Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 203 articles for you...
89
security advisoryfedoraapplication updateFedora 42: singularity-ce 4.3.6 Upgrade Security Advisory 2025-3ff2f4efe3
Upgrade to 4.3.6 upstream version.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-3ff2f4efe3 2025-12-27 01:00:29.398531+00:00 -------------------------------------------------------------------------------- Name : singularity-ce Product : Fedora 42 Version : 4.3.6 Release : 1.fc42 URL : Summary : Application and environment virtualization Description : SingularityCE is the Community Edition of Singularity, an open source container platform designed to be simple, fast, and secure. -------------------------------------------------------------------------------- Update Information: Upgrade to 4.3.6 upstream version. -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 18 2025 David Trudgian - 4.3.6-1 - Upgrade to 4.3.6 upstream version. - Fixes CVE-2025-67499 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-3ff2f4efe3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Dec 27, 2025
•Important
Fedora
89
security advisoryFedoraupdate informationFedora 39: FEDORA-2024-c95d3199c5 moderate: Singularity-CE Update
Bulk update of bundled Go dependencies.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-c95d3199c5 2024-06-12 01:31:25.500988 -------------------------------------------------------------------------------- Name : singularity-ce Product : Fedora 39 Version : 3.11.5^20240603gbd4675f Release : 1.fc39 URL : / Summary : Application and environment virtualization Description : SingularityCE is the Community Edition of Singularity, an open source container platform designed to be simple, fast, and secure. -------------------------------------------------------------------------------- Update Information: Bulk update of bundled Go dependencies. -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 3 2024 David Trudgian - 3.11.5^20240603gbd4675f-1 - Bulk update of bundled Go dependencies. -------------------------------------------------------------------------------- References: [ 1 ] Bug #2268897 - CVE-2024-28180 singularity-ce: jose-go: improper handling of highly compressed data [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2268897 [ 2 ] Bug #2284383 - TRIAGE CVE-2024-3727 singularity-ce: containers/image: digest type does not guarantee valid type [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2284383 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-c95d3199c5' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 12, 2024
Fedora
98
security advisorymoderatebug fixRedHat OpenShift 4.12.36 Moderate Advisory RHSA-2023-5390-01 DoS Fix
Red Hat OpenShift Container Platform release 4.12.36 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.12.36 bug fix and security update Advisory ID: RHSA-2023:5390-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2023:5390 Issue date: 2023-10-04 CVE Names: CVE-2023-2253 ===================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.12.36 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.36. See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHBA-2023:5392 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes/ocp-4-12-release-notes Security Fix(es): *distribution/distribution: DoS from malicious API request (CVE-2023-2253) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. All OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/updating_clusters/updating-cluster-cli 3. Solution: For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes/ocp-4-12-release-notes You may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags. The sha values for the release are: (For x86_64 architecture) The image digest is sha256:38ccab25d5895a216a465a9f297541fbbebe7aa115fdaa9f2015c8d5a5d036eb (For s390x architecture) The image digest is sha256:91e9a38e4333cac73c9320a713247d6652017081cd573f892dae2a866142de45 (For ppc64le architecture) The image digest is sha256:674a2972728709445f1bf008d0b8740f3b7c3d7f5781f8a4235b11d47779038e (For aarch64 architecture) The image digest is sha256:e515ccfd4923cfb91b54fad78835338ec99ec204544d53691f81a92bfdd6f9f4 All OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions forupgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/updating_clusters/updating-cluster-cli 4. Bugs fixed (https://bugzilla.redhat.com/): 2189886 - CVE-2023-2253 distribution/distribution: DoS from malicious API request 5. JIRA issues fixed (https://redhat.atlassian.net/jira/projects): OCPBUGS-10992 - SCOS bootstrap should skip pivot when root is not writable OCPBUGS-16376 - Avoid retry of Network Policy event OCPBUGS-19045 - Web console slowness on Project> Project access page OCPBUGS-19405 - [release-4.12] Extend workload-info gatherer to collect image repository info OCPBUGS-19511 - 4.12: Upgrade blocked: csi-snapshot-controller fails with read-only filesystem OCPBUGS-19557 - CBO crashes if internal IP is nil OCPBUGS-19770 - After Adding the FIP to existing Node, The CSR get generated, It should be approved automatically. 6. References: https://access.redhat.com/security/cve/CVE-2023-2253 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes/ocp-4-12-release-notes 7. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJlHNuqAAoJENzjgjWX9erEh5cP/A9LtseE8nzZrC+A8Zu0+l9p /W65ADKX5Wh+7Y0lQ7NKJrldKtE7PUp1D/3ufDJ8KrF2wJQ2DpDqGCYIO2K+Sldl 4dVeE7cgb1vcJmZGNKY2tB6z204IStsZakcy2yJhUi1USKhKOEy0YfDy10hMCcbZ /IuELwib/PYlKAn5WxZjNiiGPW0g5JE0BG1UAaxJovCewh/ORZH+IAhOY/Zbq88+ BDtFoaapCWyNDiYuUlXjxIz+YqESl20nVNaeDl4LGARHrNtCqUuTOWCOJnKUV4v8 +uP7OfWgocBNDnl2AKVQbX/Too8LrHtcRTeRNkqLhQzUwNUd8RHHzrAgSxeV681y V0AH/WbJR7pj/pXY80T+Jn9iM2mc0WCU+w3GAPc3Cmym8T7Ql8fDwkqezGe2aExu 4pZP3PpEdZWiZkkoRJf+ULfHtsVSQuekry44iSkC1inmHSJ22H8fZpgpMdP4FisD pt6nURLLcRztnKoJ64gPVox+vQACNVz5PZA3kXVLAN5DPYqj+ZhLOd66nZ8SPwzi NkimR39ADdJ+E1wLuYfU3qIoBzLS4i7fJKmlaa2SM451TzWdddapgEl5IWlJYgRc vgO/OMqPEc+9mDlb9EzdeYS8tgdAbdHeHrUUqG22bd4x+H7nBkmbdtFfn66iAHxm HXhZkUmQkTGnAvDS9E8J =4wiG -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Oct 04, 2023
Red Hat
98
security advisorymoderatebug fixRed Hat OpenShift 4.11.6 Moderate: RHSA-2023:5103-01 Security Fix
