- Vulnerability/
- RHSA-2022:6370
RHSA-2022:6370: Moderate: Red Hat Advanced Cluster Management 2.6.0 security updates and bug fixes
First published: Tue Sep 06 2022(Updated: )
Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images<br>Red Hat Advanced Cluster Management for Kubernetes provides the<br>capabilities to address common challenges that administrators and site<br>reliability engineers face as they work across a range of public and<br>private cloud environments. Clusters and applications are all visible and<br>managed from a single console—with security policy built in.<br>This advisory contains the container images for Red Hat Advanced Cluster<br>Management for Kubernetes, which fix security issues and several bugs. See the following Release Notes documentation, which will be updated shortly for this<br>release, for additional details about this release:<br><a href="https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/release_notes/" target="_blank">https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/release_notes/</a> Security fixes: <br><li> CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS</li> <li> CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add</li> <li> CVE-2022-1705 golang: net/<a href="http:" target="_blank">http:</a> improper sanitization of Transfer-Encoding header</li> <li> CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions</li> <li> CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip</li> <li> CVE-2022-30630 golang: io/fs: stack exhaustion in Glob</li> <li> CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read</li> <li> CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob</li> <li> CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal</li> <li> CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode</li> <li> CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working</li> Bug fixes:<br><li> assisted-service repo pin-latest.py script should allow custom tags to be pinned (BZ# 2065661)</li> <li> assisted-service-build image is too big in size (BZ# 2066059)</li> <li> assisted-service pin-latest.py script should exclude the postgres image (BZ# 2076901)</li> <li> PXE artifacts need to be served via HTTP (BZ# 2078531)</li> <li> Implementing new service-agent protocol on agent side (BZ# 2081281)</li> <li> RHACM 2.6.0 images (BZ# 2090906)</li> <li> Assisted service POD keeps crashing after a bare metal host is created (BZ# 2093503)</li> <li> Assisted service triggers the worker nodes re-provisioning on the hub cluster when the converged flow is enabled (BZ# 2096106)</li> <li> Fix assisted CI jobs that fail for cluster-info readiness (BZ# 2097696)</li> <li> Nodes are required to have installation disks of at least 120GB instead of at minimum of 100GB (BZ# 2099277)</li> <li> The pre-selected search keyword is not readable (BZ# 2107736)</li> <li> The value of label expressions in the new placement for policy and policysets cannot be shown real-time from UI (BZ# 2111843)</li>
| Affected Software | Affected Version | How to fix |
|---|
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/severity
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/title
- agent/references
- agent/tags
- agent/description
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2022:6370