Red Hat ACS 4.1 Security Enhancement RHSA-2023:3943-01 Moderate Impact

The release of ACS 4.1 provides these changes:
Security Fix(es):
* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)
* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
* golang: net/http, net/textproto: denial of service from excessive memory allocation (CVE-2023-24534)
* golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption (CVE-2023-24536)
* golang: go/parser: Infinite loop in parsing (CVE-2023-24537)
* golang: html/template: backticks not treated as string delimiters(CVE-2023-24538)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
New features:
* Manual renewal of Central and Sensor certificates
* Vulnerability Management 2.0 (Technology Preview)
* RHACS Cloud Service scanning support for images pulled from on-premise registries
* eBPF collection method on IBM Z and IBM® LinuxONE
* Ability to configure the display of default compliance standards in the Compliance Dashboard
* Declarative configurations for authentication and authorization
* SSO configuration using the roxctl CLI
* New collection method based on BPF CO-RE (Technology Preview)
* Network graph updates
* Policy Management simplification
* New permission sets
* Improvements for Sensor resync (General Availability)
For notable technical changes, deprecated and removed features, bug fixes, and known issues, refer to the Release Notes.