Red Hat OpenShift Virtualization release 4.11.6 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Virtualization 4.11.6 security and bug fix update Advisory ID: RHSA-2023:5103-01 Product: OpenShift Virtualization Advisory URL: https://access.redhat.com/errata/RHSA-2023:5103 Issue date: 2023-09-12 CVE Names: CVE-2016-3709 CVE-2022-4304 CVE-2022-4450 CVE-2023-0215 CVE-2023-0286 CVE-2023-0361 CVE-2023-2828 CVE-2023-3089 CVE-2023-3899 CVE-2023-38408 ===================================================================== 1. Summary: Red Hat OpenShift Virtualization release 4.11.6 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section 2. Description: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.11.6 images. Security Fix(es): * openshift: OCP & FIPS mode (CVE-2023-3089) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Requested TSC frequency outside tolerance range & TSC scaling not supported (BZ#2151169) * User cannot get resource"virtualmachineinstances/portforward" in API group "subresources.kubevirt.io" (BZ#2160673) * 4.11.4 containers (BZ#2173835) * VMI with x86_Icelake fail when mpx feature is missing (BZ#2218193) 3. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 2151169 - Requested TSC frequency outside tolerance range & TSC scaling not supported 2160673 - User cannot get resource "virtualmachineinstances/portforward" in API group "subresources.kubevirt.io" 2173835 - 4.11.4 containers 2212085 - CVE-2023-3089 openshift: OCP & FIPS mode 2218193 - VMI with x86_Icelake fail when mpx feature is missing 5. References: https://access.redhat.com/security/cve/CVE-2016-3709 https://access.redhat.com/security/cve/CVE-2022-4304 https://access.redhat.com/security/cve/CVE-2022-4450 https://access.redhat.com/security/cve/CVE-2023-0215 https://access.redhat.com/security/cve/CVE-2023-0286 https://access.redhat.com/security/cve/CVE-2023-0361 https://access.redhat.com/security/cve/CVE-2023-2828 https://access.redhat.com/security/cve/CVE-2023-3089 https://access.redhat.com/security/cve/CVE-2023-3899 https://access.redhat.com/security/cve/CVE-2023-38408 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2023-001 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJlAINpAAoJENzjgjWX9erEdG4P/jO759CVAR4s+eVcATfiu6r+ VPBs/U/dKc0aau2J2m5m4MXxUDl5xwBU/2MlrjMkO2m/nwLo8nziwZKW2m4ZsY+f i9f3H66M71u4eoPzfqLQ9imjyWAwYwYuHNumWQyzeWjStWaR7p3/NBo9vHaE63To ZFBmOZxRx9wsAfzhjSQbteWH7BNwqlqqjjZlCWf13BETlj2SF+6ow1soxVdSLY0M Dn4nKvohgA5neX3KBd51+f66R1HFKZshgUSH7/YlDC3FTRScFOPnbyrssUpGZpKg Ldf0vr27YVQIpfZRVIjwPgXK3oQ8hs+XYQgxP8T7CLAZ9bHDvqrb2y/O19XfqRW4 15/hsjuLUwmIQNpYdxu9s3lbPdNSxpH7g47OTF27JmHVSEe8mBlBOxEL7W3AvC5l v/0ovn8mlAJYfLWFOFU38Jy5FyDvR3GsEUo+xgWGJlSHGRx33nc/AMG+1MWHnxyV yAWfTkw3/QmfqK459kIKMnJuxB9SnFgf4tLpEkuwpQrgyiAfc//3PWQ0vJP9bXsu lxeV2fd8WZ9yEXPwkVN67sr/QOQYy2pdz+yxVDYHnIEfttiRgMutzKoMMGFIJmAW 81bG9c3hkArSvNraqZZbMUhfTbF8OfjHeroBQp+XcqSipk+mmoZKgFr8yhPzE1Rp 60MIgjdOBksum7fyI6a/ =7uko -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Sep 12, 2023
Red Hat
98
security advisoryprivilege escalationcloud computingRed Hat OpenShift 4.10 Advisory: RHSA-2023-4898 Important PrivEsc Fix
Red Hat OpenShift Container Platform release 4.10.67 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: OpenShift Container Platform 4.10.67 security update Advisory ID: RHSA-2023:4898-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2023:4898 Issue date: 2023-09-06 CVE Names: CVE-2023-1260 ===================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.10.67 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenShift Container Platform 4.10 - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.67. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHBA-2023:4896 Security Fix(es): * kube-apiserver: PrivEsc (CVE-2023-1260) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in theReferences section. All OpenShift Container Platform 4.10 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.10/html/updating_clusters/updating-cluster-cli 4. Solution: For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.redhat.com/en/documentation/openshift_container_platform/4.10/html/release_notes/ocp-4-10-release-notes 5. Bugs fixed (https://bugzilla.redhat.com/): 2176267 - CVE-2023-1260 kube-apiserver: PrivEsc 6. Package List: Red Hat OpenShift Container Platform 4.10: Source: openshift-4.10.0-202308291228.p0.g26fdcdf.assembly.stream.el7.src.rpm x86_64: openshift-hyperkube-4.10.0-202308291228.p0.g26fdcdf.assembly.stream.el7.x86_64.rpm Red Hat OpenShift Container Platform4.10: Source: kernel-4.18.0-305.103.1.el8_4.src.rpm kernel-rt-4.18.0-305.103.1.rt7.178.el8_4.src.rpm openshift-4.10.0-202308291228.p0.g26fdcdf.assembly.stream.el8.src.rpm aarch64: bpftool-4.18.0-305.103.1.el8_4.aarch64.rpm bpftool-debuginfo-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-core-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-cross-headers-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-debug-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-debug-core-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-debug-debuginfo-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-debug-devel-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-debug-modules-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-debug-modules-extra-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-debug-modules-internal-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-debuginfo-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-devel-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-headers-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-modules-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-modules-extra-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-modules-internal-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-selftests-internal-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-tools-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-tools-debuginfo-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-tools-libs-4.18.0-305.103.1.el8_4.aarch64.rpm kernel-tools-libs-devel-4.18.0-305.103.1.el8_4.aarch64.rpm openshift-hyperkube-4.10.0-202308291228.p0.g26fdcdf.assembly.stream.el8.aarch64.rpm perf-4.18.0-305.103.1.el8_4.aarch64.rpm