what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Red Hat Security Advisory 2021-4910-03

Red Hat Security Advisory 2021-4910-03
Posted Dec 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4910-03 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.8.3 RPMs.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-29923
SHA-256 | 407aa3440f785d4102a619c11854ed17818472f50c38d3d98dffdd74b34d9a94
Download | Favorite | View

Red Hat Security Advisory 2021-4910-03

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: OpenShift Virtualization 4.8.3 RPMs security and bug fix update
Advisory ID:       RHSA-2021:4910-01
Product:           cnv
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:4910
Issue date:        2021-12-02
CVE Names:         CVE-2021-29923 
=====================================================================

1. Summary:

Red Hat OpenShift Virtualization release 4.8.3 is now available with
updates to packages and images that fix several bugs and add enhancements.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

CNV 4.8 for RHEL 7 - x86_64
CNV 4.8 for RHEL 8 - x86_64

3. Description:

OpenShift Virtualization is Red Hat's virtualization solution designed for
Red Hat OpenShift Container Platform.

This advisory contains OpenShift Virtualization 4.8.3 RPMs.

Security Fix(es):

* golang: net: incorrect parsing of extraneous zero characters at the
beginning of an IP address octet (CVE-2021-29923)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1992006 - CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet
2007344 - 4.8.3 rpms

6. Package List:

CNV 4.8 for RHEL 7:

Source:
kubevirt-4.8.3-251.el7.src.rpm

x86_64:
kubevirt-virtctl-4.8.3-251.el7.x86_64.rpm
kubevirt-virtctl-redistributable-4.8.3-251.el7.x86_64.rpm

CNV 4.8 for RHEL 8:

Source:
kubevirt-4.8.3-251.el8.src.rpm

x86_64:
kubevirt-virtctl-4.8.3-251.el8.x86_64.rpm
kubevirt-virtctl-redistributable-4.8.3-251.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-29923
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYakvxtzjgjWX9erEAQjwFA//f0JAO1usj/GNtib6b+YbZplnXWU0fJDX
7fFRY65H9x7CIuWIwbMaGmCGEVpmJ5XbrY8m34SfC242ygCZVbxz6sA8xHLP9jFg
A8viTigoFXZQf7H5rvYO3M7x8mrmTBO+j180lZO247eMA6IpDLwl/f+y6oZJWRpQ
7UJ0Ix1c0Hh46/Vh7oIrWDhU9qmgVRQ79vQfWezG4voK2lLwJxzgwbmm7BRIKVCP
xgYYZw4p08ALfJ1qImyqMjgt1ACMDpuVdEeLThahnr7Qv2q4YpSnwTDOEuwB1AZN
dNcY1mWIvqYeq6Wcm/RgXHLY4Mzws+j0znfwlGS6spJXfV1fOnTk380yJF7H0NwY
WtCiOZJLgD177p9lqwGQcHzRa7KOuHknBtakeJRH5exAd6LEQcF+KCPXRlh1blwt
abnTS9XillJv9Fex2ZUGFnPajFeHmsIHWNpxMZ0N5ZXvzxtNGAmKBdPdg6r7vMGx
MFLHZlETeFjuJXwDhSiDOgFc2lDTlD26iWygzJIkPPgCsIkodhkNy2kozVXeRuNv
C/gBU/DyBYb2HPxGenxw3PvIuMufdXnIdRqRYKjaxtDej6gOnuXWw28gvx7lK8GA
ntcxZIcSK6tGOi9O8597p5mYi6u3B3ZslnzExsvkq7AY0avT/JhuMC0PsdtcBt7l
iVpFRGP7LQo=
=4YIp
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    23 Files
  • 25
    Apr 25th
    16 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close