Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:6535: Red Hat Security Advisory: OpenShift Container Platform 4.11.5 packages and security update

Red Hat OpenShift Container Platform release 4.11.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add
Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#aws#ibm#rpm#ssl

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-09-20

Updated:

2022-09-20

RHSA-2022:6535 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Low: OpenShift Container Platform 4.11.5 packages and security update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 4.11.5 is now available with
updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.11.

Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.5. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHSA-2022:6536

Security Fix(es):

  • golang: crypto/tls: session tickets lack random ticket_age_add

(CVE-2022-30629)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s)
listed in the References section.

All OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html

Affected Products

  • Red Hat OpenShift Container Platform 4.11 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform for Power 4.11 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.11 for RHEL 8 s390x
  • Red Hat OpenShift Container Platform for ARM 64 4.11 aarch64

Fixes

  • BZ - 2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add

Red Hat OpenShift Container Platform 4.11 for RHEL 8

SRPM

cri-tools-1.24.2-6.el8.src.rpm

SHA-256: 9b3ceab15807f7048679dcb3589ae395d78939439a222a68eaa852781e2c2a9c

openshift-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.src.rpm

SHA-256: 44e03a635526ce0002fb680bd8e3df44e4d6322d28450f1cedc955a51e3f3340

openstack-ironic-20.2.1-0.20220902195023.ab80152.el8.src.rpm

SHA-256: 283f430e33b1ebe7d69356da3f164a6ad5588627657c7f49a0d6527449312faa

python-sushy-4.1.2-0.20220908165021.1ae8e49.el8.src.rpm

SHA-256: 4529e42b0c6affbef7c9b72de1cfaf03bc41d146738405ac5db92b2ef6d4c717

x86_64

cri-tools-1.24.2-6.el8.x86_64.rpm

SHA-256: 4ff87de728526419f6e9d1814727f69e2660b408aca276048437fecd89297129

cri-tools-debuginfo-1.24.2-6.el8.x86_64.rpm

SHA-256: 0ff6cb7e4fac4a4ba23f19e944ec261bebb6320a3b1e4f72f8650f2822d371b1

cri-tools-debugsource-1.24.2-6.el8.x86_64.rpm

SHA-256: f76b58112744e0ac9500f4c56215eb6f458b52f99817524b033d916e87940f6f

openshift-hyperkube-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.x86_64.rpm

SHA-256: 787f7d4acfacc2f54531a020a1e8bad7ba7e1d5c83e1f226065fe55325dc29cb

openstack-ironic-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: d9ee12c4412673acce66b4e21e1c928127e5f26f6c9678686f2780038db9a72c

openstack-ironic-api-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: 8c3f97ecfa0002f94e6b63e7ac707f26f307bcd038f278550fcaad571da4ef1e

openstack-ironic-common-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: 9d111143f04c284fcfdde8faf39d885cfd8ccdcb764e2633325c0ecc275137a1

openstack-ironic-conductor-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: c41c06c931dbeb4f6331fbeaca395324ccf186195cbbe2ed585e4dfc8bd19700

openstack-ironic-dnsmasq-tftp-server-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: ef3843b15dd1cab2a2c658598d5287805b653f8f54438c8a623e97110c78dc7a

python3-ironic-tests-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: 480c1f28edb379f0eff08ee7874a331fd4e58328ee1da5c2efb8c2bf53ed181b

python3-sushy-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm

SHA-256: f485753a5fa8bdbd0e25d82f867286d70abcd94bdc6b325bcca3863c78705226

python3-sushy-tests-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm

SHA-256: 43323973d92d33496fe6b86afde4d23620bc908ebad1df2786c18ab396e5dc0c

Red Hat OpenShift Container Platform for Power 4.11 for RHEL 8

SRPM

cri-tools-1.24.2-6.el8.src.rpm

SHA-256: 9b3ceab15807f7048679dcb3589ae395d78939439a222a68eaa852781e2c2a9c

openshift-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.src.rpm

SHA-256: 44e03a635526ce0002fb680bd8e3df44e4d6322d28450f1cedc955a51e3f3340

ppc64le

cri-tools-1.24.2-6.el8.ppc64le.rpm

SHA-256: 6b7c36f72bb9abf6f54a31ff18cd94ddf167f8f9464f4ff9eeca81c85af0d782

cri-tools-debuginfo-1.24.2-6.el8.ppc64le.rpm

SHA-256: fb0917418cdae49d091e8bf35008ffe345eccdb38c238d4193eb98ad907d8909

cri-tools-debugsource-1.24.2-6.el8.ppc64le.rpm

SHA-256: 1190411b876d267f0002f50719b1afb4745a354a8b5067d4c24f36ef28801fdd

openshift-hyperkube-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.ppc64le.rpm

