First published: Mon Oct 14 2019(Updated: )
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.<br>This advisory covers the RPM packages for the OpenShift Service Mesh 1.0.1 release.<br>Security Fix(es):<br><li> HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511)</li> <li> HTTP/2: flood using PRIORITY frames results in excessive resource consumption (CVE-2019-9513)</li> For more details about the security issue(s), including the impact, a CVSS<br>score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/servicemesh | <1.0.1-8.el8 | 1.0.1-8.el8 |
redhat/servicemesh-cni | <1.0.1-8.el8 | 1.0.1-8.el8 |
redhat/servicemesh-grafana | <6.2.2-21.el8 | 6.2.2-21.el8 |
redhat/servicemesh-operator | <1.0.1-8.el8 | 1.0.1-8.el8 |
redhat/servicemesh-prometheus | <2.7.2-22.el8 | 2.7.2-22.el8 |
redhat/servicemesh-proxy | <1.0.1-7.el8 | 1.0.1-7.el8 |
redhat/servicemesh | <1.0.1-8.el8 | 1.0.1-8.el8 |
redhat/servicemesh-citadel | <1.0.1-8.el8 | 1.0.1-8.el8 |
redhat/servicemesh-cni | <1.0.1-8.el8 | 1.0.1-8.el8 |
redhat/servicemesh-galley | <1.0.1-8.el8 | 1.0.1-8.el8 |
redhat/servicemesh-grafana | <6.2.2-21.el8 | 6.2.2-21.el8 |
redhat/servicemesh-grafana-prometheus | <6.2.2-21.el8 | 6.2.2-21.el8 |
redhat/servicemesh-istioctl | <1.0.1-8.el8 | 1.0.1-8.el8 |
redhat/servicemesh-mixc | <1.0.1-8.el8 | 1.0.1-8.el8 |
redhat/servicemesh-mixs | <1.0.1-8.el8 | 1.0.1-8.el8 |
redhat/servicemesh-operator | <1.0.1-8.el8 | 1.0.1-8.el8 |
redhat/servicemesh-pilot-agent | <1.0.1-8.el8 | 1.0.1-8.el8 |
redhat/servicemesh-pilot-discovery | <1.0.1-8.el8 | 1.0.1-8.el8 |
redhat/servicemesh-prometheus | <2.7.2-22.el8 | 2.7.2-22.el8 |
redhat/servicemesh-proxy | <1.0.1-7.el8 | 1.0.1-7.el8 |
redhat/servicemesh-sidecar-injector | <1.0.1-8.el8 | 1.0.1-8.el8 |
redhat/kiali-v1.0.6.redhat1 | <1.el7 | 1.el7 |
redhat/kiali-v1.0.6.redhat1 | <1.el7 | 1.el7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.