perf-debuginfo-4.18.0-305.103.1.el8_4.aarch64.rpm python3-perf-4.18.0-305.103.1.el8_4.aarch64.rpm python3-perf-debuginfo-4.18.0-305.103.1.el8_4.aarch64.rpm noarch: kernel-doc-4.18.0-305.103.1.el8_4.noarch.rpm ppc64le: bpftool-4.18.0-305.103.1.el8_4.ppc64le.rpm bpftool-debuginfo-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-core-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-cross-headers-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-debug-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-debug-core-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-debug-debuginfo-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-debug-devel-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-debug-modules-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-debug-modules-extra-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-debug-modules-internal-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-debuginfo-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-devel-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-headers-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-ipaclones-internal-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-modules-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-modules-extra-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-modules-internal-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-selftests-internal-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-tools-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-tools-debuginfo-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-tools-libs-4.18.0-305.103.1.el8_4.ppc64le.rpm kernel-tools-libs-devel-4.18.0-305.103.1.el8_4.ppc64le.rpm openshift-hyperkube-4.10.0-202308291228.p0.g26fdcdf.assembly.stream.el8.ppc64le.rpm perf-4.18.0-305.103.1.el8_4.ppc64le.rpm perf-debuginfo-4.18.0-305.103.1.el8_4.ppc64le.rpm python3-perf-4.18.0-305.103.1.el8_4.ppc64le.rpm python3-perf-debuginfo-4.18.0-305.103.1.el8_4.ppc64le.rpm s390x: bpftool-4.18.0-305.103.1.el8_4.s390x.rpm bpftool-debuginfo-4.18.0-305.103.1.el8_4.s390x.rpm kernel-4.18.0-305.103.1.el8_4.s390x.rpm kernel-core-4.18.0-305.103.1.el8_4.s390x.rpm kernel-cross-headers-4.18.0-305.103.1.el8_4.s390x.rpm kernel-debug-4.18.0-305.103.1.el8_4.s390x.rpm kernel-debug-core-4.18.0-305.103.1.el8_4.s390x.rpm kernel-debug-debuginfo-4.18.0-305.103.1.el8_4.s390x.rpm kernel-debug-devel-4.18.0-305.103.1.el8_4.s390x.rpm kernel-debug-modules-4.18.0-305.103.1.el8_4.s390x.rpm kernel-debug-modules-extra-4.18.0-305.103.1.el8_4.s390x.rpm kernel-debug-modules-internal-4.18.0-305.103.1.el8_4.s390x.rpm kernel-debuginfo-4.18.0-305.103.1.el8_4.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-305.103.1.el8_4.s390x.rpm kernel-devel-4.18.0-305.103.1.el8_4.s390x.rpm kernel-headers-4.18.0-305.103.1.el8_4.s390x.rpm kernel-modules-4.18.0-305.103.1.el8_4.s390x.rpm kernel-modules-extra-4.18.0-305.103.1.el8_4.s390x.rpm kernel-modules-internal-4.18.0-305.103.1.el8_4.s390x.rpm kernel-selftests-internal-4.18.0-305.103.1.el8_4.s390x.rpm kernel-tools-4.18.0-305.103.1.el8_4.s390x.rpm kernel-tools-debuginfo-4.18.0-305.103.1.el8_4.s390x.rpm kernel-zfcpdump-4.18.0-305.103.1.el8_4.s390x.rpm kernel-zfcpdump-core-4.18.0-305.103.1.el8_4.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-305.103.1.el8_4.s390x.rpm kernel-zfcpdump-devel-4.18.0-305.103.1.el8_4.s390x.rpm kernel-zfcpdump-modules-4.18.0-305.103.1.el8_4.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-305.103.1.el8_4.s390x.rpm kernel-zfcpdump-modules-internal-4.18.0-305.103.1.el8_4.s390x.rpm openshift-hyperkube-4.10.0-202308291228.p0.g26fdcdf.assembly.stream.el8.s390x.rpm perf-4.18.0-305.103.1.el8_4.s390x.rpm perf-debuginfo-4.18.0-305.103.1.el8_4.s390x.rpm python3-perf-4.18.0-305.103.1.el8_4.s390x.rpm python3-perf-debuginfo-4.18.0-305.103.1.el8_4.s390x.rpm x86_64: bpftool-4.18.0-305.103.1.el8_4.x86_64.rpm bpftool-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-core-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-cross-headers-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-debug-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-debug-core-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-debug-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-debug-devel-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-debug-modules-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-debug-modules-extra-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-debug-modules-internal-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-devel-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-headers-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-ipaclones-internal-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-modules-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-modules-extra-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-modules-internal-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-rt-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-core-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-debug-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-debug-core-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-debug-debuginfo-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-debug-devel-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-debug-kvm-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-debug-modules-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-debug-modules-extra-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-debug-modules-internal-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-debuginfo-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-debuginfo-common-x86_64-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-devel-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-kvm-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-modules-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-modules-extra-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-modules-internal-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-rt-selftests-internal-4.18.0-305.103.1.rt7.178.el8_4.x86_64.rpm