(RHSA-2024:3479) Important: Red Hat OpenStack Platform 16.2 director Operator container images security update

Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud running on commonly available physical hardware.

The Red Hat OpenStack Platform (RHOSP) director Operator adds the ability to install and run a RHOSP cloud within OpenShift Container Platform (OCP).

Security Fix(es):

• golang: net/http/internal: Denial of Service (DoS) via Resource Consumption
  via HTTP requests (CVE-2023-39326)

• golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)

• golang: x/crypto/ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)

• goproxy: Denial of service (DoS) via unspecified vectors (CVE-2023-37788)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.