RedHat: RHSA-2023-0481:01 Moderate: Submariner 0.12.3 - security update and
Summary
Submariner enables direct networking between pods and services on different
Kubernetes clusters that are either on-premises or in the cloud.
For more information about Submariner, see the Submariner open source
community website at: https://submariner.io/.
This advisory contains bug fixes and enhancements to the Submariner
container images.
Major bug addressed:
ACM-2318: Submariner gateway node: Error updating load balancer with new
hosts map
Security fix:
* CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage
takes a long time to parse complex tags
Summary
Solution
For details on how to install Submariner, refer to:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html/add-ons/add-ons-overview#submariner-deploy-console
and
https://submariner.io/getting-started/
References
https://access.redhat.com/security/cve/CVE-2022-32149 https://access.redhat.com/security/updates/classification/#moderate
Package List
Topic
Submariner 0.12.3 packages that fix various bugs and add variousenhancements that are now available for Red Hat Advanced Cluster Managementfor Kubernetes version 2.5.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.
Topic
Relevant Releases Architectures
Bugs Fixed
2134010 - CVE-2022-32149 golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags
5. JIRA issues fixed (https://issues.redhat.com/):
ACM-2318 - Submariner gateway node: Error updating load balancer with new hosts map