Headline
RHSA-2023:3218: Red Hat Security Advisory: OpenShift Container Platform 4.10.60 security update
Red Hat OpenShift Container Platform release 4.10.60 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-3064: A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document.
Issued:
2023-05-24
Updated:
2023-05-24
RHSA-2023:3218 - Security Advisory
- Overview
- Updated Images
Synopsis
Moderate: OpenShift Container Platform 4.10.60 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 4.10.60 is now available with updates to packages and images that fix several bugs.
This release includes a security update for Red Hat OpenShift Container Platform 4.10.
Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.60. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHBA-2023:3217
Security Fix(es):
- go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents (CVE-2022-3064)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.10 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html
Affected Products
- Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
- Red Hat OpenShift Container Platform for ARM 64 4.10 aarch64
Fixes
- BZ - 2163037 - CVE-2022-3064 go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents
References
- https://access.redhat.com/security/updates/classification/#moderate
- https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
aarch64
openshift4/metallb-rhel8@sha256:070f271739d83bcb046d85713c8e3756ad13fcd63b608663a5ffb7830abf75b6
openshift-tech-preview/metallb-rhel8@sha256:070f271739d83bcb046d85713c8e3756ad13fcd63b608663a5ffb7830abf75b6
openshift4/cloud-event-proxy-rhel8@sha256:d18f4a886768b6ff30a982371404a6c35a1f058250bead66d6a2d2e64950aa9d
openshift4/ose-cloud-event-proxy-rhel8@sha256:d18f4a886768b6ff30a982371404a6c35a1f058250bead66d6a2d2e64950aa9d
openshift4/ose-cloud-event-proxy@sha256:d18f4a886768b6ff30a982371404a6c35a1f058250bead66d6a2d2e64950aa9d
openshift4/dpu-network-rhel8-operator@sha256:8e1a902f75010eb9b807e6bb3049e8261cc902f055889f5bc83c362d59f5b84f
openshift4/frr-rhel8@sha256:5d5bbff138e906afc97788b69be13553822bf5556701eac4bd796875a9998e0b
openshift4/kubernetes-nmstate-rhel8-operator@sha256:1a020d6fbf3f65be5c25be801b0dcc0632d2fe2df1ad7b6951d2ea544af246af
openshift4/metallb-rhel8-operator@sha256:630b52ee065b736d49c8fbc5b11edf5bb90f38d034ade069967d054c5d851206
openshift4/ose-ansible-operator@sha256:e0eb71f49bfaac9e9b43438f924b56ece3f56cdcddc9e1c8454fbcc95dcd9da1
openshift4/ose-aws-efs-csi-driver-container-rhel8@sha256:2cb51eeafcce38d249ba316f6c158e8483396da7fee13deed028d7dd9d6de461
openshift4/ose-aws-efs-csi-driver-rhel8-operator@sha256:8d8b92c63c2d2136527f960ccfa0e5eefb6461b08505c6b9b0f0f04bbb2681d0
openshift4/ose-cluster-capacity@sha256:933f6d5d49dfed63ccb25dfc7b2a0a7587c272282c4810cccdb881195c11578c
openshift4/ose-cluster-kube-descheduler-operator@sha256:7323685f5152a69502339019c0abd941bbc569687f028aff03795c897afc37f8
openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:7323685f5152a69502339019c0abd941bbc569687f028aff03795c897afc37f8