kernel-selftests-internal-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-tools-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-tools-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-tools-libs-4.18.0-305.103.1.el8_4.x86_64.rpm kernel-tools-libs-devel-4.18.0-305.103.1.el8_4.x86_64.rpm openshift-hyperkube-4.10.0-202308291228.p0.g26fdcdf.assembly.stream.el8.x86_64.rpm perf-4.18.0-305.103.1.el8_4.x86_64.rpm perf-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm python3-perf-4.18.0-305.103.1.el8_4.x86_64.rpm python3-perf-debuginfo-4.18.0-305.103.1.el8_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are availablefrom https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2023-1260 https://access.redhat.com/security/updates/classification/#important https://docs.redhat.com/en/documentation/openshift_container_platform/4.10/html/release_notes/ocp-4-10-release-notes 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJk+CVcAAoJENzjgjWX9erEjbEP/R9n2T42ujovAYsC2NLjdiza 5PVBfRYCOpopGFJeh2cqNmf2nLyUrCS7foK23etXLzso0WejucXpkCa0DQ/Z0sEL AyruljQAXdFH8Ej5ior5ll08qAbncXcMG8+sI4XUoNz5mC7X0dARk+lkrngJwfuN lYs7fdyblVzAWRNEpvLAmapaceODcSvEwrzz6+O5AfFq+4iOjejYFuow7vUnN2eC JXvn0n1wPWe8PAGWGpTGqjENtI31lgO5r/6atYurDBKXGlqfVRgz2vSzl1S6WuqZ zERAy3Fnt6VeRB9wepwB0Kx2ApyWQjRVsmBMd3Csr9Cb4aX+2ungv7sUQWlWKKlF 6Km2E9LYmR27HQdfAJl6htoXCWyyExdZOkn/0gmIQKOqSNUQUxM47Jf1LNE2+aCS 3HaCAlnJZuQWGFVUP2EF+N515DJNSgxz2PbHdhiSdbdEjCg4BnOcotDVcXdfczn+ JgeH26rh2eQuPoBlI0wZjXhXirUEhWQBjZ2eeyFyjnKrWFG63V0MZ7ZnC+NN3QNy kHCstkMe0m8dilbIsWLE55yenTVNhQbWdxNr5F20PSDKRyuu0z9G30GZykP9XK/s 5MeBucRvIjEA0k/qnzNlhlmtHGEve1zovUBOdPM7xF0ik46EoDwM4iHIRjQW5qFV ggho1OT/ITMtJgHIZHou =SPxY -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Sep 06, 2023
•Important
Red Hat
98
security advisorymoderatesecurity issueRed Hat OpenShift 4.13.10 Moderate: RHSA-2023:4734-01 Security Update
Red Hat OpenShift Container Platform release 4.13.10 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.13.10 security update Advisory ID: RHSA-2023:4734-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2023:4734 Issue date: 2023-08-30 CVE Names: CVE-2022-27664 ===================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.13.10 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Ironic content for Red Hat OpenShift Container Platform 4.13 - noarch Red Hat OpenShift Container Platform 4.13 - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.10. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHSA-2023:4731 Security Fix(es): * golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664) For more details about the security issue(s), including the impact, aCVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/updating_clusters/updating-cluster-cli 4. Solution: For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes/ocp-4-13-release-notes 5. Bugs fixed (https://bugzilla.redhat.com/): 2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY 6. Package List: Red Hat OpenShift Container Platform4.13: Source: container-selinux-2.221.0-1.rhaos4.13.el8.src.rpm openshift-4.13.0-202308112024.p0.g0ef5eae.assembly.stream.el8.src.rpm openshift-clients-4.13.0-202308112024.p0.g17b7acc.assembly.stream.el8.src.rpm aarch64: openshift-clients-4.13.0-202308112024.p0.g17b7acc.assembly.stream.el8.aarch64.rpm openshift-hyperkube-4.13.0-202308112024.p0.g0ef5eae.assembly.stream.el8.aarch64.rpm noarch: container-selinux-2.221.0-1.rhaos4.13.el8.noarch.rpm ppc64le: openshift-clients-4.13.0-202308112024.p0.g17b7acc.assembly.stream.el8.ppc64le.rpm openshift-hyperkube-4.13.0-202308112024.p0.g0ef5eae.assembly.stream.el8.ppc64le.rpm s390x: openshift-clients-4.13.0-202308112024.p0.g17b7acc.assembly.stream.el8.s390x.rpm openshift-hyperkube-4.13.0-202308112024.p0.g0ef5eae.assembly.stream.el8.s390x.rpm x86_64: openshift-clients-4.13.0-202308112024.p0.g17b7acc.assembly.stream.el8.x86_64.rpm openshift-clients-redistributable-4.13.0-202308112024.p0.g17b7acc.assembly.stream.el8.x86_64.rpm openshift-hyperkube-4.13.0-202308112024.p0.g0ef5eae.assembly.stream.el8.x86_64.rpm Red Hat OpenShift Container Platform4.13: Source: container-selinux-2.221.0-1.rhaos4.13.el9.src.rpm kernel-5.14.0-284.28.1.el9_2.src.rpm kernel-rt-5.14.0-284.28.1.rt14.313.el9_2.src.rpm openshift-4.13.0-202308112024.p0.g0ef5eae.assembly.stream.el9.src.rpm openshift-clients-4.13.0-202308112024.p0.g17b7acc.assembly.stream.el9.src.rpm aarch64: bpftool-7.0.0-284.28.1.el9_2.aarch64.rpm bpftool-debuginfo-7.0.0-284.28.1.el9_2.aarch64.rpm kernel-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-core-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-debug-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-debug-core-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-debug-debuginfo-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-debug-devel-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-debug-devel-matched-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-debug-modules-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-debug-modules-core-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-debug-modules-extra-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-debug-modules-internal-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-debug-modules-partner-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-debuginfo-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-devel-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-devel-matched-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-modules-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-modules-core-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-modules-extra-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-modules-internal-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-64k-modules-partner-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-core-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-cross-headers-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-debug-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-debug-core-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-debug-debuginfo-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-debug-devel-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-debug-devel-matched-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-debug-modules