logo
DATABASE RESOURCES PRICING ABOUT US

(RHSA-2021:3229) Moderate: Red Hat OpenShift Jaeger 1.20.5 security update

Description

Red Hat OpenShift Jaeger is Red Hat's distribution of the Jaeger project, tailored for installation into an on-premise OpenShift Container Platform installation. Security Fix(es): * golang: net: lookup functions may return invalid host names (CVE-2021-33195) * golang: archive/zip: Malformed archive may cause panic or memory exhaustion (CVE-2021-33196) * golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197) * golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198) * golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.


Related