Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

RedHat OpenShift 1.3.1 Moderate: Security Fix and Bug Update

red hat
Calendar Grey October 19, 2022
Dist Redhat Esm H88
Canonical unveils Ubuntu server 22.04.3 with vital upgrades and patches tackling significant vulnerabilities and enhancing performance.
OpenShift sandboxed containers 1.3.1 is now available

Solution

Before applying this update, ensure all previously released errata relevant to your system have been applied.

For details on how to apply this update, which includes the changes described in this advisory, refer to:

Summary

OpenShift sandboxed containers support for OpenShift Container Platform provides users with built-in support for running Kata containers as an additional, optional runtime.
This advisory contains an update for OpenShift sandboxed containers with security fixes and a bug fix.
Space precludes documenting all of the updates to OpenShift sandboxed containers in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:

Topics%20covered

Topics Covered

security advisory moderate Red Hat bug fix security fix OpenShift container

References

https://access.redhat.com/security/cve/CVE-2015-20107 https://access.redhat.com/security/cve/CVE-2022-0391 https://access.redhat.com/security/cve/CVE-2022-1292 https://access.redhat.com/security/cve/CVE-2022-1586 https://access.redhat.com/security/cve/CVE-2022-1785 https://access.redhat.com/security/cve/CVE-2022-1897 https://access.redhat.com/security/cve/CVE-2022-1927 https://access.redhat.com/security/cve/CVE-2022-2068 https://access.redhat.com/security/cve/CVE-2022-2097 https://access.redhat.com/security/cve/CVE-2022-2832 https://access.redhat.com/security/cve/CVE-2022-24675 https://access.redhat.com/security/cve/CVE-2022-29154 https://access.redhat.com/security/cve/CVE-2022-30632 https://access.redhat.com/security/cve/CVE-2022-32206 https://access.redhat.com/security/cve/CVE-2022-32208 https://access.redhat.com/security/cve/CVE-2022-34903 https://access.redhat.com/security/cve/CVE-2022-40674 https://access.redhat.com/security/updates/classification#moderate

Package List


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2022:7058-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2022:7058
Issue date: 2022-10-19

Topic

OpenShift sandboxed containers 1.3.1 is now available.

Topics%20covered

Topics Covered

security advisory moderate Red Hat bug fix security fix OpenShift container

Relevant Releases Architectures

Bugs Fixed

2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode

2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob

2118556 - CVE-2022-2832 blender: Null pointer reference in blender thumbnail extractor

5. JIRA issues fixed (https://redhat.atlassian.net/jira/projects):

KATA-1751 - CVE-2022-24675 osc-operator-container: golang: encoding/pem: fix stack overflow in Decode [rhosc-1]

KATA-1752 - CVE-2022-28327 osc-operator-container: golang: crypto/elliptic: panic caused by oversized scalar [rhosc-1]

KATA-1754 - OSC Pod security issue in 4.12 prevents subscribing to operator

KATA-1758 - CVE-2022-30632 osc-operator-container: golang: path/filepath: stack exhaustion in Glob [rhosc-1]

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here