SHA-256: 2a8ae9ef06530e28a60a0f101934f28d743c4c82e7a12c0ada771b8996c8e539

openstack-ironic-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: d9ee12c4412673acce66b4e21e1c928127e5f26f6c9678686f2780038db9a72c

openstack-ironic-api-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: 8c3f97ecfa0002f94e6b63e7ac707f26f307bcd038f278550fcaad571da4ef1e

openstack-ironic-common-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: 9d111143f04c284fcfdde8faf39d885cfd8ccdcb764e2633325c0ecc275137a1

openstack-ironic-conductor-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: c41c06c931dbeb4f6331fbeaca395324ccf186195cbbe2ed585e4dfc8bd19700

openstack-ironic-dnsmasq-tftp-server-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: ef3843b15dd1cab2a2c658598d5287805b653f8f54438c8a623e97110c78dc7a

python3-ironic-tests-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: 480c1f28edb379f0eff08ee7874a331fd4e58328ee1da5c2efb8c2bf53ed181b

python3-sushy-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm

SHA-256: f485753a5fa8bdbd0e25d82f867286d70abcd94bdc6b325bcca3863c78705226

python3-sushy-tests-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm

SHA-256: 43323973d92d33496fe6b86afde4d23620bc908ebad1df2786c18ab396e5dc0c

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.11 for RHEL 8

SRPM

cri-tools-1.24.2-6.el8.src.rpm

SHA-256: 9b3ceab15807f7048679dcb3589ae395d78939439a222a68eaa852781e2c2a9c

openshift-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.src.rpm

SHA-256: 44e03a635526ce0002fb680bd8e3df44e4d6322d28450f1cedc955a51e3f3340

s390x

cri-tools-1.24.2-6.el8.s390x.rpm

SHA-256: fe516fccee13107a4a2fe1f4f1fa8251b1f47bc9d2bb0984d08eb17593880532

cri-tools-debuginfo-1.24.2-6.el8.s390x.rpm

SHA-256: a8145eed60f4cc40cf2f062f747909accf5c56114246125aa7951b3d172da8c9

cri-tools-debugsource-1.24.2-6.el8.s390x.rpm

SHA-256: 95ceb9c1a7d472e16d907af2359c10f5eaf75195cd9b087359c2d999d7c95c91

openshift-hyperkube-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.s390x.rpm

SHA-256: 60b686357e70df4abb09d2dacaf631d2e24addc8f4655455bce006e505ae1c98

openstack-ironic-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: d9ee12c4412673acce66b4e21e1c928127e5f26f6c9678686f2780038db9a72c

openstack-ironic-api-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: 8c3f97ecfa0002f94e6b63e7ac707f26f307bcd038f278550fcaad571da4ef1e

openstack-ironic-common-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: 9d111143f04c284fcfdde8faf39d885cfd8ccdcb764e2633325c0ecc275137a1

openstack-ironic-conductor-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: c41c06c931dbeb4f6331fbeaca395324ccf186195cbbe2ed585e4dfc8bd19700

openstack-ironic-dnsmasq-tftp-server-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: ef3843b15dd1cab2a2c658598d5287805b653f8f54438c8a623e97110c78dc7a

python3-ironic-tests-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: 480c1f28edb379f0eff08ee7874a331fd4e58328ee1da5c2efb8c2bf53ed181b