openshift4/ose-cluster-nfd-operator@sha256:b815fb88e9246b7010b215d837280f1c867471bf966751c2587ad822376f1032
openshift4/ose-clusterresourceoverride-rhel8@sha256:de5f64edc86b02c949a06c294320e12075b65dcd40ed6c502c2c70bc28064811
openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f0e890191e62746a381c206e7fc4eb6d5101e5255cebdcb246cdeedb5144d052
openshift4/ose-contour-rhel8@sha256:cfc5d13fc553fe31f58b7f5e38f0c73868ff19b636a4d16f3f5fe7fa5a4b8f1a
openshift4/ose-descheduler@sha256:a52507f3cb39d4514fc37ce07ff9e6fab71c34c2901dfc5ba09456eeef1fe2c6
openshift4/ose-egress-dns-proxy@sha256:a0bce7f9f636bd59643c7c93425fce95882898b491e439d0dcb56fd59b65cb66
openshift4/ose-egress-http-proxy@sha256:59cc4084cf778364c2e7317a23e6ac959157b71c142ab23168ee5fa5f42d3460
openshift4/ose-egress-router@sha256:ba7e9d0cbf49ee54141a254cdd5e99297ca7763dbe657c961702f7808f6d6a93
openshift4/ose-helm-operator@sha256:2e6ce69ff7d14307044bcc8be449dcb48153830144340d0a3d079eac3c7a3411
openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:77d6ff1fcfe064bd56a0e321f7bb869bb9638d87992f2888cc91418a58f11519
openshift4/ose-local-storage-diskmaker@sha256:ea302f37383754acc168bb7ae42beca48dbe553fc598dc8ebc8e99beca1934b6
openshift4/ose-local-storage-mustgather-rhel8@sha256:69c3c932c6884f0f786de954932abfdec80cc13c05a5a70e9aaa4bd03d2f36fb
openshift4/ose-local-storage-operator@sha256:0a81199e87771fc41df09c61560a611e3044744c3ca06855836962d0599e1914
openshift4/ose-node-feature-discovery@sha256:ea55068d34f10dd3009bf629391ddb289de3f00c0dfdf6586ea48fc33cd97f2b
openshift4/ose-node-problem-detector-rhel8@sha256:d3382e49e1a8d345cbba88a50caa58895c991c0cfbd5835aca8fe3bd6e9ab4ec
openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:0e71f04c4095e5d3bd637314c0019f26cd2ecccdb77d6df893fc1f15bb62abfc
openshift4/ose-operator-sdk-rhel8@sha256:469d55000e051a930b9f474aa2fed45ec99a95722e5648a7b38274123452e2d1
openshift4/ose-ptp@sha256:84962f27c54581945f360b87cfcfa7853775b235e7f426074411ccfb2bfa15ce
openshift4/ose-ptp-operator@sha256:94d2def6669eab51e60739722a0e909e697164a0263170be4d7a8360132be565
openshift4/ose-service-idler-rhel8@sha256:48e19a1f1215402cc39d33fac0f7f9caf31c43b6d6a6f1c740c7420a832af45d
openshift4/ose-sriov-cni@sha256:7c24dfd0a4eeb5b81b1d0b9d4d5911ff44f9b4597313fc2d5fc37206483091b6
openshift4/ose-sriov-dp-admission-controller@sha256:0309422f1307b07925e71c634cb52462d0324b54bc660b5d17c6c075413c8336
openshift4/ose-sriov-infiniband-cni@sha256:7a4f2def95582ef57bc2eedebc5182f7d0ede3e5c608e497082c51bc65e6779b
openshift4/ose-sriov-network-config-daemon@sha256:0620f165dcfbd069c7284ba1d973373d8d81e0bcefcc0cec8ac363ad8747bb56
openshift4/ose-sriov-network-device-plugin@sha256:96c7979800d17246ebc4626fb0f8d9698068d44d907f06aefbbeba4889d64c59
openshift4/ose-sriov-network-operator@sha256:37b790cbcfa57e519839c2682d8860f5e9022e2c5d5ec65d05806b459be4c204
openshift4/ose-sriov-network-webhook@sha256:b5156462a2a43c53019628a85b0ec7eb4ef8603e8f0607bf4e308b084e0fe1c1
openshift4/ose-sriov-operator-must-gather@sha256:f5ecbe68ec211ed96e390712efaf6b822fed6ab96e0d97ef01ff4281a29bd50c
openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:506794d839f4c44f9aa1ca5b808e839faaa4b59f1a5ea58d1dd3f59f6ad68c2c
openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ef7c210cb986c50b9a3054adf6c9adc5e43a81ffca0df1aaa825e6bc655bd107
openshift4/ptp-must-gather-rhel8@sha256:284a8822eba694d34bd93a41782b82f381377aa7afb60f770c2785b148c452f2
openshift4/special-resource-rhel8-operator@sha256:46e2e0e77bfbe737c743f8668449d3819ccf779f7c319b1d9d441618d07f3f35
openshift4/topology-aware-lifecycle-operator-precache-rhel8@sha256:47cc08af17695362c2c3f2d61d8dd3e942faeb30978338cc09e725dd3a879d8e
ppc64le
openshift4/metallb-rhel8@sha256:cdff4d10c886a969cc7a5f33b5450163620f27ebf07cba0a124245163c30d5ab
openshift-tech-preview/metallb-rhel8@sha256:cdff4d10c886a969cc7a5f33b5450163620f27ebf07cba0a124245163c30d5ab
openshift4/cloud-event-proxy-rhel8@sha256:965bd481fd0ece0fa998dec33a5225af683c5e80733c0f383612d7508e980254
openshift4/ose-cloud-event-proxy-rhel8@sha256:965bd481fd0ece0fa998dec33a5225af683c5e80733c0f383612d7508e980254
openshift4/ose-cloud-event-proxy@sha256:965bd481fd0ece0fa998dec33a5225af683c5e80733c0f383612d7508e980254
openshift4/frr-rhel8@sha256:034b0c7574b17d0fd3d378c43b8db59a8052de0355784ae677c6f10f6d55fa6d
openshift4/kubernetes-nmstate-rhel8-operator@sha256:4ef9e2bb3438dc6ab4836c6efa8944a5aeac731b18f20515837447d93c41dc53
openshift4/metallb-rhel8-operator@sha256:889b11a955381c1a79b3af68a499eabd4fa11e13a7ba50bd7dfae5d51fb30caf
openshift4/ose-ansible-operator@sha256:1ec33eca3c3257b8b430c07100c5846105bbb43edd99ff7e56e2079783e8989e
openshift4/ose-cluster-capacity@sha256:4304caef1b89c5a920c7f3bb4b37d42b547ce776e240506cc7b78801dc71f6d3
openshift4/ose-cluster-kube-descheduler-operator@sha256:070cc57bc13ff24cde8b8035ea3b8632ffa5edce80314534b93676c0ecdd7310
openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:070cc57bc13ff24cde8b8035ea3b8632ffa5edce80314534b93676c0ecdd7310
openshift4/ose-cluster-nfd-operator@sha256:e21004ba353e08f942aaa49ae6f3f7a785a8edfb32b7702a76e3462ef5d574ab
openshift4/ose-clusterresourceoverride-rhel8@sha256:31ab71c8ad579ece0b1967a476fa59cced2f9a7cb1fdd728cfa5812b31989b88
openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:c2a8b4b783d158def3099aa68cf14f1398984154fae502665443f420d9fe327c
openshift4/ose-contour-rhel8@sha256:3fee7a3eb9b45c7f56638ea050c262541c918191cd7f8d53b88ea92303108982
openshift4/ose-descheduler@sha256:73dc6ea1fd026a9962943ef6ce7283c57eeb28a3ec75b6fb6eca6b71a953f3e8
openshift4/ose-egress-dns-proxy@sha256:a5b19ffdaa11a9205ef162e87fd828f617350f862d0b1df68c6112e5c82daa93
openshift4/ose-egress-http-proxy@sha256:49c3bc77061e4a5ed39f8f99f2c770481dedf7d123b2a298740239654cbfe75f
openshift4/ose-egress-router@sha256:76efb1b6c62e8f7f94b86b49c4f4f2be90b2a69dd7912a5e956ef747c9472e24
openshift4/ose-helm-operator@sha256:9556051af908e8917dfec132d2202c202992417564b1b4b2b64c2a618b690f9f
openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:5b56463e4525250a6a0a68455ab62585f6af70059afeb0e5cd1b66686f42fdd5
