OpenShift Serverless 1.10.2 RHSA-2021:2021 Moderate: Security Advisory

red hat

May 19, 2021

Openshift Serverless 1.10.2 is now available

Solution

See the documentation at: https://access.redhat.com/documentation/en-us/openshift_container_platform/ 4.5/html/serverless_applications/index

Summary

Red Hat OpenShift Serverless 1.10.2 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.5.
Security Fix(es):
* golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)
* golang: cmd/go: packages using cgo can cause arbitrary code execution at build time (CVE-2021-3115)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Topics Covered

security advisory moderate security update Red Hat code execution CVE details OpenShift Serverless

References

https://access.redhat.com/security/cve/CVE-2018-20843 https://access.redhat.com/security/cve/CVE-2018-1000858 https://access.redhat.com/security/cve/CVE-2019-5018 https://access.redhat.com/security/cve/CVE-2019-13050 https://access.redhat.com/security/cve/CVE-2019-13627 https://access.redhat.com/security/cve/CVE-2019-14889 https://access.redhat.com/security/cve/CVE-2019-15903 https://access.redhat.com/security/cve/CVE-2019-16168 https://access.redhat.com/security/cve/CVE-2019-16935 https://access.redhat.com/security/cve/CVE-2019-19221 https://access.redhat.com/security/cve/CVE-2019-19906 https://access.redhat.com/security/cve/CVE-2019-19956 https://access.redhat.com/security/cve/CVE-2019-20218 https://access.redhat.com/security/cve/CVE-2019-20387 https://access.redhat.com/security/cve/CVE-2019-20388 https://access.redhat.com/security/cve/CVE-2019-20454 https://access.redhat.com/security/cve/CVE-2019-20907 https://access.redhat.com/security/cve/CVE-2019-20916 https://access.redhat.com/security/cve/CVE-2020-1730 https://access.redhat.com/security/cve/CVE-2020-6405 https://access.redhat.com/security/cve/CVE-2020-7595 https://access.redhat.com/security/cve/CVE-2020-8492 https://access.redhat.com/security/cve/CVE-2020-9327 Read the Full Advisory

Package List

Advisory ID: RHSA-2021:2021-01

Product: Red Hat OpenShift Serverless

Advisory URL: https://access.redhat.com/errata/RHSA-2021:2021

Issue date: 2021-05-19

Topic

Openshift Serverless 1.10.2 is now available.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics Covered

security advisory moderate security update Red Hat code execution CVE details OpenShift Serverless

Relevant Releases Architectures

Bugs Fixed

1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve

1918761 - CVE-2021-3115 golang: cmd/go: packages using cgo can cause arbitrary code execution at build time

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

OpenShift Serverless 1.10.2 RHSA-2021:2021 Moderate: Security Advisory

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

OpenShift Serverless 1.10.2 RHSA-2021:2021 Moderate: Security Advisory

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!