what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Red Hat Security Advisory 2023-0770-01

Red Hat Security Advisory 2023-0770-01
Posted Feb 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0770-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-4238, CVE-2022-47629
SHA-256 | c3e40f0771fd536a891030f38aaf210fe65615877100041c754fe9ab42a9f593

Red Hat Security Advisory 2023-0770-01

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Important: OpenShift Container Platform 4.12.4 security update
Advisory ID: RHSA-2023:0770-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2023:0770
Issue date: 2023-02-20
CVE Names: CVE-2021-4238 CVE-2022-47629
====================================================================
1. Summary:

Red Hat OpenShift Container Platform release 4.12.4 is now available with
updates to packages and images that fix several bugs and add enhancements.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Description:

Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):

* goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as
random as they should be (CVE-2021-4238)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

3. Solution:

For OpenShift Container Platform 4.12 see the following documentation,
which will be updated shortly for this release, for important instructions
on how to upgrade your cluster and fully apply this asynchronous errata
update:

https://docs.openshift.com/container-platform/4.12/release_notes/ocp-4-12-release-notes.html

4. Bugs fixed (https://bugzilla.redhat.com/):

2156729 - CVE-2021-4238 goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be

5. References:

https://access.redhat.com/security/cve/CVE-2021-4238
https://access.redhat.com/security/cve/CVE-2022-47629
https://access.redhat.com/security/updates/classification/#important

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBY/QQQdzjgjWX9erEAQhx7A/+Om8qxgt2nYsZ4Hfc/WgMO2df0gBag9Tv
mBiI8H+j7tSNuc0jXZJ9R6btZmUwJ4fqarqmIDXB0riH18e9g76MFlolwo98pKm3
EfpG0f5ZR6HiUigTCKvO+3SZTj1Uplr0u1BgTTGvWxAEOda/W6X0Rw+qt1AFCKyf
3np7KAnr863NY3BkOWjsyuvmrZ2Q2/71fJhCAVGy3mJfu5cIImi0XKW30FCnBrD9
iengjyA/gbvu8MI6Bdc3vEdVC0+ULYf4/MBh8lIbQw+Lt5UkNB1PMeg0ydQCZHeO
Ds68YdvJ+Tc0oVcAH7eyl35S+jck9pQ34IRJL0rGr5nkhARwB+/DfUXwAOY4EZaC
Tj4PbISBYiRXdaSA1W6vA/0wsXiGlHLb1ppwQEolg9uYTQHPzJAvsGSNhcW3p12n
gXvdesY7EdtjHu0n6epYuZVrwBPxDc94WvCMhPcXa35u6uoa67ytFl77hGIOql6X
D03kuQ0wRcm/Dr9ZBiSbUUGEaPTeY5R8bGqmBvhRFMZGER0xFit7439USqxm0ad1
X31JsfZxce55bu52f1VaWA+cKo3LQi8hyl/gwaP92WnIgKLDAwl/6/iB0nQji1TM
GEdilXvkcb+9cu5PQ10p4pZmcM28GKG2YbojZrqL1Glb2/hP1mmoRJlZ3vjpKJ57
yL9oD12OfZU=iZUS
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close