openshift4/ose-local-storage-diskmaker@sha256:afe4cd2b4a93127ff4736bf8933b7602057ca9639f6bc41cd8378a9c8a25b61b
openshift4/ose-local-storage-mustgather-rhel8@sha256:897279f2e1f2d2a5f3329f1112c0fc4695c9a662213917b36d8be264953efdfb
openshift4/ose-local-storage-operator@sha256:75e9d31204cf203e7ab13d164831534a3f5df5ac3646299154f9705860b90395
openshift4/ose-node-feature-discovery@sha256:7c8c207171ecad20e002383d86368ed75037720cb9485fd438dd78606e3dae51
openshift4/ose-node-problem-detector-rhel8@sha256:8f6d09dee319f891c2cb3d0b41e7e4833002678b0d74d0bd1c958fb346ac97b1
openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:1b0d62fab0bc7d327bd886708efcd693f587793c0af0c4cc94a29c208b67721f
openshift4/ose-operator-sdk-rhel8@sha256:d9cae57bd21dcd018bdb9e0ca39b0d54e156c80ad808033136c9f8ab09f52b51
openshift4/ose-ptp@sha256:1febd55dc217cbde3adbe1eb8a6d0a8a927712b4f1519b6b803652712f061e63
openshift4/ose-ptp-operator@sha256:e8404741972b4c081b7a051d7a6382655a4751f46e0b19c1a32e5b8ffb0e00fa
openshift4/ose-service-idler-rhel8@sha256:8786c098598ffaa81676cf013ad24134745b8575ac6f34973eda7826be1f0693
openshift4/ose-sriov-cni@sha256:470f58581cb5560ad04b510655dc594f71396e73180374da696df505eb89993e
openshift4/ose-sriov-dp-admission-controller@sha256:811ea7082e88f09be027262ed5a99efd6dd025f1579c25007f456e923692f623
openshift4/ose-sriov-infiniband-cni@sha256:47088af3cebd788046b4bafecb75868090cdc1f056c3661bb22d0c3140511491
openshift4/ose-sriov-network-config-daemon@sha256:33220f7a6e342f5f377265533b8caa237c0419926ea5b63d4072ba5c8eb6e411
openshift4/ose-sriov-network-device-plugin@sha256:644e7054ef075971c4f280cafbe2cb8722c1d7bb73e56f50fe83463a1e719f5e
openshift4/ose-sriov-network-operator@sha256:215c77b752a81b16c6b762d1e4a4a7be36c69099185e86e38d684009794536d9
openshift4/ose-sriov-network-webhook@sha256:d59cfabe3454b84086702ecc9f2338ab24c92169ad03f469f1699163db6a9946
openshift4/ose-sriov-operator-must-gather@sha256:8ba5f9e8eed098bd360989d8f755c3535333e41e141071560e10709aba04434d
openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:ef076addc12930bbdbd582b0910a109b501a5f7214ac113a365e81d1f996cd69
openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:15bf839176ecea245bc0c9f40d6fef7271764ab6527c0e04c7392ad06e20349e
openshift4/ptp-must-gather-rhel8@sha256:99d6da77cf0eebc93c4458e06153f658f0281072571ad55f71742e8c42d3afb8
openshift4/special-resource-rhel8-operator@sha256:4a5fb6bd5db6439d3055860037cc03e6831a601ef29355028e6450078c5ce86d
openshift4/topology-aware-lifecycle-operator-precache-rhel8@sha256:8a2984a026111eddaac2ca0331508c2fc8116a108cc56ee336caffe260937b78
s390x
openshift4/metallb-rhel8@sha256:58532be360acd1dd4b01587664a255762a00e9d0eadafcad4ccab5f2e8daa026
openshift-tech-preview/metallb-rhel8@sha256:58532be360acd1dd4b01587664a255762a00e9d0eadafcad4ccab5f2e8daa026
openshift4/cloud-event-proxy-rhel8@sha256:29f1c1ddbe6e357dcbe18a8498f0c2a44440ba7a643ba72fccca1a0511d30024
openshift4/ose-cloud-event-proxy-rhel8@sha256:29f1c1ddbe6e357dcbe18a8498f0c2a44440ba7a643ba72fccca1a0511d30024
