The etcd package distributed with the Red Hat OpenStack platform has an
incomplete fix for CVE-2021-44716. This issue occurs because the etcd
package in the Red Hat OpenStack platform is using
http://golang.org/x/net/http2 instead of the one provided by Red Hat
Enterprise Linux versions, meaning it should be updated at compile time
instead.
Author | Note |
---|---|
rodrigo-zaiden | only affects etcd as distributed in RH OpenStack. |