23.09.0-alpha.78.el9fdp.aarch64.rpm
SHA-256: 6a246c6cccdc1afcfd47edb5c3046524240936ac9ada86e0e3d951156daa8448
ovn23.09-vtep-debuginfo-23.09.0-alpha.78.el9fdp.aarch64.rpm
SHA-256: 9acd0e1d1b541fd2d42f4a1afd796b6f7b5c37fbaee5b112f9557f25b0488c21
Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 8
SRPM
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.src.rpm
SHA-256: 5ace9936fe2d38e0644ad8d744f554c2b36ca07469aa3375de1edb71d7953b57
openshift-kuryr-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.src.rpm
SHA-256: 54213f69fd55615440ced97b9859e2942c1fc6e086ce3d3a1a49cb9652b9282e
aarch64
openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.aarch64.rpm
SHA-256: ec5664ab6a6fbc82e1e22ec17fe37cec6bd904a1b43df9ab1f164387e3c61262
openshift-kuryr-cni-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: c22a2d4fc812177b160246e3d1b64381451a88cac6d71c6431ba5ebbdc1968d7
openshift-kuryr-common-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: 330c1a6b08cf5f5376f5ddfaa7fe112794df97c73082e7ec153769566ab5a4d7
openshift-kuryr-controller-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: 598f4c073b5e77176fb16c9e677fee53af196d68543d0475c4c84ea599c15a55
python3-kuryr-kubernetes-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm
SHA-256: b027ef279e87bc1e939608f52c96f9e664c025cf82317346253ecbb92799127f
Related news
Gentoo Linux Security Advisory 202408-7 - Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service. Versions greater than or equal to 1.22.3 are affected.
Multicluster Engine for Kubernetes 2.3.2 General Availability release images, which contain security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41721: A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead read the body of the HTTP request, which could be attacker-manipulate...
Secondary Scheduler Operator for Red Hat OpenShift 1.1.2 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24532: A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh. * CVE-2023-24534: A flaw was found in Golang Go...
Red Hat Security Advisory 2023-4664-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.3 images. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-4090-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.5.
Red Hat Security Advisory 2023-4090-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.5.
Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server c...
Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server c...
OpenShift API for Data Protection (OADP) 1.1.5 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in H...
OpenShift API for Data Protection (OADP) 1.1.5 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in H...
Network Observability 1.3.0 for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted input. * CVE-2023-24540: A flaw was found in golang,...
Network Observability 1.3.0 for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted input. * CVE-2023-24540: A flaw was found in golang,...
Ubuntu Security Notice 6140-1 - It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. It was discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10.
Ubuntu Security Notice 6140-1 - It was discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10. It was discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service. This issue only affected golang-1.19 on Ubuntu 22.10.
Red Hat Security Advisory 2023-3445-01 - An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-3445-01 - An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Issues addressed include a denial of service vulnerability.
An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-28235: A flaw was found in etcd, where etc-io could allow a remote attacker to gain elevated privileges on the system caused by a vulnerability in the debug function. By sending a specially crafted request, an attacker can gain elevated privileges. * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause e...
An update for etcd is now available for Red Hat OpenStack Platform 16.2 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-28235: A flaw was found in etcd, where etc-io could allow a remote attacker to gain elevated privileges on the system caused by a vulnerability in the debug function. By sending a specially crafted request, an attacker can gain elevated privileges. * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause e...
An update is now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted inpu...
An update is now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted inpu...
Red Hat Security Advisory 2023-3415-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes security and bug fixes.
Red Hat Security Advisory 2023-3415-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes security and bug fixes.
An update for go-toolset-1.19 and go-toolset-1.19-golang is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24537: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service. * CVE-2023-24538: A flaw was found in Golang Go. This flaw ...
An update for go-toolset-1.19 and go-toolset-1.19-golang is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24537: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service. * CVE-2023-24538: A flaw was found in Golang Go. This flaw ...