Red Hat 1.6.0 Moderate: Migration Toolkit For Containers Security Update
red hat
September 29, 2021
The Migration Toolkit for Containers (MTC) 1.6.0 is now available
Solution
For details on how to install and use MTC, refer to:
tainers/installing-mtc.html
Summary
The Migration Toolkit for Containers (MTC) enables you to migrate
Kubernetes resources, persistent volume data, and internal container images
between OpenShift Container Platform clusters, using the MTC web console or
the Kubernetes API.
Security fixes:
* nodejs-axios: Regular expression denial of service in trim function
(CVE-2021-3749)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
References
https://access.redhat.com/security/cve/CVE-2021-3749 https://access.redhat.com/security/cve/CVE-2021-22922 https://access.redhat.com/security/cve/CVE-2021-22923 https://access.redhat.com/security/cve/CVE-2021-22924 https://access.redhat.com/security/cve/CVE-2021-36222 https://access.redhat.com/security/cve/CVE-2021-37576 https://access.redhat.com/security/cve/CVE-2021-37750 https://access.redhat.com/security/cve/CVE-2021-38201 https://access.redhat.com/security/updates/classification#moderate
Package List
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Advisory ID: RHSA-2021:3694-01
Product: Red Hat Migration Toolkit
Advisory URL: https://access.redhat.com/errata/RHSA-2021:3694
Issue date: 2021-09-29
Topic
The Migration Toolkit for Containers (MTC) 1.6.0 is now available.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.
Relevant Releases Architectures
Bugs Fixed
1878824 - Web console is not accessible when deployed on OpenShift cluster on IBM Cloud
1887526 - "Stage" pods fail when migrating from classic OpenShift source cluster on IBM Cloud with block storage
1899562 - MigMigration custom resource does not display an error message when a migration fails because of volume mount error
1936886 - Service account token of existing remote cluster cannot be updated by using the web console
1936894 - "Ready" status of MigHook and MigPlan custom resources is not synchronized automatically
1949117 - "Migration plan resources" page displays a permanent error message when a migration plan is deleted from the backend
1951869 - MigPlan custom resource does not detect invalid source cluster reference
1968621 - Paused deployment config causes a migration to hang
1970338 - Parallel migrations fail because the initial backup is missing
1974737 - Migration plan name length in the "Migration plan" wizard is not validated
1975369 - "Debug view" link text on "Migration plans" page can be improved
1975372 - Destination namespace in MigPlan custom resource is not validated
1976895 - Namespace mapping cannot be changed using the Migration Plan wizard
1981810 - "Excluded" resources are not excluded from the migration
1982026 - Direct image migration fails if the source URI contains a double slash ("//")
1994985 - Web console crashes when a MigPlan custom resource is created with an empty namespaces list
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!