Red Hat: RHSA-2022:4814-01 Moderate: Migration Toolkit for Containers
red hat
May 31, 2022
The Migration Toolkit for Containers (MTC) 1.6.5 is now available
Solution
For details on how to install and use MTC, refer to:
https://docs.redhat.com/en/documentation/openshift_container_platform/4.17/html/migration_toolkit_for_containers/installing-mtc
Summary
The Migration Toolkit for Containers (MTC) enables you to migrate
Kubernetes resources, persistent volume data, and internal container images
between OpenShift Container Platform clusters, using the MTC web console or
the Kubernetes API.
Security Fix(es):
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching
ANSI escape codes (CVE-2021-3807)
* golang: archive/zip: malformed archive may cause panic or memory
exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Topics Covered
References
https://access.redhat.com/security/cve/CVE-2018-25032 https://access.redhat.com/security/cve/CVE-2020-0404 https://access.redhat.com/security/cve/CVE-2020-4788 https://access.redhat.com/security/cve/CVE-2020-13974 https://access.redhat.com/security/cve/CVE-2020-19131 https://access.redhat.com/security/cve/CVE-2020-27820 https://access.redhat.com/security/cve/CVE-2020-35492 https://access.redhat.com/security/cve/CVE-2021-0941 https://access.redhat.com/security/cve/CVE-2021-3612 https://access.redhat.com/security/cve/CVE-2021-3634 https://access.redhat.com/security/cve/CVE-2021-3669 https://access.redhat.com/security/cve/CVE-2021-3737 https://access.redhat.com/security/cve/CVE-2021-3743 https://access.redhat.com/security/cve/CVE-2021-3744 https://access.redhat.com/security/cve/CVE-2021-3752 https://access.redhat.com/security/cve/CVE-2021-3759 https://access.redhat.com/security/cve/CVE-2021-3764 https://access.redhat.com/security/cve/CVE-2021-3772 https://access.redhat.com/security/cve/CVE-2021-3773 https://access.redhat.com/security/cve/CVE-2021-3807 https://access.redhat.com/security/cve/CVE-2021-4002 https://access.redhat.com/security/cve/CVE-2021-4037 https://access.redhat.com/security/cve/CVE-2021-4083 https://access.redhat.com/security/cve/CVE-2021-4157 Read the Full Advisory
Package List
PREVIOUS
NEXT
Advisory ID: RHSA-2022:4814-01
Product: Red Hat Migration Toolkit
Advisory URL: https://access.redhat.com/errata/RHSA-2022:4814
Issue date: 2022-05-31
Topic
The Migration Toolkit for Containers (MTC) 1.6.5 is now available.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.
Topics Covered
Relevant Releases Architectures
Bugs Fixed
2006044 - CVE-2021-39293 golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)
2007557 - CVE-2021-3807 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes
2057579 - [MTC UI] Cancel button on ?Migrations? page does not disappear when migration gets Failed/Succeeded with warnings
2072311 - HPAs of DeploymentConfigs are not being updated when migration from Openshift 3.x to Openshift 4.x
2074044 - [MTC] Rsync pods are not running as privileged
2074553 - Upstream Hook Runner image requires arguments be in a different order
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!