Headline
RHSA-2022:6535: Red Hat Security Advisory: OpenShift Container Platform 4.11.5 packages and security update
Red Hat OpenShift Container Platform release 4.11.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-09-20
Updated:
2022-09-20
RHSA-2022:6535 - Security Advisory
- Overview
- Updated Packages
Synopsis
Low: OpenShift Container Platform 4.11.5 packages and security update
Type/Severity
Security Advisory: Low
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
Red Hat OpenShift Container Platform release 4.11.5 is now available with
updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.11.
Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Description
Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.5. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2022:6536
Security Fix(es):
- golang: crypto/tls: session tickets lack random ticket_age_add
(CVE-2022-30629)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s)
listed in the References section.
All OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html
Affected Products
- Red Hat OpenShift Container Platform 4.11 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform for Power 4.11 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.11 for RHEL 8 s390x
- Red Hat OpenShift Container Platform for ARM 64 4.11 aarch64
Fixes
- BZ - 2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add
Red Hat OpenShift Container Platform 4.11 for RHEL 8
SRPM
cri-tools-1.24.2-6.el8.src.rpm
SHA-256: 9b3ceab15807f7048679dcb3589ae395d78939439a222a68eaa852781e2c2a9c
openshift-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.src.rpm
SHA-256: 44e03a635526ce0002fb680bd8e3df44e4d6322d28450f1cedc955a51e3f3340
openstack-ironic-20.2.1-0.20220902195023.ab80152.el8.src.rpm
SHA-256: 283f430e33b1ebe7d69356da3f164a6ad5588627657c7f49a0d6527449312faa
python-sushy-4.1.2-0.20220908165021.1ae8e49.el8.src.rpm
SHA-256: 4529e42b0c6affbef7c9b72de1cfaf03bc41d146738405ac5db92b2ef6d4c717
x86_64
cri-tools-1.24.2-6.el8.x86_64.rpm
SHA-256: 4ff87de728526419f6e9d1814727f69e2660b408aca276048437fecd89297129
cri-tools-debuginfo-1.24.2-6.el8.x86_64.rpm
SHA-256: 0ff6cb7e4fac4a4ba23f19e944ec261bebb6320a3b1e4f72f8650f2822d371b1
cri-tools-debugsource-1.24.2-6.el8.x86_64.rpm
SHA-256: f76b58112744e0ac9500f4c56215eb6f458b52f99817524b033d916e87940f6f
openshift-hyperkube-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.x86_64.rpm
SHA-256: 787f7d4acfacc2f54531a020a1e8bad7ba7e1d5c83e1f226065fe55325dc29cb
openstack-ironic-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: d9ee12c4412673acce66b4e21e1c928127e5f26f6c9678686f2780038db9a72c
openstack-ironic-api-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: 8c3f97ecfa0002f94e6b63e7ac707f26f307bcd038f278550fcaad571da4ef1e
openstack-ironic-common-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: 9d111143f04c284fcfdde8faf39d885cfd8ccdcb764e2633325c0ecc275137a1
openstack-ironic-conductor-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: c41c06c931dbeb4f6331fbeaca395324ccf186195cbbe2ed585e4dfc8bd19700
openstack-ironic-dnsmasq-tftp-server-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: ef3843b15dd1cab2a2c658598d5287805b653f8f54438c8a623e97110c78dc7a
python3-ironic-tests-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: 480c1f28edb379f0eff08ee7874a331fd4e58328ee1da5c2efb8c2bf53ed181b
python3-sushy-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm
SHA-256: f485753a5fa8bdbd0e25d82f867286d70abcd94bdc6b325bcca3863c78705226
python3-sushy-tests-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm
SHA-256: 43323973d92d33496fe6b86afde4d23620bc908ebad1df2786c18ab396e5dc0c
Red Hat OpenShift Container Platform for Power 4.11 for RHEL 8
SRPM
cri-tools-1.24.2-6.el8.src.rpm
SHA-256: 9b3ceab15807f7048679dcb3589ae395d78939439a222a68eaa852781e2c2a9c
openshift-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.src.rpm
SHA-256: 44e03a635526ce0002fb680bd8e3df44e4d6322d28450f1cedc955a51e3f3340
ppc64le
cri-tools-1.24.2-6.el8.ppc64le.rpm
SHA-256: 6b7c36f72bb9abf6f54a31ff18cd94ddf167f8f9464f4ff9eeca81c85af0d782
cri-tools-debuginfo-1.24.2-6.el8.ppc64le.rpm
SHA-256: fb0917418cdae49d091e8bf35008ffe345eccdb38c238d4193eb98ad907d8909
cri-tools-debugsource-1.24.2-6.el8.ppc64le.rpm
SHA-256: 1190411b876d267f0002f50719b1afb4745a354a8b5067d4c24f36ef28801fdd
openshift-hyperkube-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.ppc64le.rpm
SHA-256: 2a8ae9ef06530e28a60a0f101934f28d743c4c82e7a12c0ada771b8996c8e539
openstack-ironic-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: d9ee12c4412673acce66b4e21e1c928127e5f26f6c9678686f2780038db9a72c
openstack-ironic-api-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: 8c3f97ecfa0002f94e6b63e7ac707f26f307bcd038f278550fcaad571da4ef1e
openstack-ironic-common-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: 9d111143f04c284fcfdde8faf39d885cfd8ccdcb764e2633325c0ecc275137a1
openstack-ironic-conductor-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: c41c06c931dbeb4f6331fbeaca395324ccf186195cbbe2ed585e4dfc8bd19700
