- Issued:
- 2021-09-23
- Updated:
- 2021-09-23
RHSA-2021:3653 - Security Advisory
Synopsis
Important: Red Hat Advanced Cluster Management 2.1.11 security fix and container updates
Type/Severity
Security Advisory: Important
Topic
Red Hat Advanced Cluster Management for Kubernetes 2.1.11 General Availability release images, which provide a security fix and update the container images.
Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Description
Red Hat Advanced Cluster Management for Kubernetes 2.1.11 images
Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments. Clusters and applications are all visible and
managed from a single console—with security policy built in.
This advisory contains updates to one or more container images for Red Hat
Advanced Cluster Management for Kubernetes. See the following Release Notes
documentation, which will be updated shortly for this release, for additional
details about this release:
Security fix:
- management-ingress-container: nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name (CVE-2021-23017)
For more details about the security issue, including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Container updates:
- RHACM 2.1.11 images (BZ# 1999375)
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
- Important:* This upgrade of Red Hat Advanced Cluster Management for Kubernetes
is not supported when you are running Red Hat Advanced Cluster Management on
Red Hat OpenShift Container Platform version 4.5. To apply this upgrade, you
must upgrade your OpenShift Container Platform version to 4.6, or later.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Advanced Cluster Management for Kubernetes 2.1 for RHEL 8 x86_64
- Red Hat Advanced Cluster Management for Kubernetes 2.1 for RHEL 7 x86_64
Fixes
- BZ - 1963121 - CVE-2021-23017 nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name
- BZ - 1999375 - RHACM 2.1.11 images
CVEs
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.