python3-sushy-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm

SHA-256: f485753a5fa8bdbd0e25d82f867286d70abcd94bdc6b325bcca3863c78705226

python3-sushy-tests-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm

SHA-256: 43323973d92d33496fe6b86afde4d23620bc908ebad1df2786c18ab396e5dc0c

Red Hat OpenShift Container Platform for ARM 64 4.11

SRPM

cri-tools-1.24.2-6.el8.src.rpm

SHA-256: 9b3ceab15807f7048679dcb3589ae395d78939439a222a68eaa852781e2c2a9c

openshift-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.src.rpm

SHA-256: 44e03a635526ce0002fb680bd8e3df44e4d6322d28450f1cedc955a51e3f3340

openstack-ironic-20.2.1-0.20220902195023.ab80152.el8.src.rpm

SHA-256: 283f430e33b1ebe7d69356da3f164a6ad5588627657c7f49a0d6527449312faa

python-sushy-4.1.2-0.20220908165021.1ae8e49.el8.src.rpm

SHA-256: 4529e42b0c6affbef7c9b72de1cfaf03bc41d146738405ac5db92b2ef6d4c717

aarch64

cri-tools-1.24.2-6.el8.aarch64.rpm

SHA-256: 68c8f8964025f1602dba0c89ea8a039713aa03a85457a9a5b5e6344ce5547d3c

cri-tools-debuginfo-1.24.2-6.el8.aarch64.rpm

SHA-256: 32fd50790f50485312f1a4b179ac9a898111110a1e36d419720b6f4a80a5b4b8

cri-tools-debugsource-1.24.2-6.el8.aarch64.rpm

SHA-256: 0ebd06a9a534c4cd6df11a9abd64e44a440f39750fd9e450f3576e1f119bbb45

openshift-hyperkube-4.11.0-202209131648.p0.g3882f8f.assembly.stream.el8.aarch64.rpm

SHA-256: a92f3ebc2de5543d0608ecfb63cc4fd4f9041c30aee0a74e0b104839324214ff

openstack-ironic-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: d9ee12c4412673acce66b4e21e1c928127e5f26f6c9678686f2780038db9a72c

openstack-ironic-api-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: 8c3f97ecfa0002f94e6b63e7ac707f26f307bcd038f278550fcaad571da4ef1e

openstack-ironic-common-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: 9d111143f04c284fcfdde8faf39d885cfd8ccdcb764e2633325c0ecc275137a1

openstack-ironic-conductor-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: c41c06c931dbeb4f6331fbeaca395324ccf186195cbbe2ed585e4dfc8bd19700

openstack-ironic-dnsmasq-tftp-server-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: ef3843b15dd1cab2a2c658598d5287805b653f8f54438c8a623e97110c78dc7a

python3-ironic-tests-20.2.1-0.20220902195023.ab80152.el8.noarch.rpm

SHA-256: 480c1f28edb379f0eff08ee7874a331fd4e58328ee1da5c2efb8c2bf53ed181b

python3-sushy-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm

SHA-256: f485753a5fa8bdbd0e25d82f867286d70abcd94bdc6b325bcca3863c78705226

python3-sushy-tests-4.1.2-0.20220908165021.1ae8e49.el8.noarch.rpm

SHA-256: 43323973d92d33496fe6b86afde4d23620bc908ebad1df2786c18ab396e5dc0c

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Ubuntu Security Notice USN-6038-2

Ubuntu Security Notice 6038-2 - USN-6038-1 fixed several vulnerabilities in Go 1.18. This update provides the corresponding updates for Go 1.13 and Go 1.16. CVE-2022-29526 and CVE-2022-30630 only affected Go 1.16. It was discovered that the Go net/http module incorrectly handled Transfer-Encoding headers in the HTTP/1 client. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack.

RHSA-2023:4488: Red Hat Security Advisory: Red Hat OpenShift support for Windows Containers 6.0.1[security update]

The components for Red Hat OpenShift support for Windows Containers 6.0.1 are now available. This product release includes bug fixes and security update for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject...

Red Hat Security Advisory 2023-3642-01

Red Hat Security Advisory 2023-3642-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. This new container image is based on Red Hat Ceph Storage 6.1 and Red Hat Enterprise Linux 9. Issues addressed include bypass, cross site scripting, denial of service, information leakage, spoofing, and traversal vulnerabilities.

RHSA-2023:2282: Red Hat Security Advisory: podman security and bug fix update

An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30629: A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption. * CVE-2022-41717: A flaw was found in the net/http library of the golang package. Thi...

