RHSA-2021:2021: Red Hat Security Advisory: Release of OpenShift Serverless 1.10.2 security update

Openshift Serverless 1.10.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Red Hat OpenShift Serverless 1.10.2 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.5. Security Fix(es):

• golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)
• golang: cmd/go: packages using cgo can cause arbitrary code execution at build time (CVE-2021-3115) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Related CVEs:
• CVE-2021-3114: golang: crypto/elliptic: incorrect operations on the P-224 curve
• CVE-2021-3115: golang: cmd/go: packages using cgo can cause arbitrary code execution at build time