openshift4/ose-cloud-event-proxy@sha256:29f1c1ddbe6e357dcbe18a8498f0c2a44440ba7a643ba72fccca1a0511d30024
openshift4/frr-rhel8@sha256:913b5d20f18a85b3398a32a5903896e07aa88fc83ef4243bbc2d599b7f2de3ce
openshift4/kubernetes-nmstate-rhel8-operator@sha256:042c47c7c59f25cf2de44f0e05238ef628b2532b6a41bbe487afed0f202534e1
openshift4/metallb-rhel8-operator@sha256:7037616c98678c2140b32da43a4a0aae7d5498eb3d97969e5c82cd68b3fef03c
openshift4/ose-ansible-operator@sha256:c441a4dd031294f86bdb1e7361ad3572bc4e878b691084d242bfcf0d2f41dd8c
openshift4/ose-cluster-capacity@sha256:c633c14cab529265aa3801d0beb31be443ce4c06d8f4380115c6e295784b450a
openshift4/ose-cluster-kube-descheduler-operator@sha256:2af5b5b40afa115f366ec2aee08842baa265a06c088eade9c6c21973954c342d
openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:2af5b5b40afa115f366ec2aee08842baa265a06c088eade9c6c21973954c342d
openshift4/ose-cluster-nfd-operator@sha256:d2e6795f2f204b61677f70b7babe6e1a0234dee7565275b5aeea383f7f94fcf4
openshift4/ose-clusterresourceoverride-rhel8@sha256:d82e999179f81f5d84ce0327a82575450a915b70294804c47a4997e7430846ac
openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f44987c3cd2c4ba1fe93975506f171d33bbd54c779749a58c90149952a31ab18
openshift4/ose-contour-rhel8@sha256:6fda7f95cc0d270c86cc4a92dc351776ed242726605233335eb23126f10c7485
openshift4/ose-descheduler@sha256:67c13f139d2e89d6dd6aaa21ca9e9a6680edffcaf60a3f2567d949d2ebf7cdf4
openshift4/ose-egress-dns-proxy@sha256:54c43d6d4bc74f639a39c38cc47d611667d10f895cec5453f11e0b29c3074a00
openshift4/ose-egress-http-proxy@sha256:ee580680d6eb0279a5078be5d841740a2382e2f4292a8e2061adefc7058f421d
openshift4/ose-egress-router@sha256:d84fd27e385c5198e666276e2be490e942444c09653221ed60b0d06f75392acb
openshift4/ose-helm-operator@sha256:0ce517f317d388477dba487769cc8e78cb853b19098238cb83cd1fd2adada3ad
openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:148006e4cf85d5893401c76fadc042517a2a2784a471cc3d927fa2b0bf694975
openshift4/ose-local-storage-diskmaker@sha256:dec4d42a084c1b24f811ddfa3626fe0e33167dbab7a63cd4bcbe143ce7466bd3
openshift4/ose-local-storage-mustgather-rhel8@sha256:48c0d6a3cb7170cd619095d6267f6b7380d2c351d6dabc03896c2db078b3e126
openshift4/ose-local-storage-operator@sha256:d7a264c0cd0699f1e013d5261c871c5a918b30e658e2df2318ed85d2ff81781c
openshift4/ose-node-feature-discovery@sha256:e0b96483b73a0ef840e7ba31d78be97618656363356da4ac6eddd8f153f92db3
openshift4/ose-node-problem-detector-rhel8@sha256:82166ad66aa8ea9fc8bca3d376140ffd3572374356ebd468d83936f6b36e0bcc
openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:692f3a2ff547f084fb3230616bd6be26e5e215f03072225a567ea8674c058e21
openshift4/ose-operator-sdk-rhel8@sha256:128bfb57febf901a5f6f28eefb84928f6df024f365b385f6701dea462144b1ef
openshift4/ose-ptp@sha256:f54530b0f16bb2b3668bffedcf11906fb7766a7e06723dfd389a414cd4a842e9
openshift4/ose-ptp-operator@sha256:825f54b390d5cceb1e5518de5e69544b2ed845106dd0cb8145c3cbfeedeed6aa
openshift4/ose-service-idler-rhel8@sha256:b0e3347a85553390b356f6889f60f05e3abdacdb4f86f776d242b953bdc6155e
