(RHSA-2020:2863) Important: Red Hat OpenShift Service Mesh 1.0 servicemesh-prometheus security update

2020-07-07T23:20:43
ID RHSA-2020:2863
Type redhat
Reporter RedHat
Modified 2020-07-07T23:26:46

Description

Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.

Security Fix(es):

  • kubernetes: YAML parsing vulnerable to "Billion Laughs" attack, allowing for remote denial of service (CVE-2019-11253)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.