(RHSA-2020:0477) Important: Red Hat OpenShift Service Mesh 1.0.7 servicemesh-proxy security update

2020-02-12T00:00:14
ID RHSA-2020:0477
Type redhat
Reporter RedHat
Modified 2020-02-12T00:07:55

Description

Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.

This advisory covers the RPM packages for the OpenShift Service Mesh 1.0.7 release.

Security Fix(es):

  • istio: unauthorised access to JWT protected HTTP path (CVE-2020-8595)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.