- Vulnerability/
- RHSA-2023:0709
RHSA-2023:0709: Moderate: Release of OpenShift Serverless 1.27.0
First published: Thu Feb 09 2023(Updated: )
Version 1.27.0 of the OpenShift Serverless Operator is supported on Red Hat<br>OpenShift Container Platform versions 4.8, 4.9, 4.10, 4.11 and 4.12. <br>This release includes security and bug fixes, and enhancements.<br><li> golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)</li> <li> golang: net/<a href="http:" target="_blank">http:</a> handle server errors after sending GOAWAY (CVE-2022-27664)</li> <li> golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)</li> <li> golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)</li> For more details about the security issues, including the impact; a CVSS score;<br>acknowledgments; and other related information refer to the CVE pages linked in the References section.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat OpenShift Serverless Operator | ||
| Red Hat OpenShift Container Platform for IBM LinuxONE | >=4.8<=4.12 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=2124669
- https://bugzilla.redhat.com/show_bug.cgi?id=2132867
- https://bugzilla.redhat.com/show_bug.cgi?id=2132868
- https://bugzilla.redhat.com/show_bug.cgi?id=2132872
- https://bugzilla.redhat.com/show_bug.cgi?id=2154755
- https://bugzilla.redhat.com/show_bug.cgi?id=2154757
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index
- https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index
- https://access.redhat.com/documentation/en-us/openshift_container_platform/4.10/html/serverless/index
- https://access.redhat.com/documentation/en-us/openshift_container_platform/4.11/html/serverless/index
- https://access.redhat.com/documentation/en-us/openshift_container_platform/4.12/html/serverless/index
- https://access.redhat.com/errata/RHSA-2023:0709 (Advisory)
Frequently Asked Questions
What is the severity of RHSA-2023:0709?
The severity of RHSA-2023:0709 relates to security and bug fixes in the OpenShift Serverless Operator.
How do I fix RHSA-2023:0709?
To fix RHSA-2023:0709, you should update to version 1.27.0 of the OpenShift Serverless Operator.
Which versions of OpenShift Container Platform are affected by RHSA-2023:0709?
RHSA-2023:0709 affects Red Hat OpenShift Container Platform versions 4.8, 4.9, 4.10, 4.11, and 4.12.
What enhancements are included in RHSA-2023:0709?
RHSA-2023:0709 includes enhancements and improvements alongside the security fixes.
Is version 1.27.0 of the OpenShift Serverless Operator supported?
Yes, version 1.27.0 of the OpenShift Serverless Operator is supported on the specified OpenShift Container Platform versions.
- agent/severity
- agent/event
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2023:0709
- agent/remedy
- agent/title
- agent/references
- agent/description
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/red hat
- canonical/red hat openshift serverless operator
- canonical/red hat openshift container platform for ibm linuxone