-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-debug-modules-core-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-debug-modules-extra-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-debug-modules-internal-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-debug-modules-partner-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-debuginfo-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-debuginfo-common-aarch64-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-devel-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-devel-matched-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-headers-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-modules-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-modules-core-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-modules-extra-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-modules-internal-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-modules-partner-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-selftests-internal-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-tools-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-tools-debuginfo-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-tools-libs-5.14.0-284.28.1.el9_2.aarch64.rpm kernel-tools-libs-devel-5.14.0-284.28.1.el9_2.aarch64.rpm openshift-clients-4.13.0-202308112024.p0.g17b7acc.assembly.stream.el9.aarch64.rpm openshift-hyperkube-4.13.0-202308112024.p0.g0ef5eae.assembly.stream.el9.aarch64.rpm perf-5.14.0-284.28.1.el9_2.aarch64.rpm perf-debuginfo-5.14.0-284.28.1.el9_2.aarch64.rpm python3-perf-5.14.0-284.28.1.el9_2.aarch64.rpm python3-perf-debuginfo-5.14.0-284.28.1.el9_2.aarch64.rpm rtla-5.14.0-284.28.1.el9_2.aarch64.rpm noarch: container-selinux-2.221.0-1.rhaos4.13.el9.noarch.rpm kernel-abi-stablelists-5.14.0-284.28.1.el9_2.noarch.rpm kernel-doc-5.14.0-284.28.1.el9_2.noarch.rpm ppc64le: bpftool-7.0.0-284.28.1.el9_2.ppc64le.rpm bpftool-debuginfo-7.0.0-284.28.1.el9_2.ppc64le.rpm kernel-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-core-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-cross-headers-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-debug-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-debug-core-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-debug-debuginfo-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-debug-devel-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-debug-devel-matched-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-debug-modules-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-debug-modules-core-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-debug-modules-extra-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-debug-modules-internal-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-debug-modules-partner-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-debuginfo-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-debuginfo-common-ppc64le-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-devel-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-devel-matched-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-headers-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-ipaclones-internal-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-modules-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-modules-core-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-modules-extra-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-modules-internal-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-modules-partner-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-selftests-internal-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-tools-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-tools-debuginfo-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-tools-libs-5.14.0-284.28.1.el9_2.ppc64le.rpm kernel-tools-libs-devel-5.14.0-284.28.1.el9_2.ppc64le.rpm openshift-clients-4.13.0-202308112024.p0.g17b7acc.assembly.stream.el9.ppc64le.rpm openshift-hyperkube-4.13.0-202308112024.p0.g0ef5eae.assembly.stream.el9.ppc64le.rpm perf-5.14.0-284.28.1.el9_2.ppc64le.rpm perf-debuginfo-5.14.0-284.28.1.el9_2.ppc64le.rpm python3-perf-5.14.0-284.28.1.el9_2.ppc64le.rpm python3-perf-debuginfo-5.14.0-284.28.1.el9_2.ppc64le.rpm rtla-5.14.0-284.28.1.el9_2.ppc64le.rpm s390x: bpftool-7.0.0-284.28.1.el9_2.s390x.rpm bpftool-debuginfo-7.0.0-284.28.1.el9_2.s390x.rpm kernel-5.14.0-284.28.1.el9_2.s390x.rpm kernel-core-5.14.0-284.28.1.el9_2.s390x.rpm kernel-cross-headers-5.14.0-284.28.1.el9_2.s390x.rpm kernel-debug-5.14.0-284.28.1.el9_2.s390x.rpm kernel-debug-core-5.14.0-284.28.1.el9_2.s390x.rpm kernel-debug-debuginfo-5.14.0-284.28.1.el9_2.s390x.rpm kernel-debug-devel-5.14.0-284.28.1.el9_2.s390x.rpm kernel-debug-devel-matched-5.14.0-284.28.1.el9_2.s390x.rpm kernel-debug-modules-5.14.0-284.28.1.el9_2.s390x.rpm kernel-debug-modules-core-5.14.0-284.28.1.el9_2.s390x.rpm kernel-debug-modules-extra-5.14.0-284.28.1.el9_2.s390x.rpm kernel-debug-modules-internal-5.14.0-284.28.1.el9_2.s390x.rpm kernel-debug-modules-partner-5.14.0-284.28.1.el9_2.s390x.rpm kernel-debuginfo-5.14.0-284.28.1.el9_2.s390x.rpm kernel-debuginfo-common-s390x-5.14.0-284.28.1.el9_2.s390x.rpm kernel-devel-5.14.0-284.28.1.el9_2.s390x.rpm kernel-devel-matched-5.14.0-284.28.1.el9_2.s390x.rpm kernel-headers-5.14.0-284.28.1.el9_2.s390x.rpm kernel-modules-5.14.0-284.28.1.el9_2.s390x.rpm kernel-modules-core-5.14.0-284.28.1.el9_2.s390x.rpm kernel-modules-extra-5.14.0-284.28.1.el9_2.s390x.rpm kernel-modules-internal-5.14.0-284.28.1.el9_2.s390x.rpm kernel-modules-partner-5.14.0-284.28.1.el9_2.s390x.rpm kernel-selftests-internal-5.14.0-284.28.1.el9_2.s390x.rpm kernel-tools-5.14.0-284.28.1.el9_2.s390x.rpm kernel-tools-debuginfo-5.14.0-284.28.1.el9_2.s390x.rpm kernel-zfcpdump-5.14.0-284.28.1.el9_2.s390x.rpm kernel-zfcpdump-core-5.14.0-284.28.1.el9_2.s390x.rpm kernel-zfcpdump-debuginfo-5.14.0-284.28.1.el9_2.s390x.rpm kernel-zfcpdump-devel-5.14.0-284.28.1.el9_2.s390x.rpm kernel-zfcpdump-devel-matched-5.14.0-284.28.1.el9_2.s390x.rpm kernel-zfcpdump-modules-5.14.0-284.28.1.el9_2.s390x.rpm kernel-zfcpdump-modules-core-5.14.0-284.28.1.el9_2.s390x.rpm kernel-zfcpdump-modules-extra-5.14.0-284.28.1.el9_2.s390x.rpm