openshift4/ose-sriov-cni@sha256:dbee2392b5947ea9900505bcdc600f1f5026b2c002d8538b92de77db779b8f7e
openshift4/ose-sriov-dp-admission-controller@sha256:4164467bafc3487a41ede2558fef530cfe989364c25381bf736a3a09aec272fb
openshift4/ose-sriov-infiniband-cni@sha256:cd0179aaeb06d5efaab5cce6c721af42050be9f599e34fe2600265ad9a52eba6
openshift4/ose-sriov-network-config-daemon@sha256:8bf886ce64cc1ba6fdd705b8d3c312ff391e36582c3a7ae628120ac342619dd8
openshift4/ose-sriov-network-device-plugin@sha256:f35abab4c75d45dce31ee2ad4e459795135ab0efee7394445694e13f23711115
openshift4/ose-sriov-network-operator@sha256:2f06b5fea36124155c0bed4a1598bea44c6eca3e0fa17b7a1f5500cb2a63650d
openshift4/ose-sriov-network-webhook@sha256:0cd4aa6fcb7c27e8d9d64553de431dc6415acd858208104dbad54f562842ad67
openshift4/ose-sriov-operator-must-gather@sha256:ac3f13e17674c006fb97b3f20462ea2f9a4a574a350905fe6f41e24bcdb3eed3
openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:53ff06a59d837d68db5c369382abe1ab01dfee49cf7761b78ad590d856bc8e7f
openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:3fad199432d606cdc20db886ee96a8752269dec83764a80116fe66db9182742d
openshift4/ptp-must-gather-rhel8@sha256:8b7ac2da170ff1459722f4d1acff7fe99212faf4ef1488e5dcc4450bb0fc0c05
openshift4/special-resource-rhel8-operator@sha256:2303dde3b8a2bc0d6fef6be49945d7fcf60763b8af50fa09e4e5a49cf3c6cb66
openshift4/topology-aware-lifecycle-operator-precache-rhel8@sha256:6bf1523ab70883790fb20cf437546726bf6f616197007efcd583f454ea7306f2
x86_64
openshift4/metallb-rhel8@sha256:b47973c5e02666d8b784cfed497221df6e2264fe0871d6576a1ff424e6d4a330
openshift-tech-preview/metallb-rhel8@sha256:b47973c5e02666d8b784cfed497221df6e2264fe0871d6576a1ff424e6d4a330
openshift4/bare-metal-event-relay-rhel8-operator@sha256:5ac0f1f8397bf714a95c9767bf21bee647524a4b790cdcb19db68cfc6bf3dbe8
openshift4/baremetal-hardware-event-proxy-rhel8@sha256:df48fa76c7158cbf4ffb900582d2f107897ab92fdd0dfc44dabe0a06d2620355
openshift4/cloud-event-proxy-rhel8@sha256:941ee028574b1826df434689ab83a84301b90f0f1fb281b72b8027d01ec44039
openshift4/ose-cloud-event-proxy-rhel8@sha256:941ee028574b1826df434689ab83a84301b90f0f1fb281b72b8027d01ec44039
openshift4/ose-cloud-event-proxy@sha256:941ee028574b1826df434689ab83a84301b90f0f1fb281b72b8027d01ec44039
openshift4/dpu-network-rhel8-operator@sha256:3464e0d090ec637fb101d17befc0ac27108f95caa58e1ae4881aec117e1e5480
openshift4/frr-rhel8@sha256:926b320b180592a63aad1bf09ed24d22f11bca9930a4a294977e6b8bfd95e6d8
openshift4/kubernetes-nmstate-rhel8-operator@sha256:17420c4c3df166a7690c58abe595e52713118e2f6b8d8aff6d0d69ebeca67cd7
openshift4/metallb-rhel8-operator@sha256:07c39088441997a60a38fc0caa12166ffacf7b8f615a31b88b8264401ea4c9a4
openshift4/ose-ansible-operator@sha256:7709137bc46f6d1e7171f00f668590931b5c4d2c126cade682e74c3d3f52a347
openshift4/ose-aws-efs-csi-driver-container-rhel8@sha256:f168799aad77a7f7de02319900033cde986e7820cebe377ae2cb051e55dc4c83
openshift4/ose-aws-efs-csi-driver-rhel8-operator@sha256:bd4e8bc4c5125e4fa8411104283ed2ab23a821b6c0655d6957e08b143d7e37b9