openstack-ironic-dnsmasq-tftp-server-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: ef3843b15dd1cab2a2c658598d5287805b653f8f54438c8a623e97110c78dc7a
python3-ironic-tests-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: 480c1f28edb379f0eff08ee7874a331fd4e58328ee1da5c2efb8c2bf53ed181b
python3-sushy-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm
SHA-256: f485753a5fa8bdbd0e25d82f867286d70abcd94bdc6b325bcca3863c78705226
python3-sushy-tests-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm
SHA-256: 43323973d92d33496fe6b86afde4d23620bc908ebad1df2786c18ab396e5dc0c
Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.11 for RHEL 8
SRPM
cri-tools-1.24.2-6.el8.src.rpm
SHA-256: 9b3ceab15807f7048679dcb3589ae395d78939439a222a68eaa852781e2c2a9c
openshift-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.src.rpm
SHA-256: 44e03a635526ce0002fb680bd8e3df44e4d6322d28450f1cedc955a51e3f3340
s390x
cri-tools-1.24.2-6.el8.s390x.rpm
SHA-256: fe516fccee13107a4a2fe1f4f1fa8251b1f47bc9d2bb0984d08eb17593880532
cri-tools-debuginfo-1.24.2-6.el8.s390x.rpm
SHA-256: a8145eed60f4cc40cf2f062f747909accf5c56114246125aa7951b3d172da8c9
cri-tools-debugsource-1.24.2-6.el8.s390x.rpm
SHA-256: 95ceb9c1a7d472e16d907af2359c10f5eaf75195cd9b087359c2d999d7c95c91
openshift-hyperkube-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.s390x.rpm
SHA-256: 60b686357e70df4abb09d2dacaf631d2e24addc8f4655455bce006e505ae1c98
openstack-ironic-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: d9ee12c4412673acce66b4e21e1c928127e5f26f6c9678686f2780038db9a72c
openstack-ironic-api-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: 8c3f97ecfa0002f94e6b63e7ac707f26f307bcd038f278550fcaad571da4ef1e
openstack-ironic-common-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: 9d111143f04c284fcfdde8faf39d885cfd8ccdcb764e2633325c0ecc275137a1
openstack-ironic-conductor-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: c41c06c931dbeb4f6331fbeaca395324ccf186195cbbe2ed585e4dfc8bd19700
openstack-ironic-dnsmasq-tftp-server-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: ef3843b15dd1cab2a2c658598d5287805b653f8f54438c8a623e97110c78dc7a
python3-ironic-tests-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: 480c1f28edb379f0eff08ee7874a331fd4e58328ee1da5c2efb8c2bf53ed181b
python3-sushy-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm
SHA-256: f485753a5fa8bdbd0e25d82f867286d70abcd94bdc6b325bcca3863c78705226
python3-sushy-tests-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm
SHA-256: 43323973d92d33496fe6b86afde4d23620bc908ebad1df2786c18ab396e5dc0c
Red Hat OpenShift Container Platform for ARM 64 4.11
SRPM
cri-tools-1.24.2-6.el8.src.rpm
SHA-256: 9b3ceab15807f7048679dcb3589ae395d78939439a222a68eaa852781e2c2a9c
openshift-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.src.rpm
SHA-256: 44e03a635526ce0002fb680bd8e3df44e4d6322d28450f1cedc955a51e3f3340
openstack-ironic-20.2.1-0.20220902195023.ab80152.el8.src.rpm
SHA-256: 283f430e33b1ebe7d69356da3f164a6ad5588627657c7f49a0d6527449312faa
python-sushy-4.1.2-0.20220908165021.1ae8e49.el8.src.rpm
SHA-256: 4529e42b0c6affbef7c9b72de1cfaf03bc41d146738405ac5db92b2ef6d4c717
aarch64
cri-tools-1.24.2-6.el8.aarch64.rpm
SHA-256: 68c8f8964025f1602dba0c89ea8a039713aa03a85457a9a5b5e6344ce5547d3c
cri-tools-debuginfo-1.24.2-6.el8.aarch64.rpm
SHA-256: 32fd50790f50485312f1a4b179ac9a898111110a1e36d419720b6f4a80a5b4b8
cri-tools-debugsource-1.24.2-6.el8.aarch64.rpm
SHA-256: 0ebd06a9a534c4cd6df11a9abd64e44a440f39750fd9e450f3576e1f119bbb45
openshift-hyperkube-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.aarch64.rpm
SHA-256: a92f3ebc2de5543d0608ecfb63cc4fd4f9041c30aee0a74e0b104839324214ff
openstack-ironic-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: d9ee12c4412673acce66b4e21e1c928127e5f26f6c9678686f2780038db9a72c
openstack-ironic-api-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: 8c3f97ecfa0002f94e6b63e7ac707f26f307bcd038f278550fcaad571da4ef1e
openstack-ironic-common-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: 9d111143f04c284fcfdde8faf39d885cfd8ccdcb764e2633325c0ecc275137a1
openstack-ironic-conductor-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: c41c06c931dbeb4f6331fbeaca395324ccf186195cbbe2ed585e4dfc8bd19700
openstack-ironic-dnsmasq-tftp-server-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: ef3843b15dd1cab2a2c658598d5287805b653f8f54438c8a623e97110c78dc7a
python3-ironic-tests-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm
SHA-256: 480c1f28edb379f0eff08ee7874a331fd4e58328ee1da5c2efb8c2bf53ed181b
python3-sushy-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm
SHA-256: f485753a5fa8bdbd0e25d82f867286d70abcd94bdc6b325bcca3863c78705226
python3-sushy-tests-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm
SHA-256: 43323973d92d33496fe6b86afde4d23620bc908ebad1df2786c18ab396e5dc0c
