发布：: 2021-05-19
已更新：: 2021-05-19

RHSA-2021:2021 - Security Advisory

概述

概述

Moderate: Release of OpenShift Serverless 1.10.2 security update

类型/严重性

Security Advisory: Moderate

标题

Openshift Serverless 1.10.2 is now available.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

Red Hat OpenShift Serverless 1.10.2 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.5.

Security Fix(es):

golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)
golang: cmd/go: packages using cgo can cause arbitrary code execution at build time (CVE-2021-3115)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

See the documentation at:
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.5/html/serverless_applications/index

受影响的产品

Red Hat Openshift Serverless 1 for RHEL 8 x86_64

修复

BZ - 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve
BZ - 1918761 - CVE-2021-3115 golang: cmd/go: packages using cgo can cause arbitrary code execution at build time

参考

Red Hat 安全团队联络方式为 secalert@redhat.com。更多联络细节请参考 https://access.redhat.com/security/team/contact/。

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

RHSA-2021:2021 - Security Advisory

概述

类型/严重性

标题

描述

解决方案

受影响的产品

修复

CVE

参考

Quick Links

Help

Site Info

Related Sites

Red Hat legal and privacy links

Red Hat legal and privacy links