RedHat 4.8.3 Advisory RHSA-2021-4914 Moderate OpenShift Update
red hat
December 2, 2021
Red Hat OpenShift Virtualization release 4.8.3 is now available with updates to packages and images that fix several bugs and add enhancements
Solution
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
Summary
OpenShift Virtualization is Red Hat's virtualization solution designed for
Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization 4.8.3 images:
RHEL-8-CNV-4.8
=============hostpath-provisioner-container-v4.8.3-4
kubevirt-v2v-conversion-container-v4.8.3-3
virt-cdi-cloner-container-v4.8.3-4
virt-cdi-operator-container-v4.8.3-4
virt-cdi-uploadproxy-container-v4.8.3-4
virt-launcher-container-v4.8.3-9
vm-import-operator-container-v4.8.3-7
virt-cdi-apiserver-container-v4.8.3-4
kubevirt-vmware-container-v4.8.3-3
virt-api-container-v4.8.3-9
vm-import-virtv2v-container-v4.8.3-7
virtio-win-container-v4.8.3-3
node-maintenance-operator-container-v4.8.3-2
hostpath-provisioner-operator-container-v4.8.3-4
virt-cdi-controller-container-v4.8.3-4
virt-cdi-importer-container-v4.8.3-4
bridge-marker-container-v4.8.3-3
ovs-cni-marker-container-v4.8.3-3
virt-handler-container-v4.8.3-9
virt-controller-container-v4.8.3-9
cnv-containernetworking-plugins-container-v4.8.3-3
kubevirt-template-validator-container-v4.8.3-3
hyperconverged-cluster-webhook-container-v4.8.3-5
ovs-cni-plugin-container-v4.8.3-3
hyperconverged-cluster-operator-container-v4.8.3-5
kubevirt-ssp-operator-container-v4.8.3-4
virt-cdi-uploadserver-container-v4.8.3-4
kubemacpool-container-v4.8.3-5
vm-import-controller-container-v4.8.3-7
virt-operator-container-v4.8.3-9
kubernetes-nmstate-handler-container-v4.8.3-8
cnv-must-gather-container-v4.8.3-12
cluster-network-addons-operator-container-v4.8.3-8
hco-bundle-registry-container-v4.8.3-58
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the
beginning of an IP address octet (CVE-2021-29923)
* golang: crypto/tls: certificate of wrong type is causing TLS client to
panic (CVE-2021-34558)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Topics Covered
References
https://access.redhat.com/security/cve/CVE-2018-20673 https://access.redhat.com/security/cve/CVE-2019-5827 https://access.redhat.com/security/cve/CVE-2019-13750 https://access.redhat.com/security/cve/CVE-2019-13751 https://access.redhat.com/security/cve/CVE-2019-17594 https://access.redhat.com/security/cve/CVE-2019-17595 https://access.redhat.com/security/cve/CVE-2019-18218 https://access.redhat.com/security/cve/CVE-2019-19603 https://access.redhat.com/security/cve/CVE-2019-20838 https://access.redhat.com/security/cve/CVE-2020-12762 https://access.redhat.com/security/cve/CVE-2020-13435 https://access.redhat.com/security/cve/CVE-2020-14155 https://access.redhat.com/security/cve/CVE-2020-16135 https://access.redhat.com/security/cve/CVE-2020-24370 https://access.redhat.com/security/cve/CVE-2020-25648 https://access.redhat.com/security/cve/CVE-2020-36385 https://access.redhat.com/security/cve/CVE-2021-0512 https://access.redhat.com/security/cve/CVE-2021-3200 https://access.redhat.com/security/cve/CVE-2021-3426 https://access.redhat.com/security/cve/CVE-2021-3445 https://access.redhat.com/security/cve/CVE-2021-3572 https://access.redhat.com/security/cve/CVE-2021-3580 https://access.redhat.com/security/cve/CVE-2021-3656 Read the Full Advisory
Package List
PREVIOUS
NEXT
Advisory ID: RHSA-2021:4914-01
Product: cnv
Advisory URL: https://access.redhat.com/errata/RHSA-2021:4914
Issue date: 2021-12-02
Topic
Red Hat OpenShift Virtualization release 4.8.3 is now available withupdates to packages and images that fix several bugs and add enhancements.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.
Topics Covered
Relevant Releases Architectures
Bugs Fixed
1983596 - CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic
1992006 - CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet
1997017 - unprivileged client fails to get guest agent data
1998855 - Node drain: Sometimes source virt-launcher pod status is Failed and not Completed
2000251 - RoleBinding and ClusterRoleBinding brought in by kubevirt does not get reconciled when kind is ServiceAccount
2001270 - [VMIO] [Warm from Vmware] Snapshot files are not deleted after Successful Import
2001281 - [VMIO] [Warm from VMware] Source VM should not be turned ON if vmio import is removed
2001901 - [4.8.3] NNCP creation failures after nmstate-handler pod deletion
2007336 - 4.8.3 containers2007776 - Failed to Migrate Windows VM with CDROM (readonly)
2008511 - [CNV-4.8.3] VMI is in LiveMigrate loop when Upgrading Cluster from 2.6.7/4.7.32 to OCP 4.8.13
2012890 - With descheduler during multiple VMIs migrations, some VMs are restarted
2025475 - [4.8.3] Upgrade from 2.6 to 4.x versions failed due to vlan-filtering issues
2026881 - [4.8.3] vlan-filtering is getting applied on veth ports
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!