openshift4/ose-cluster-capacity@sha256:254d4374a508e95287ec2e2f121a3ee1c373b7b75dd0feb32a1ae8bfff807694
openshift4/ose-cluster-kube-descheduler-operator@sha256:8387e2751982325a2705519fa0a84052b31b9f1545b317c0956c03db94c9cbe6
openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:8387e2751982325a2705519fa0a84052b31b9f1545b317c0956c03db94c9cbe6
openshift4/ose-cluster-nfd-operator@sha256:31b67ea40f6c16ae3c4837f6bd6f4ec63be6481ab1cd8aa1317a0ca07ab478b4
openshift4/ose-clusterresourceoverride-rhel8@sha256:a524e300513c48b15119ab5d3000180379360c5a4197b3478d7c3ff7046dc736
openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:251743b1ee3b9e33deac99e3551bfda443aaaaabba6a0bf3de6730c245c36886
openshift4/ose-contour-rhel8@sha256:978183ae13e73292f5bd9a8cb868c992732716193a1a951750d4b8f0207ed17d
openshift4/ose-descheduler@sha256:d5df87e6fc9b67065898beafefa6e896abe7d95e607945a34211cebfbb3257db
openshift4/ose-egress-dns-proxy@sha256:4383037c2da2fef14f90f7353fcbbaad87c3391a426fb96e3313e931e8fc9aec
openshift4/ose-egress-http-proxy@sha256:4659a93681263761b8d6eb49bc9f997134fe09e0f44714e9f4ce08e12cfdbe6d
openshift4/ose-egress-router@sha256:75d95f6cb546b61a7831324c90f450e8040cb25f747ba4dee74ece4aa3078e26
openshift4/ose-helm-operator@sha256:75ba1e9f64436567783489ccc413722d13bcacc6af8ede8ef2cf1f3792af0e28
openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:aa96a7ff608a869c4e3b26bb774df951281916f35c30c4d94c565f9e1e0a032c
openshift4/ose-local-storage-diskmaker@sha256:b1198e78dc129894e8d4e34f4cf1fcf29b558be200fce3776f6848e056924bb0
openshift4/ose-local-storage-mustgather-rhel8@sha256:412627ffeb90689872f8af75575938805dcb6e6e0b22717e9b84e0eb120d9cc4
openshift4/ose-local-storage-operator@sha256:204ffab98df7c44c7b164fea299b658821a668eb1fc0106e175b6622fcf44fbc
openshift4/ose-node-feature-discovery@sha256:539ce38d2eb04cc6a6455a936ea870d9eee9df20054888628946886b5f3637cf
openshift4/ose-node-problem-detector-rhel8@sha256:d9284f39af8ab5e7054b66cb4eff01a860e79fffcbc6938de650f045a709552e
openshift4/ose-openshift-proxy-pull-test-rhel8@sha256:cf7b47cafb173f213d6e210334142810a097e48cb7073a8c2acf3ea7bcca246d
openshift4/ose-operator-sdk-rhel8@sha256:5714623403bf567ed04bf11d0ea87c8140e7d1ecada8cbb25bbd03c6d114eb90
openshift4/ose-ptp@sha256:7a8bd309b5d00ba625bd776128565395aa3c940a63383c2e7cfaa0ebc429383b
openshift4/ose-ptp-operator@sha256:90e87548d95c86f7ffb9faad3876012f9b020dd04cc87a3fce06f90c436967ef
openshift4/ose-service-idler-rhel8@sha256:647b79739e508ef426b801a73e139b51c94177dc7e197343451f4b8af8d08497
openshift4/ose-sriov-cni@sha256:2903d91fe81096e77dc2791f4ba9d1282ac6f66bd2ba462b67fcd2f5e0ac3e9d
openshift4/ose-sriov-dp-admission-controller@sha256:36be74a98fc21e4995c5f2a10af3c395b5aca7ff7a9ef0b0365bfc156f298608
openshift4/ose-sriov-infiniband-cni@sha256:7358368c12acfc3d6c3c8b25fe1e10925d98add30bc7e7415a0da2a44a04a742
openshift4/ose-sriov-network-config-daemon@sha256:e1089a6917ed6488bf7b88375cc6e89ba1124cdfe9fff7c4d690a98a855c116a
