- Vulnerability/
- RHSA-2021:4582
RHSA-2021:4582: Moderate: Release of components for Service Telemetry Framework 1.3.3 - Container Images
First published: Wed Nov 10 2021(Updated: )
Service Telemetry Framework (STF) provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform (OCP) deployment for storage, retrieval, and monitoring.<br>Security fixes:<br><li> golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)</li> For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug fixes:<br><li> STF 1.3.3 now supports OpenShift Container Platform 4.8 as an installation platform. (BZ#2013268)</li> <li> With this update, the servicetelemetrys.infra.watch CRD has a validation that limits the clouds[].name to 10 characters and alphanumeric to avoid issues with extra characters in the cloud name and names being too long. (BZ#2011603)</li> <li> Previously, when you installed STF without having Elastic Cloud on Kubernetes (ECK) Operator installed, the following error message was returned: "Failed to find exact match for elasticsearch.k8s.elastic.co/v1beta1.Elasticsearch". The error was as a result of Service Telemetry Operator trying to look up information from a non-existent API interface.</li> With this update, the Service Telemetry Operator verifies that the API exists before it attempts to make requests to the API interface that is provided by ECK. (BZ#1959166)
| Affected Software | Affected Version | How to fix |
|---|
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=1959166
- https://bugzilla.redhat.com/show_bug.cgi?id=1983596
- https://bugzilla.redhat.com/show_bug.cgi?id=2011603
- https://bugzilla.redhat.com/show_bug.cgi?id=2013268
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/errata/RHSA-2021:4582 (Advisory)
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2021:4582
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type