- Issued:
- 2022-03-14
- Updated:
- 2022-03-14
RHSA-2022:0842 - Security Advisory
Synopsis
Important: Release of containers for OSP 16.2 director operator tech preview
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenStack Platform 16.2 (Train) director Operator containers are
available for technology preview.
Description
Release osp-director-operator images
Security Fix(es):
- golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Solution
OSP 16.2.z Release - OSP Director Operator Containers
Affected Products
- Red Hat OpenStack 16.2 x86_64
Fixes
- BZ - 2025995 - Rebase tech preview on latest upstream v1.2.x branch
- BZ - 2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache
- BZ - 2036784 - osp controller (fencing enabled) in downed state after system manual crash test
CVEs
- CVE-2019-5827
- CVE-2019-13750
- CVE-2019-13751
- CVE-2019-17594
- CVE-2019-17595
- CVE-2019-18218
- CVE-2019-19603
- CVE-2019-20838
- CVE-2020-12762
- CVE-2020-13435
- CVE-2020-14155
- CVE-2020-16135
- CVE-2020-24370
- CVE-2021-3200
- CVE-2021-3426
- CVE-2021-3445
- CVE-2021-3521
- CVE-2021-3572
- CVE-2021-3580
- CVE-2021-3712
- CVE-2021-3800
- CVE-2021-3872
- CVE-2021-3984
- CVE-2021-4019
- CVE-2021-4122
- CVE-2021-4192
- CVE-2021-4193
- CVE-2021-20231
- CVE-2021-20232
- CVE-2021-22876
- CVE-2021-22898
- CVE-2021-22925
- CVE-2021-27645
- CVE-2021-28153
- CVE-2021-33560
- CVE-2021-33574
- CVE-2021-35942
- CVE-2021-36084
- CVE-2021-36085
- CVE-2021-36086
- CVE-2021-36087
- CVE-2021-42574
- CVE-2021-44716
- CVE-2022-24407
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