openshift4/ose-sriov-network-device-plugin@sha256:ae6e9723d66106163919981213e670530afc8b6dac974e870b50e80a2cc14754
openshift4/ose-sriov-network-operator@sha256:9761c4e7d827fbb0aa31fe381746ee104da18e5fd4a0d1e1af09d7b05995f77d
openshift4/ose-sriov-network-webhook@sha256:78ac5a329b757861dc0807545a7749428e1ab2bf0b05c907e65be2735b0123e3
openshift4/ose-sriov-operator-must-gather@sha256:495affa7ce703fcc5007f085779cf98efb0a7a025a1c195a42361ae54a49dbd1
openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f04bb96052faf71531faf82bd5ac5e5e99fa83dcff84c733e170a0fa1cecbca9
openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:303ba3cd831dbe6ed39ca7d9a27e0452ac4258a52d1a8ea89ea82e3f693e8de9
openshift4/ptp-must-gather-rhel8@sha256:ae86f2eed4972d3ac4cd7f97f2e764e8aeccea68196126d386cd7a5e758fde56
openshift4/special-resource-rhel8-operator@sha256:12e7f94680748e6a566500aa810894f0b054087b61849274a2e27a6580702ecd
openshift4/topology-aware-lifecycle-manager-rhel8-operator@sha256:5cf126dbb684fee9cf1e98a0d9185cc415f50da8a041fa2b90db80561fc42dd1
openshift4/topology-aware-lifecycle-operator-precache-rhel8@sha256:71850536ae8aec05e915af18fae92593fb5e4ccb307ba2500978608bf624fc8d
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2024-4631-03 - Red Hat OpenShift Dev Spaces 3.15 has been released.
Red Hat Security Advisory 2024-0741-03 - Red Hat OpenShift Container Platform release 4.13.33 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.
Ubuntu Security Notice 6287-1 - Simon Ferquel discovered that the Go yaml package incorrectly handled certain YAML documents. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause the system to crash, resulting in a denial of service. It was discovered that the Go yaml package incorrectly handled certain large YAML documents. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause the system to crash, resulting in a denial of service.
Red Hat Security Advisory 2023-2695-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.40.
Red Hat OpenShift Container Platform release 4.11.40 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3064: A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document.
Red Hat Security Advisory 2023-2111-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.16.
Red Hat OpenShift Container Platform release 4.12.16 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3064: A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document.
An update for etcd is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid. * CVE-2022-2880: A flaw was found in the golang package, where requests forwarded by rev...
Red Hat Security Advisory 2023-0899-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.53.
Red Hat OpenShift Container Platform release 4.10.53 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeri...
An update for etcd is now available for Red Hat OpenStack Platform 17.0 (Wallaby). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3064: A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document.
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.