exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Red Hat Security Advisory 2023-5233-01

Red Hat Security Advisory 2023-5233-01
Posted Sep 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5233-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.4 images.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-3709, CVE-2022-41723, CVE-2023-1637, CVE-2023-20593, CVE-2023-21102, CVE-2023-2602, CVE-2023-2603, CVE-2023-30630, CVE-2023-31248, CVE-2023-3354, CVE-2023-3390, CVE-2023-34969, CVE-2023-35001, CVE-2023-3610
SHA-256 | 7d1ca71c1592ac5ce6262de9a56cdeccb6d9818d38d921dd586a1126ca6c0bd9
Download | Favorite | View

Red Hat Security Advisory 2023-5233-01

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   
Red Hat Security Advisory

Synopsis:          Moderate: OpenShift Virtualization 4.13.4 security and bug fix update
Advisory ID:       RHSA-2023:5233-01
Product:           OpenShift Virtualization
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:5233
Issue date:        2023-09-19
CVE Names:         CVE-2016-3709 CVE-2022-41723 CVE-2023-1637
                   CVE-2023-2602 CVE-2023-2603 CVE-2023-3354
                   CVE-2023-3390 CVE-2023-3610 CVE-2023-3776
                   CVE-2023-3899 CVE-2023-4004 CVE-2023-4147
                   CVE-2023-20593 CVE-2023-21102 CVE-2023-30630
                   CVE-2023-31248 CVE-2023-34969 CVE-2023-35001
====================================================================
1. Summary:

Red Hat OpenShift Virtualization release 4.13.4 is now available with
updates to packages and images that fix several bugs and add enhancements.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Description:

OpenShift Virtualization is Red Hat's virtualization solution designed for
Red Hat OpenShift Container Platform.

This advisory contains OpenShift Virtualization 4.13.4 images.

Security Fix(es):

* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK
decoding (CVE-2022-41723)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* USB-redirection regression (BZ#2221220)

* DataImportCron DVs do not respond to default storage class being set
(BZ#2232347)

3. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2178358 - CVE-2022-41723 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding
2221220 - USB-redirection regression
2232347 - DataImportCron DVs do not respond to default storage class being set

5. References:

https://access.redhat.com/security/cve/CVE-2016-3709
https://access.redhat.com/security/cve/CVE-2022-41723
https://access.redhat.com/security/cve/CVE-2023-1637
https://access.redhat.com/security/cve/CVE-2023-2602
https://access.redhat.com/security/cve/CVE-2023-2603
https://access.redhat.com/security/cve/CVE-2023-3354
https://access.redhat.com/security/cve/CVE-2023-3390
https://access.redhat.com/security/cve/CVE-2023-3610
https://access.redhat.com/security/cve/CVE-2023-3776
https://access.redhat.com/security/cve/CVE-2023-3899
https://access.redhat.com/security/cve/CVE-2023-4004
https://access.redhat.com/security/cve/CVE-2023-4147
https://access.redhat.com/security/cve/CVE-2023-20593
https://access.redhat.com/security/cve/CVE-2023-21102
https://access.redhat.com/security/cve/CVE-2023-30630
https://access.redhat.com/security/cve/CVE-2023-31248
https://access.redhat.com/security/cve/CVE-2023-34969
https://access.redhat.com/security/cve/CVE-2023-35001
https://access.redhat.com/security/updates/classification/#moderate

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJlCb4IAAoJENzjgjWX9erETRwP/20c0zxVvSinjKKjZJeDH9hk
W3HPo4mNYJlx9PdBz11Uh3UlwRQAPMvedO9N3NMMGUnvxTNxWWE9Q/LY/PuzDu8n
GHbrLzrVWn4Ok0FxsY5AE9ENgsVz2Mv063+wCdRYpnZy7kVa8K1WH189xRxk+AbK
rDSAz3R7iY1mLy5Rw0MvYy0LbzT9zjteeWaQu94YuFDGEMe7BErWVFC5HX2iZ3js
kXjR4yGZkuLukq1fWdtbEaawIoOVnK3I59aO8gs+FdxVekW8HRJUv8wsTxRmwRUj
7pY+htflv5mY7stSszUg4q7FM4DJ75uCJk7Uw0eak7KSy/qpd69G1g0/SM1dIce9
eq67XN9B9BTU+iBURvJXfg/pn3hAMhXy87gn+r1AY/c3x7kw8SUyNZ7LH1Iw3mXg
Lr+mQCzqu3ybJMX/T6rEOqHiX14yLuk5tpb+FAeuWPHqgINUxiYVpeVwb1Se0JIL
O+61oyYGoHHxuSqazK1EgJPGAhtAwIaA4tQsiUkmY9p435DEdm5bm6mUvfIWn5B/
AkeJou+3Xx0fP0JXVPAfAUGBXoq+NGGs39UlPhcuxvg06JVDmE/MvgMKlYoNHcof
48fL3Hcac8ox92nOjvm/gOntoo7qSRoaAXVCVO0LaqYcdDYBC+eUplZvymdxGp3A
lXMK0Gsk/PAbyVsmL8II
=sU3r
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
Login or Register to add favorites

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    19 Files
  • 25
    Jun 25th
    5 Files
  • 26
    Jun 26th
    13 Files
  • 27
    Jun 27th
    42 Files
  • 28
    Jun 28th
    9 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close