First published: Wed Nov 15 2023(Updated: )
Red Hat build of MicroShift is Red Hat's light-weight Kubernetes<br>orchestration solution designed for edge device deployments and is built<br>from the edge capabilities of Red Hat OpenShift. MicroShift is an<br>application that is deployed on top of Red Hat Enterprise Linux devices at<br>the edge, providing an efficient way to operate single-node clusters in<br>these low-resource environments.<br>This advisory contains the RPM packages for Red Hat build of MicroShift<br>4.14.2. Read the following advisory for the container images for this<br>release:<br><a href="https://access.redhat.com/errata/RHSA-2023:6837" target="_blank">https://access.redhat.com/errata/RHSA-2023:6837</a> All of the bug fixes may not be documented in this advisory. Read the<br>following release notes documentation for details about these changes:<br><a href="https://access.redhat.com/documentation/en-us/red_hat_build_of_microshift/4.14/html/release_notes/index" target="_blank">https://access.redhat.com/documentation/en-us/red_hat_build_of_microshift/4.14/html/release_notes/index</a> Security Fix(es):<br><li> golang: net/http, x/net/http2: rapid stream resets can cause excessive</li> work (CVE-2023-44487) (CVE-2023-39325)<br><li> HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS</li> attack (Rapid Reset Attack) (CVE-2023-44487)<br>For more details about the security issue(s), including the impact, a CVSS<br>score, acknowledgments, and other related information, refer to the CVE<br>page(s)<br>listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/microshift | <4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9 | 4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9 |
redhat/microshift | <4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9 | 4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9 |
redhat/microshift-greenboot | <4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9 | 4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9 |
redhat/microshift-networking | <4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9 | 4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9 |
redhat/microshift-release-info | <4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9 | 4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9 |
redhat/microshift-selinux | <4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9 | 4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9 |
redhat/microshift | <4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9.aa | 4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9.aa |
redhat/microshift-networking | <4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9.aa | 4.14.2-202311091609.p0.gd80d6de.assembly.4.14.2.el9.aa |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.