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Ubuntu Security Notice 6038-2 - USN-6038-1 fixed several vulnerabilities in Go 1.18. This update provides the corresponding updates for Go 1.13 and Go 1.16. CVE-2022-29526 and CVE-2022-30630 only affected Go 1.16. It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack.
The components for Red Hat OpenShift support for Windows Containers 6.0.1 are now available. This product release includes bug fixes and security update for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject...
Red Hat Security Advisory 2023-3642-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. This new container image is based on Red Hat Ceph Storage 6.1 and Red Hat Enterprise Linux 9. Issues addressed include bypass, cross site scripting, denial of service, information leakage, spoofing, and traversal vulnerabilities.
An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30629: A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption. * CVE-2022-41717: A flaw was found in the net/http library of the golang package. Thi...
Red Hat Security Advisory 2023-1529-01 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring. Issues addressed include a denial of service vulnerability.
An update for etcd is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid. * CVE-2022-2880: A flaw was found in the golang package, where requests forwarded by rev...
Red Hat Advanced Cluster Management for Kubernetes 2.7.0 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3517: A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service. * CVE-2022-30629: A flaw was found in the crypto/tls golang pa...
Red Hat Security Advisory 2023-0407-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.12.0 RPMs. Issues addressed include denial of service and out of bounds read vulnerabilities.
Red Hat OpenShift Virtualization release 4.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache * CVE-2021-44717: golang: syscall: don't close fd 0 on ForkExec error * CVE-2022-1705: golang: net/http: improper sanitizat...
The Migration Toolkit for Containers (MTC) 1.7.6 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30630: golang: io/fs: stack exhaustion in G...
Red Hat OpenShift Virtualization release 4.11.1 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-24921: golang: regexp: stack exhaustion via a deeply nested expression * CVE-2022-28327: golang: crypto/elliptic: panic caus...
OpenShift API for Data Protection (OADP) 1.0.4 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-30629: golang: crypto/tls: session ti...
Red Hat Security Advisory 2022-6370-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix security issues and several bugs. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6347-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters. Version 0.5 has been released with security fixes and updates.
Red Hat Advanced Cluster Management for Kubernetes 2.6.0 General Availability release images, which fix security issues and bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_a...
Multicluster Engine v2.1 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: golang: compress/gzi...
VolSync v0.5 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-27191: golang: crash in a golang.org/x/crypto/ssh server * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30630: golang: io/fs: stack e...
Submariner 0.13 packages that fix security issues and bugs, as well as adds various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions...
Red Hat Security Advisory 2022-6152-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.0.
Red Hat Security Advisory 2022-6277-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Issues addressed include denial of service and traversal vulnerabilities.
OpenShift API for Data Protection (OADP) 1.1.0 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-28327: golang: crypto/elliptic: panic caused by oversized scalar * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30631: golang: compress/gzip: stack exhaus...
Red Hat Security Advisory 2022-6103-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.1.
Red Hat OpenShift Container Platform release 4.11.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read
Red Hat Security Advisory 2022-6042-01 - Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Issues addressed include bypass and denial of service vulnerabilities.
Release of OpenShift Serverless 1.24.0 The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System (CVSS) base score.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-1996: go-restful: Authorization Bypass Through User-Controlled Key * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-24921: golang: regexp: stack exhaustion via a deeply nested expression * C...
Gentoo Linux Security Advisory 202208-2 - Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution. Versions less than 1.18.5 are affected.
Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes.
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.