What is the severity of RHSA-2020:5119?

The severity of RHSA-2020:5119 is classified as important due to potential Denial of Service (DoS) vulnerabilities.

How do I fix RHSA-2020:5119?

To fix RHSA-2020:5119, you should upgrade to the appropriate packages listed in the advisory, such as cri-o version 1.18.4-4.rhaos4.5.git6dee389.el8.

What vulnerabilities are addressed in RHSA-2020:5119?

RHSA-2020:5119 addresses vulnerabilities related to data races in net/http servers and ReverseProxy implementations.

Which OpenShift versions are affected by RHSA-2020:5119?

OpenShift versions prior to 4.5.0-202011131403.p0.git.0.d153f8f.el8 are affected by RHSA-2020:5119.

Is RHSA-2020:5119 relevant for containerized applications?

Yes, RHSA-2020:5119 is particularly relevant for containerized applications using Red Hat OpenShift and CRI-O.

Vulnerability/
RHSA-2020:5119

24/11/2020

RHSA-2020:5119: Moderate: OpenShift Container Platform 4.5.20 packages and golang security update

First published: Tue Nov 24 2020(Updated: )

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.<br>Security Fix(es):<br><li> golang: Data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)</li> <li> golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.5.20. See the following advisory for the container images for this release:<br><a href="https://access.redhat.com/errata/RHSA-2020:5118" target="_blank">https://access.redhat.com/errata/RHSA-2020:5118</a> All OpenShift Container Platform 4.5 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at <a href="https://docs.openshift.com/container-platform/4." target="_blank">https://docs.openshift.com/container-platform/4.</a>[y]/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2020:5119?
The severity of RHSA-2020:5119 is classified as important due to potential Denial of Service (DoS) vulnerabilities.
How do I fix RHSA-2020:5119?
To fix RHSA-2020:5119, you should upgrade to the appropriate packages listed in the advisory, such as cri-o version 1.18.4-4.rhaos4.5.git6dee389.el8.
What vulnerabilities are addressed in RHSA-2020:5119?
RHSA-2020:5119 addresses vulnerabilities related to data races in net/http servers and ReverseProxy implementations.
Which OpenShift versions are affected by RHSA-2020:5119?
OpenShift versions prior to 4.5.0-202011131403.p0.git.0.d153f8f.el8 are affected by RHSA-2020:5119.
Is RHSA-2020:5119 relevant for containerized applications?
Yes, RHSA-2020:5119 is particularly relevant for containerized applications using Red Hat OpenShift and CRI-O.

agent/severity
agent/type
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/title
agent/references
agent/remedy
agent/description
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2020:5119
agent/software-canonical-lookup
agent/event
agent/trending
agent/tags
agent/source
package-manager/redhat