Red Hat Security Advisory 2023-1529-01

Red Hat Security Advisory 2023-1529-01 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring. Issues addressed include a denial of service vulnerability.

RHSA-2023:1275: Red Hat Security Advisory: Red Hat OpenStack Platform (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid. * CVE-2022-2880: A flaw was found in the golang package, where requests forwarded by rev...

RHSA-2023:0630: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.7.0 security and bug fix updates

Red Hat Advanced Cluster Management for Kubernetes 2.7.0 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3517: A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service. * CVE-2022-30629: A flaw was found in the crypto/tls golang pa...

Red Hat Security Advisory 2023-0407-01

Red Hat Security Advisory 2023-0407-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.12.0 RPMs. Issues addressed include denial of service and out of bounds read vulnerabilities.

RHSA-2023:0408: Red Hat Security Advisory: OpenShift Virtualization 4.12.0 Images security update

Red Hat OpenShift Virtualization release 4.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache * CVE-2021-44717: golang: syscall: don't close fd 0 on ForkExec error * CVE-2022-1705: golang: net/http: improper sanitizat...

RHSA-2022:9047: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.6 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.6 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30630: golang: io/fs: stack exhaustion in G...

RHSA-2022:8750: Red Hat Security Advisory: OpenShift Virtualization 4.11.1 security and bug fix update

Red Hat OpenShift Virtualization release 4.11.1 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-24921: golang: regexp: stack exhaustion via a deeply nested expression * CVE-2022-28327: golang: crypto/elliptic: panic caus...

RHSA-2022:6430: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.0.4 security and bug fix update

OpenShift API for Data Protection (OADP) 1.0.4 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-30629: golang: crypto/tls: session ti...

Red Hat Security Advisory 2022-6370-01

Red Hat Security Advisory 2022-6370-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix security issues and several bugs. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6347-01

Red Hat Security Advisory 2022-6347-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters. Version 0.5 has been released with security fixes and updates.

RHSA-2022:6370: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.0 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.6.0 General Availability release images, which fix security issues and bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_a...

RHSA-2022:6345: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.1 security updates and bug fixes

Multicluster Engine v2.1 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30630: golang: io/fs: stack exhaustion in Glob * CVE-2022-30631: golang: compress/gzi...

RHSA-2022:6347: Red Hat Security Advisory: VolSync 0.5 security fixes and updates

VolSync v0.5 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-27191: golang: crash in a golang.org/x/crypto/ssh server * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30630: golang: io/fs: stack e...

RHSA-2022:6346: Red Hat Security Advisory: RHSA: Submariner 0.13 - security and enhancement update

Submariner 0.13 packages that fix security issues and bugs, as well as adds various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions...

Red Hat Security Advisory 2022-6152-01

Red Hat Security Advisory 2022-6152-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.0.

Red Hat Security Advisory 2022-6277-01

Red Hat Security Advisory 2022-6277-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Issues addressed include denial of service and traversal vulnerabilities.

RHSA-2022:6290: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.0 security and bug fix update

OpenShift API for Data Protection (OADP) 1.1.0 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-28327: golang: crypto/elliptic: panic caused by oversized scalar * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30631: golang: compress/gzip: stack exhaus...

Red Hat Security Advisory 2022-6103-01

Red Hat Security Advisory 2022-6103-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.1.

RHSA-2022:6103: Red Hat Security Advisory: OpenShift Container Platform 4.11.1 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read

Red Hat Security Advisory 2022-6042-01

Red Hat Security Advisory 2022-6042-01 - Red Hat OpenShift Serverless Client kn 1.24.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.24.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Issues addressed include bypass and denial of service vulnerabilities.

RHSA-2022:6040: Red Hat Security Advisory: Release of OpenShift Serverless 1.24.0

Release of OpenShift Serverless 1.24.0 The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System (CVSS) base score.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-1996: go-restful: Authorization Bypass Through User-Controlled Key * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-24921: golang: regexp: stack exhaustion via a deeply nested expression * C...

Gentoo Linux Security Advisory 202208-02

Gentoo Linux Security Advisory 202208-2 - Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution. Versions less than 1.18.5 are affected.

CVE-2022-30634: [security] Go 1.18.3 and Go 1.17.11 are released

Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes.

CVE-2021-21285: Docker Engine release notes

In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.