- Vulnerability/
- RHSA-2021:2705
RHSA-2021:2705: Moderate: Release of OpenShift Serverless 1.16.0
First published: Tue Jul 13 2021(Updated: )
Red Hat OpenShift Serverless 1.16.0 release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6 and 4.7, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section.<br>Security Fix(es):<br><li> golang: encoding/xml: infinite loop when using xml.NewTokenDecoder with a custom TokenReader (CVE-2021-27918)</li> <li> golang: net/<a href="http:" target="_blank">http:</a> panic in ReadRequest and ReadResponse when reading a very large header (CVE-2021-31525)</li> <li> golang: archive/zip: malformed archive may cause panic or memory exhaustion (CVE-2021-33196)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat OpenShift Serverless | ||
| Red Hat OpenShift Container Platform for IBM LinuxONE | >=4.6<=4.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=1937901
- https://bugzilla.redhat.com/show_bug.cgi?id=1958341
- https://bugzilla.redhat.com/show_bug.cgi?id=1965503
- https://bugzilla.redhat.com/show_bug.cgi?id=1971445
- https://bugzilla.redhat.com/show_bug.cgi?id=1971448
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index
- https://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index
- https://access.redhat.com/errata/RHSA-2021:2705 (Advisory)
Frequently Asked Questions
What is the severity of RHSA-2021:2705?
The severity of RHSA-2021:2705 is classified as important due to security vulnerabilities that require attention.
How do I fix RHSA-2021:2705?
To fix RHSA-2021:2705, update to the latest version of OpenShift Serverless Operator as recommended in the security advisory.
What versions of OpenShift are affected by RHSA-2021:2705?
RHSA-2021:2705 affects Red Hat OpenShift Container Platform versions 4.6 and 4.7.
What improvements are included in RHSA-2021:2705?
RHSA-2021:2705 includes security fixes, bug fixes, and enhancements for the OpenShift Serverless Operator.
Where can I find more information about RHSA-2021:2705?
Additional information about RHSA-2021:2705 can be found in the Red Hat security advisory.
- agent/severity
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2021:2705
- agent/trending
- agent/references
- agent/remedy
- agent/title
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/red hat
- canonical/red hat openshift serverless
- canonical/red hat openshift container platform for ibm linuxone