what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Red Hat Security Advisory 2023-4893-01

Red Hat Security Advisory 2023-4893-01
Posted Aug 31, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4893-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2020-24736, CVE-2022-48281, CVE-2023-1667, CVE-2023-2283, CVE-2023-24532, CVE-2023-26604, CVE-2023-2828, CVE-2023-34969, CVE-2023-38408
SHA-256 | f11e31090cc28a228765523fb483ea854fa2ab2b6954f304533ceb4fbfabf6fb

Red Hat Security Advisory 2023-4893-01

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: Migration Toolkit for Containers (MTC) 1.7.12 security and bug fix update
Advisory ID: RHSA-2023:4892-01
Product: Red Hat Migration Toolkit
Advisory URL: https://access.redhat.com/errata/RHSA-2023:4892
Issue date: 2023-08-31
CVE Names: CVE-2020-24736 CVE-2022-48281 CVE-2023-1667
CVE-2023-2283 CVE-2023-2828 CVE-2023-24532
CVE-2023-26604 CVE-2023-34969 CVE-2023-38408
=====================================================================

1. Summary:

The Migration Toolkit for Containers (MTC) 1.7.12 is now available.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Description:

The Migration Toolkit for Containers (MTC) enables you to migrate
Kubernetes resources, persistent volume data, and internal container images
between OpenShift Container Platform clusters, using the MTC web console or
the Kubernetes API.

Security Fix(es):

* golang: crypto/internal/nistec: specific unreduced P-256 scalars produce
incorrect results (CVE-2023-24532)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

3. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2223355 - CVE-2023-24532 golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results

5. References:

https://access.redhat.com/security/cve/CVE-2020-24736
https://access.redhat.com/security/cve/CVE-2022-48281
https://access.redhat.com/security/cve/CVE-2023-1667
https://access.redhat.com/security/cve/CVE-2023-2283
https://access.redhat.com/security/cve/CVE-2023-2828
https://access.redhat.com/security/cve/CVE-2023-24532
https://access.redhat.com/security/cve/CVE-2023-26604
https://access.redhat.com/security/cve/CVE-2023-34969
https://access.redhat.com/security/cve/CVE-2023-38408
https://access.redhat.com/security/updates/classification/#moderate

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJk8DbfAAoJENzjgjWX9erEafwQAIad3d6WLV4ATCb6RtrQAR+r
LReHu6j1p7HRVxTWumdxr33dIW5VekHgkU57uyLfoBK2A+hNjq1sAe2xTF0oyDcr
TkbHdTlkDgeGvwrfevzVH0/JZDnTCx5Iato0/dltH5P2eTANv/wn5Fah2zv//466
ckPxDYyEIn5ITyiyksS62RwPnGkRrvr5T7XLha+WNEE5FCSmFVApcYOUL5bOm94r
LJ5USJx+MBMLUiIEEIj+nV5MxGkMRYLC5pHoLm3zS138zqpsqh0GtWJB2wk7ql0t
tyOfhqrEbfYvVj03gB1arNl4nQmWri7t9l88j+6hGOKGIG7yERdpI0wPwpr4qzuj
xG0ZoXYSyZZwNWCMblVx9WMhqwveoaGVaR58dmayihSDahndo15b12WQ59m9BWna
m/XjwZZFbwI3cCsw4J/m3fSjtQIF0Hm3hW7aXwMPSryQxbPQ4aIIkhokEMXFr8Uu
XsqawiyV0NONznzW8qipZXpMibZPtv9PL8JIeOxH+t5zegp2eMLa39q+Jb+ueNOk
wCyBiGHufjsFBVd2ytz/EIfWNoXZsm8jRyooniAwA7G6hF1oyGt/WpWBHtWx/Ek+
IalYcoFTCp6ko5oJh8kVSyTQLsGN7yh4QwX042xscEWbH35lgMHFLsDUTP/bkpIk
Ly7rO5T25XiloIul7FBb
=KCSk
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close