logo
DATABASE RESOURCES PRICING ABOUT US

(RHSA-2021:0146) Moderate: Release of OpenShift Serverless 1.12.0

Description

Red Hat OpenShift Serverless 1.12.0 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.6, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section. Security Fix(es): * golang: default Content-Type setting in net/http/cgi and net/http/fcgi could cause XSS (CVE-2020-24553) * golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362) * golang: malicious symbol names can lead to code execution at build time (CVE-2020-28366) * golang: improper validation of cgo flags can lead to code execution at build time (CVE-2020-28367) For more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.


Related