kernel-zfcpdump-modules-internal-5.14.0-284.28.1.el9_2.s390x.rpm kernel-zfcpdump-modules-partner-5.14.0-284.28.1.el9_2.s390x.rpm openshift-clients-4.13.0-202308112024.p0.g17b7acc.assembly.stream.el9.s390x.rpm openshift-hyperkube-4.13.0-202308112024.p0.g0ef5eae.assembly.stream.el9.s390x.rpm perf-5.14.0-284.28.1.el9_2.s390x.rpm perf-debuginfo-5.14.0-284.28.1.el9_2.s390x.rpm python3-perf-5.14.0-284.28.1.el9_2.s390x.rpm python3-perf-debuginfo-5.14.0-284.28.1.el9_2.s390x.rpm rtla-5.14.0-284.28.1.el9_2.s390x.rpm x86_64: bpftool-7.0.0-284.28.1.el9_2.x86_64.rpm bpftool-debuginfo-7.0.0-284.28.1.el9_2.x86_64.rpm kernel-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-core-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-cross-headers-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-debug-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-debug-core-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-debug-debuginfo-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-debug-devel-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-debug-devel-matched-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-debug-modules-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-debug-modules-core-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-debug-modules-extra-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-debug-modules-internal-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-debug-modules-partner-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-debug-uki-virt-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-debuginfo-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-debuginfo-common-x86_64-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-devel-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-devel-matched-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-headers-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-ipaclones-internal-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-modules-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-modules-core-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-modules-extra-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-modules-internal-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-modules-partner-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-rt-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-core-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-debug-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-debug-core-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-debug-debuginfo-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-debug-devel-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-debug-devel-matched-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-debug-kvm-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-debug-modules-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-debug-modules-core-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-debug-modules-extra-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-debug-modules-internal-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-debug-modules-partner-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-debuginfo-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-debuginfo-common-x86_64-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-devel-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-devel-matched-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-kvm-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-modules-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-modules-core-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-modules-extra-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-modules-internal-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-modules-partner-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-rt-selftests-internal-5.14.0-284.28.1.rt14.313.el9_2.x86_64.rpm kernel-selftests-internal-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-tools-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-tools-debuginfo-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-tools-libs-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-tools-libs-devel-5.14.0-284.28.1.el9_2.x86_64.rpm kernel-uki-virt-5.14.0-284.28.1.el9_2.x86_64.rpm openshift-clients-4.13.0-202308112024.p0.g17b7acc.assembly.stream.el9.x86_64.rpm openshift-clients-redistributable-4.13.0-202308112024.p0.g17b7acc.assembly.stream.el9.x86_64.rpm openshift-hyperkube-4.13.0-202308112024.p0.g0ef5eae.assembly.stream.el9.x86_64.rpm perf-5.14.0-284.28.1.el9_2.x86_64.rpm perf-debuginfo-5.14.0-284.28.1.el9_2.x86_64.rpm python3-perf-5.14.0-284.28.1.el9_2.x86_64.rpm python3-perf-debuginfo-5.14.0-284.28.1.el9_2.x86_64.rpm rtla-5.14.0-284.28.1.el9_2.x86_64.rpm Ironic content for Red Hat OpenShift Container Platform4.13: Source: python-ironic-lib-5.4.1-0.20230410165532.b393f4c.el9.src.rpm python-oslo-messaging-14.1.0-0.20230308164807.9f710ce.el9.src.rpm noarch: python3-ironic-lib-5.4.1-0.20230410165532.b393f4c.el9.noarch.rpm python3-oslo-messaging-14.1.0-0.20230308164807.9f710ce.el9.noarch.rpm python3-oslo-messaging-tests-14.1.0-0.20230308164807.9f710ce.el9.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-27664 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJk7+QmAAoJENzjgjWX9erEQhIQAJ/bXer8PgJOPMCJVNVDgxO9 mqXbNHVtwVH9CvQXTMIDWDj+zXl08uo53DLAop4g8oUtv+J1vbtXD8joIjOaPELW GbqGguYfG0QpaUM+dZUZ8uYbFcN5NJHrYSYZQFM5KKjlEINRhYE6rFhua4dfH8MM sapxzNKGOvJOU/PsW8T5moZXB2GLWKDKFWrftiV64c8sMCGHiWp6vlKMpNWzx70j bEFiKTvs8WAlHtKSw/LtBsBAcjg5vdbD7cKKf9p9ioxw9Kzl60NmSxfHzcyK2SsY UCfXRJLjpxFH5pXIJgfPZtzC04FKdjaIZ38inXTMx1gHXaENmV5SHO9UTHQFQV4Q HLctv8Z1d88NMkdSvMKM47bUUjA0CO+JHB7QFgrhKz89Alx6vciNHVxDnY+Nk9cu nY1Z8z1LjahHEeJRxZEH2sogMg1qyUkXUOKTVWZmw41b0zU77CTWKUpaOVfVTqNJ jED7Yl//T6Rlmp6I45yKkgDvHwVicu0/h9+JdE1iLiW5YxaDG4hoTkD/gsQccH66 mtCGnAT87pHG1DmKTdE8kCjKV40pD33M4kxuUmslLxqFoHFDqZ9k4SirxXAG31LN lLSBuDOUUOfVOUY2QAUZQzY0dWancuW0Mf5WEK50Jv3RMGX57fhTYlVBYU6J+Pya JRO2bQ+uGbXYU+A0ybQG =jwyf -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Aug 31, 2023
Red Hat
98
security advisorymoderateupdateRed Hat OpenShift 4.13.8 RHSA-2023:4459-01 Moderate Security Advisory
