红帽产品勘误 RHSA-2020:5649 - Security Advisory
发布:
2020-12-22
已更新:
2020-12-22

RHSA-2020:5649 - Security Advisory

概述

Low: Red Hat OpenShift Service Mesh 1.1.11 security update

类型/严重性

Security Advisory: Low

Red Hat Insights 补丁分析

识别并修复受此公告影响的系统。

查看受影响的系统

标题

An update is now available for OpenShift Service Mesh 1.1.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.

Security Fix(es):

  • golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
  • golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

The OpenShift Service Mesh release notes provide information on the features and known issues:

https://docs.openshift.com/container-platform/latest/service_mesh/servicemesh-release-notes.html

受影响的产品

  • Red Hat OpenShift Service Mesh 1.1 for RHEL 8 x86_64

修复

  • BZ - 1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS
  • BZ - 1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs

Red Hat OpenShift Service Mesh 1.1 for RHEL 8

SRPM
ior-1.1.11-2.el8.src.rpm SHA-256: f2e6c7b238dd41d9e5fe6089c668f10214f3bb70f3880c5c0d92b5073b169a33
servicemesh-1.1.11-2.el8.src.rpm SHA-256: 856d44e78cef527fa50e2005e4c8dda03cd53205dd84346f927714d0ebba8a65
servicemesh-cni-1.1.11-2.el8.src.rpm SHA-256: 401ea85e41cbd1c3979b57514c1011ec7785ab4f70b17d0d4d7fb9a5de8820d5
servicemesh-grafana-6.4.3-19.el8.src.rpm SHA-256: d6d0502d500561f776a65a3a8d4c50083b27b72c50b2dd3836e95c977d5c1ea9
servicemesh-operator-1.1.11-3.el8.src.rpm SHA-256: f6d999f101b97ddbfc78c438e16831f7cb52251de51d4d57428c2692e0d6dbc5
servicemesh-prometheus-2.14.0-20.el8.src.rpm SHA-256: 9a2fa9d2201463894185ab114eb9c00b50da29e7d45b3fbba76ae64413c46dce
x86_64
ior-1.1.11-2.el8.x86_64.rpm SHA-256: fd430d23b2879e40aa3e6728166cd71c70866f59dacf0e440056af2e1b7c0a8e
servicemesh-1.1.11-2.el8.x86_64.rpm SHA-256: 30dc6a244904f702232589257e7e5a78c807d9bd702cd896d3e58bf57bd9502e
servicemesh-citadel-1.1.11-2.el8.x86_64.rpm SHA-256: 9561109d3d2f555c75796fe16de95d95cdb1a6769212dac866692b3bdae3eb34
servicemesh-cni-1.1.11-2.el8.x86_64.rpm SHA-256: 83ddab9e329d6243a17a2216cdf6478190c799805d84ddd15da911223eb7fc28
servicemesh-galley-1.1.11-2.el8.x86_64.rpm SHA-256: 5d94e1c39db0aa2c9587ac73413421ea939c23c07bdb3b3917004fc6e13f1aeb
servicemesh-grafana-6.4.3-19.el8.x86_64.rpm SHA-256: 1a3a1f440c2d9320b4e3e1b91d83153b8b17ace2d9c31db44fdfff288672a574
servicemesh-grafana-prometheus-6.4.3-19.el8.x86_64.rpm SHA-256: 43410c5680d5eb7a7ba7d7707b2bed92133742e2e55337c7242079c48c41e891
servicemesh-istioctl-1.1.11-2.el8.x86_64.rpm SHA-256: c0fbfc07abc1519ca6954530fee958b08e5f613cf622a647bf5a2b3c17927b9a
servicemesh-mixc-1.1.11-2.el8.x86_64.rpm SHA-256: 99c445f30d2f493c5f181738d4bc4bf18a3353c38d32f11e70978ba221c0ea0e
servicemesh-mixs-1.1.11-2.el8.x86_64.rpm SHA-256: 6a950d923971cc0d8c6270c9c2d726031aa9f08fda0a8c767dfaef7a6c9adc59
servicemesh-operator-1.1.11-3.el8.x86_64.rpm SHA-256: 6b4f0b5846dcf4e4dc56576e92cd6ca952f322d6d71842b4de5c88feed7f3bb6
servicemesh-pilot-agent-1.1.11-2.el8.x86_64.rpm SHA-256: eab4f3353de2ce11d368e431f5fdc5b29e7c81f634df495245f3388ea923c2c2
servicemesh-pilot-discovery-1.1.11-2.el8.x86_64.rpm SHA-256: d8ac90dee9b34c02f43dfa1d0a68fbf638101a75934e0040925bc397f3390812
servicemesh-prometheus-2.14.0-20.el8.x86_64.rpm SHA-256: 5e03278e2357d4ad4bcc56f805880b69845b5b487ab9a2ef9d3d7667aae3d345
servicemesh-sidecar-injector-1.1.11-2.el8.x86_64.rpm SHA-256: 8dd79aa3184051c9446466406541edadc79a96534b824371a422df84adc71640

Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/