Lucene search

K
redhatRedHatRHSA-2024:2730
HistoryMay 22, 2024 - 8:32 p.m.

(RHSA-2024:2730) Important: Red Hat OpenStack Platform 17.1 (collectd-sensubility) security update

2024-05-2220:32:22
access.redhat.com
2
red hat openstack
security update
collectd
amqp-1.0
cve-2024-1394
cve-2023-39326
cve-2023-45287
sensu-based monitoring

7.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

30.7%

This project aims to provide the possibility to switch from Sensu-based
availability monitoring solution to a monitoring solution based on collectd
with AMQP-1.0 messaging bus.

Security Fix(es):

  • golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394)

  • net/http/internal: Denial of Service (DoS) via Resource Consumption via
    HTTP requests (CVE-2023-39326)

  • crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges.
    (CVE-2023-45287)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.