Red Hat OpenShift Container Platform release 4.13.8 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.13.8 packages and security update Advisory ID: RHSA-2023:4459-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2023:4459 Issue date: 2023-08-08 CVE Names: CVE-2023-24539 CVE-2023-29400 ===================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.13.8 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenShift Container Platform 4.13 - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.8. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHSA-2023:4456 Security Fix(es): * golang: html/template: improper sanitization of CSS values (CVE-2023-24539) * golang: html/template: improper handling of empty HTML attributes (CVE-2023-29400) For more details about thesecurity issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/updating_clusters/updating-cluster-cli 4. Solution: For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes/ocp-4-13-release-notes 5. Bugs fixed (https://bugzilla.redhat.com/): 2196026 - CVE-2023-24539 golang: html/template: improper sanitization of CSS values 2196029 - CVE-2023-29400 golang: html/template: improper handling of empty HTML attributes 6. JIRA issues fixed (https://redhat.atlassian.net/jira/projects): OCPBUGS-17339 - Placeholder bug for OCP 4.13.0 rpm release 7. Package List: Red Hat OpenShift Container Platform4.13: Source: openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.src.rpm openshift-kuryr-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.src.rpm aarch64: openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.aarch64.rpm noarch: openshift-kuryr-cni-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm openshift-kuryr-common-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm openshift-kuryr-controller-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm python3-kuryr-kubernetes-4.13.0-202307191602.p0.g36754b7.assembly.stream.el8.noarch.rpm ppc64le: openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.ppc64le.rpm s390x: openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.s390x.rpm x86_64: openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.x86_64.rpm openshift-clients-redistributable-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el8.x86_64.rpm Red Hat OpenShift Container Platform4.13: Source: cri-tools-1.26.0-3.el9.src.rpm openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.src.rpm ovn23.06-23.06.0-51.el9fdp.src.rpm ovn23.09-23.09.0-alpha.78.el9fdp.src.rpm aarch64: cri-tools-1.26.0-3.el9.aarch64.rpm cri-tools-debuginfo-1.26.0-3.el9.aarch64.rpm cri-tools-debugsource-1.26.0-3.el9.aarch64.rpm openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.aarch64.rpm ovn23.06-23.06.0-51.el9fdp.aarch64.rpm ovn23.06-central-23.06.0-51.el9fdp.aarch64.rpm ovn23.06-central-debuginfo-23.06.0-51.el9fdp.aarch64.rpm ovn23.06-debuginfo-23.06.0-51.el9fdp.aarch64.rpm ovn23.06-debugsource-23.06.0-51.el9fdp.aarch64.rpm ovn23.06-host-23.06.0-51.el9fdp.aarch64.rpm ovn23.06-host-debuginfo-23.06.0-51.el9fdp.aarch64.rpm ovn23.06-vtep-23.06.0-51.el9fdp.aarch64.rpm ovn23.06-vtep-debuginfo-23.06.0-51.el9fdp.aarch64.rpm ovn23.09-23.09.0-alpha.78.el9fdp.aarch64.rpm ovn23.09-central-23.09.0-alpha.78.el9fdp.aarch64.rpm ovn23.09-central-debuginfo-23.09.0-alpha.78.el9fdp.aarch64.rpm ovn23.09-debuginfo-23.09.0-alpha.78.el9fdp.aarch64.rpm ovn23.09-debugsource-23.09.0-alpha.78.el9fdp.aarch64.rpm ovn23.09-host-23.09.0-alpha.78.el9fdp.aarch64.rpm ovn23.09-host-debuginfo-23.09.0-alpha.78.el9fdp.aarch64.rpm ovn23.09-vtep-23.09.0-alpha.78.el9fdp.aarch64.rpm ovn23.09-vtep-debuginfo-23.09.0-alpha.78.el9fdp.aarch64.rpm ppc64le: cri-tools-1.26.0-3.el9.ppc64le.rpm cri-tools-debuginfo-1.26.0-3.el9.ppc64le.rpm cri-tools-debugsource-1.26.0-3.el9.ppc64le.rpm openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.ppc64le.rpm ovn23.06-23.06.0-51.el9fdp.ppc64le.rpm ovn23.06-central-23.06.0-51.el9fdp.ppc64le.rpm ovn23.06-central-debuginfo-23.06.0-51.el9fdp.ppc64le.rpm ovn23.06-debuginfo-23.06.0-51.el9fdp.ppc64le.rpm ovn23.06-debugsource-23.06.0-51.el9fdp.ppc64le.rpm ovn23.06-host-23.06.0-51.el9fdp.ppc64le.rpm ovn23.06-host-debuginfo-23.06.0-51.el9fdp.ppc64le.rpm ovn23.06-vtep-23.06.0-51.el9fdp.ppc64le.rpm ovn23.06-vtep-debuginfo-23.06.0-51.el9fdp.ppc64le.rpm ovn23.09-23.09.0-alpha.78.el9fdp.ppc64le.rpm ovn23.09-central-23.09.0-alpha.78.el9fdp.ppc64le.rpm ovn23.09-central-debuginfo-23.09.0-alpha.78.el9fdp.ppc64le.rpm ovn23.09-debuginfo-23.09.0-alpha.78.el9fdp.ppc64le.rpm ovn23.09-debugsource-23.09.0-alpha.78.el9fdp.ppc64le.rpm ovn23.09-host-23.09.0-alpha.78.el9fdp.ppc64le.rpm ovn23.09-host-debuginfo-23.09.0-alpha.78.el9fdp.ppc64le.rpm ovn23.09-vtep-23.09.0-alpha.78.el9fdp.ppc64le.rpm ovn23.09-vtep-debuginfo-23.09.0-alpha.78.el9fdp.ppc64le.rpm s390x: cri-tools-1.26.0-3.el9.s390x.rpm cri-tools-debuginfo-1.26.0-3.el9.s390x.rpm cri-tools-debugsource-1.26.0-3.el9.s390x.rpm openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.s390x.rpm ovn23.06-23.06.0-51.el9fdp.s390x.rpm ovn23.06-central-23.06.0-51.el9fdp.s390x.rpm ovn23.06-central-debuginfo-23.06.0-51.el9fdp.s390x.rpm ovn23.06-debuginfo-23.06.0-51.el9fdp.s390x.rpm ovn23.06-debugsource-23.06.0-51.el9fdp.s390x.rpm ovn23.06-host-23.06.0-51.el9fdp.s390x.rpm ovn23.06-host-debuginfo-23.06.0-51.el9fdp.s390x.rpm ovn23.06-vtep-23.06.0-51.el9fdp.s390x.rpm ovn23.06-vtep-debuginfo-23.06.0-51.el9fdp.s390x.rpm ovn23.09-23.09.0-alpha.78.el9fdp.s390x.rpm ovn23.09-central-23.09.0-alpha.78.el9fdp.s390x.rpm ovn23.09-central-debuginfo-23.09.0-alpha.78.el9fdp.s390x.rpm ovn23.09-debuginfo-23.09.0-alpha.78.el9fdp.s390x.rpm ovn23.09-debugsource-23.09.0-alpha.78.el9fdp.s390x.rpm ovn23.09-host-23.09.0-alpha.78.el9fdp.s390x.rpm ovn23.09-host-debuginfo-23.09.0-alpha.78.el9fdp.s390x.rpm ovn23.09-vtep-23.09.0-alpha.78.el9fdp.s390x.rpm ovn23.09-vtep-debuginfo-23.09.0-alpha.78.el9fdp.s390x.rpm x86_64: cri-tools-1.26.0-3.el9.x86_64.rpm cri-tools-debuginfo-1.26.0-3.el9.x86_64.rpm cri-tools-debugsource-1.26.0-3.el9.x86_64.rpm openshift-clients-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.x86_64.rpm openshift-clients-redistributable-4.13.0-202307282024.p0.ge251b5e.assembly.stream.el9.x86_64.rpm ovn23.06-23.06.0-51.el9fdp.x86_64.rpm ovn23.06-central-23.06.0-51.el9fdp.x86_64.rpm ovn23.06-central-debuginfo-23.06.0-51.el9fdp.x86_64.rpm ovn23.06-debuginfo-23.06.0-51.el9fdp.x86_64.rpm ovn23.06-debugsource-23.06.0-51.el9fdp.x86_64.rpm ovn23.06-host-23.06.0-51.el9fdp.x86_64.rpm ovn23.06-host-debuginfo-23.06.0-51.el9fdp.x86_64.rpm ovn23.06-vtep-23.06.0-51.el9fdp.x86_64.rpm ovn23.06-vtep-debuginfo-23.06.0-51.el9fdp.x86_64.rpm ovn23.09-23.09.0-alpha.78.el9fdp.x86_64.rpm ovn23.09-central-23.09.0-alpha.78.el9fdp.x86_64.rpm ovn23.09-central-debuginfo-23.09.0-alpha.78.el9fdp.x86_64.rpm ovn23.09-debuginfo-23.09.0-alpha.78.el9fdp.x86_64.rpm ovn23.09-debugsource-23.09.0-alpha.78.el9fdp.x86_64.rpm ovn23.09-host-23.09.0-alpha.78.el9fdp.x86_64.rpm ovn23.09-host-debuginfo-23.09.0-alpha.78.el9fdp.x86_64.rpm ovn23.09-vtep-23.09.0-alpha.78.el9fdp.x86_64.rpm ovn23.09-vtep-debuginfo-23.09.0-alpha.78.el9fdp.