(RHSA-2023:6145) Important: Multicluster Engine for Kubernetes 2.2.9 security updates and bug fixes

Multicluster Engine for Kubernetes 2.2.9 images

Multicluster engine for Kubernetes provides the foundational components
that are necessary for the centralized management of multiple
Kubernetes-based clusters across data centers, public clouds, and private
clouds.

You can use the engine to create new Red Hat OpenShift Container Platform
clusters or to bring existing Kubernetes-based clusters under management by
importing them. After the clusters are managed, you can use the APIs that
are provided by the engine to distribute configuration based on placement
policy.

Security fix(es):
CVE-2023-44487 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack
CVE-2023-39325 golang: net/http, x/net/http2: rapid stream resets can cause excessive work
CVE-2023-39321 golang: crypto/tls: panic when processing post-handshake message on QUIC connections
CVE-2023-39319 golang: html/template: improper handling of special tags within script contexts
CVE-2023-39318 golang: html/template: improper handling of HTML-like comments within script contexts
CVE-2023-39322 golang: crypto/tls: lack of a limit on buffered post-handshake