- Issued:
- 2020-11-18
- Updated:
- 2020-11-18
RHSA-2020:5149 - Security Advisory
Synopsis
Moderate: Release of OpenShift Serverless 1.11.0
Type/Severity
Security Advisory: Moderate
Topic
Release of OpenShift Serverless 1.11.0
Description
Red Hat OpenShift Serverless 1.11.0 is a generally available release of the
OpenShift Serverless Operator. This version of the OpenShift Serverless
Operator is supported on Red Hat OpenShift Container Platform version 4.6.
Security Fix(es):
- golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, see the CVE page(s) listed in the
References section.
Solution
See the documentation at:
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless_applications/index
Affected Products
- Red Hat Openshift Serverless 1 x86_64
Fixes
- BZ - 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
- BZ - 1889831 - Release of OpenShift Serverless Serving 1.11.0
- BZ - 1889833 - Release of OpenShift Serverless Eventing 1.11.0
CVEs
- CVE-2018-20843
- CVE-2019-1551
- CVE-2019-5018
- CVE-2019-13050
- CVE-2019-13627
- CVE-2019-14889
- CVE-2019-15903
- CVE-2019-16168
- CVE-2019-16935
- CVE-2019-19221
- CVE-2019-19906
- CVE-2019-19956
- CVE-2019-20218
- CVE-2019-20387
- CVE-2019-20388
- CVE-2019-20454
- CVE-2019-20907
- CVE-2019-20916
- CVE-2020-1730
- CVE-2020-1751
- CVE-2020-1752
- CVE-2020-6405
- CVE-2020-7595
- CVE-2020-8177
- CVE-2020-8492
- CVE-2020-9327
- CVE-2020-10029
- CVE-2020-13630
- CVE-2020-13631
- CVE-2020-13632
- CVE-2020-14040
- CVE-2020-14422
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.