Lucene search

K
redhatRedHatRHSA-2022:2183
HistoryMay 11, 2022 - 11:27 a.m.

(RHSA-2022:2183) Moderate: Release of containers for OSP 16.2.z director operator tech preview

2022-05-1111:27:13
access.redhat.com
37

0.019 Low

EPSS

Percentile

88.5%

Release osp-director-operator images

Security Fix(es):

  • golang: kubernetes: YAML parsing vulnerable to β€œBillion Laughs” attack, allowing for remote (CVE-2019-11253)
  • golang: golang-github-miekg-dns: predictable TXID can lead to response forgeries (CVE-2019-19794)
  • golang: containerd: unrestricted access to abstract Unix domain socket can lead to privileges (CVE-2020-15257)
  • golang: ulikunitz/xz: Infinite loop in readUvarint allows for denial of service (CVE-2021-29482)
  • golang: containerd: pulling and extracting crafted container image may result in Unix file permission changes (CVE-2021-32760)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.