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 8. References: https://access.redhat.com/security/cve/CVE-2023-24539 https://access.redhat.com/security/cve/CVE-2023-29400 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes/ocp-4-13-release-notes 9. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJk0k9cAAoJENzjgjWX9erEUfYQAJEKDZsj3nYSlaOPhGlKE+KI xrSkRbFlTUZreWGDvSmKtTDWIYVSaGkdWeNk+QXbzXm84/w1vxxd1xA7bPkLeNP6 IJNWefJWiSvvoIHD6oP32AfNC9EFwLpYOPofeluTR0gzX2biyxOrRnEOteVMmU4r +zy0pPVP0GppTvpsy2+CUc4cRI/pTbz7pQwqoIOiygIjqv2CSRIaOKvDvNKJRPsu j3H9n3/9FeG9P2J1yMg0bzUASjtWsd/OUuiSxbOd5UfsEHipq8xmi85YcZgHBrle 1psfI5PRpU2PTn4QyN+Au8nKzqOq5GfYlNFIn1SOA/IGMQSDmNJpQv69cQFdHqFe aLvAXkexyHk+IWQXlQFR+k74kJx10RZF4GJjEVb+CRD0LUmHwBgiaKL+jaFhQil0 qsW67qcQ/ppZc106i1VWyhfA9M8YodMbHvqfOwaAwWmKKr3Mq2Vmm7DJNXvKZ1+R eLKxga/KUH6nuck8HV4unHihgEOV9pP7dULzE79NydrCE94VH6X+ulu/7C6F2U7S 0FKj14rIsMTYU/WfVS1ePvwb4zCQ0Cdfne00lMwvH3DUmq2teLLOni9Ylodm7xH/ 89bLD3Q0yX31EeD7O2QJr030liPACZ6qZd0B6nD31ccZ/5ywbrj8Ilc+krbUldpS K+d4xQVu+Z3yMFFkZ2e4 =3naF -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Aug 08, 2023
Red Hat
98
security advisorymoderatesecurity updateRedHat: RHSA-2023-4310-01 Moderate: OpenShift 4.11.46 DoS Fix
Red Hat OpenShift Container Platform release 4.11.46 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.11.46 security update Advisory ID: RHSA-2023:4310-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2023:4310 Issue date: 2023-08-02 CVE Names: CVE-2021-38561 CVE-2022-4304 CVE-2023-0215 CVE-2023-0286 CVE-2023-2828 CVE-2023-24329 ===================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.11.46 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.46. See the following advisory for the RPM packages for this release: https://access.redhat.com/errata/RHSA-2023:4312 Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about thesechanges: https://docs.redhat.com/en/documentation/openshift_container_platform/4.11/html/release_notes/ocp-4-11-release-notes Security Fix(es): * golang: out-of-bounds read in golang.org/x/text/language leads to DoS (CVE-2021-38561) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. All OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.11/html/updating_clusters/updating-cluster-cli 3. Solution: For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.redhat.com/en/documentation/openshift_container_platform/4.11/html/release_notes/ocp-4-11-release-notes You can download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests can be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags. The sha values for the release are: (For x86_64 architecture) The image digest is sha256:88583eeaddcda4fbfdcf21f4dad86b01ff09bb010357c51f08fb24eb07fdb602 (For s390x architecture) The image digest is sha256:9626db69fc59699669497c95e67d8d3ae66d2374d9949ca7031bb25fa9ac188c (For ppc64le architecture) The image digest is sha256:10b9e45b7bd97eca6f4ae7b0ed3deac843d6c1474152a40206be851363eb56e8 (For aarch64 architecture) The image digest is sha256:37433b71c073c6cbfc8173ec7ab2d99032c8e6d6fe29de06e062d85e33e34531 All OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages andimages when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.redhat.com/en/documentation/openshift_container_platform/4.11/html/updating_clusters/updating-cluster-cli 4. Bugs fixed (https://bugzilla.redhat.com/): 2100495 - CVE-2021-38561 golang: out-of-bounds read in golang.org/x/text/language leads to DoS 5. JIRA issues fixed (https://redhat.atlassian.net/jira/projects): OCPBUGS-15506 - [release-4.11] gather podDisruptionBudget only from openshift namespaces OCPBUGS-15539 - IngressVIP getting attach to two nodes at once OCPBUGS-15876 - 4.11 ovn-k unit tests failing OCPBUGS-16037 - TuneD reverts node level profiles on termination OCPBUGS-16126 - Redhat-operators are failing regularly due to startup probe timing out which in turn increases CPU/Mem usage on Master nodes OCPBUGS-16152 - Placeholder bug for OCP 4.11.0 extras release OCPBUGS-5708 - Bootstraps' pivot service races with bootkube 6. References: https://access.redhat.com/security/cve/CVE-2021-38561 https://access.redhat.com/security/cve/CVE-2022-4304 https://access.redhat.com/security/cve/CVE-2023-0215 https://access.redhat.com/security/cve/CVE-2023-0286 https://access.redhat.com/security/cve/CVE-2023-2828 https://access.redhat.com/security/cve/CVE-2023-24329 https://access.redhat.com/security/updates/classification/#moderate 7. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJkyb3nAAoJENzjgjWX9erEjCMQAKfdfW6FdwjH/Fk+eipVjRmg U/JxPlmwI4G/6MNDjDZNv8D0NyyTRi3Gc0spRh6CmEJpDUT3HNR3LbY0IaRDMrzq bUjVegFYxFbmjlrcIprEPp4RuUDV9G4POrX5gIuq+v1P/qOE6IWL9L3tRnVLxZsT DGXFIajpwbVoXf9mgMkv3kEWHDDN1t+Tt2/w2yYMzqPeHppovByZgF2/jczsQZYT QpKSSTm1rLuVr9aFX2dObxbiOQ0eKf+58GibhZRn/lFXpD9kMoV5v6iMwY6kyO70 umyCRD8ZG/OiY3WsXiiYBFPB/LofRwQGqlIPibIKFcVFzLEvMG8BCBbz60owHmuY DMEdg4atBFMjf+dSPFWeOL+dewHuH2mysE0ve3N5wE65Z0m28sZJS7/CYmsNEqQw NuZyI75Sb6mQMbyR+BZ7HhX6F0cxezFS66QB10OHnNFamAkz/GU+/GhPc/qpJE+z KMLrDsxl8KzirGbD7Vkg/bggAZEbyPuwsLlxLY18aPVLj7q7EI3RZYnQegA7weCM FXCG/DifAt9Q/HF2xiMd9rWKEFxXu19jKl4M5pePwmD+aCuTcpxnJDGTnilUW/cA SEHKW8/UuzWWGROf5D1bHKMkIP6Bl9SuZTPBhBSosenx1j63mCSP8pscpVelQYPd AgASZ/NNiQj1zg2kBgug =rThL -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Aug 02, 2023
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!