Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2022:5003 - Security Advisory
Issued:
2022-06-13
Updated:
2022-06-13

RHSA-2022:5003 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: Red Hat OpenShift Service Mesh 2.0.10 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat OpenShift Service Mesh 2.0.10.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.

This advisory covers the RPM packages for the release.

Security Fix(es):

  • envoy: Decompressors can be zip bombed (CVE-2022-29225)
  • envoy: Segfault in GrpcHealthCheckerImpl (CVE-2022-29224)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

The OpenShift Service Mesh release notes provide information on the features and known issues:

https://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html

Affected Products

  • Red Hat OpenShift Service Mesh 2.0 for RHEL 8 x86_64
  • Red Hat OpenShift Service Mesh for Power 2.0 for RHEL 8 ppc64le
  • Red Hat OpenShift Service Mesh for IBM Z 2.0 for RHEL 8 s390x

Fixes

  • BZ - 2088737 - CVE-2022-29225 envoy: Decompressors can be zip bombed
  • BZ - 2088738 - CVE-2022-29224 envoy: Segfault in GrpcHealthCheckerImpl
  • OSSM-1613 - RPM Release for Maistra 2.0.10

CVEs

  • CVE-2022-29224
  • CVE-2022-29225

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenShift Service Mesh 2.0 for RHEL 8

SRPM
servicemesh-2.0.10-1.el8.src.rpm SHA-256: c15370a41bba35f4367978f6f6866d342211e3a442c1f857e9b7b37375063200
servicemesh-cni-2.0.10-1.el8.src.rpm SHA-256: 34f9395705805f097df68cf569d0e93bc467bac90a289bff9e2fdc91aa1b23f7
servicemesh-operator-2.0.10-1.el8.src.rpm SHA-256: 549c8ab77d51fca51bf648d3ff39db3cf6fa9c461caa3fcb544007280001f4e4
servicemesh-prometheus-2.14.0-17.el8.1.src.rpm SHA-256: fd6c7055c4751019c009214626a0a9d73e5b3db7cedd1d73cc362069bfe8f9f2
servicemesh-proxy-2.0.10-1.el8.src.rpm SHA-256: 37f873de22f5ccf6b947cbdc65c163e76d646a7a05974e55e94213a15829e5a7
x86_64
servicemesh-2.0.10-1.el8.x86_64.rpm SHA-256: 1471822360e298ed542f6b76921a78658676516079e59dc7e698a9e3440c8d58
servicemesh-cni-2.0.10-1.el8.x86_64.rpm SHA-256: a2ccbb29f561a28430a92046f1329cd3b7b4dec70776a8ed60989b48381b131a
servicemesh-istioctl-2.0.10-1.el8.x86_64.rpm SHA-256: c3eaf815a904631b15e5dc206e759003eb85d5a4d2cf7ecd8fc43dda0099682a
servicemesh-mixc-2.0.10-1.el8.x86_64.rpm SHA-256: da14a722d6860713d9a91644061f781060fdd095470330e2414ab781c4fc8d75
servicemesh-mixs-2.0.10-1.el8.x86_64.rpm SHA-256: cf87ea3243172d2b49fd06880bc817eb557bec9cbc3e4d17600beccb10715e02
servicemesh-operator-2.0.10-1.el8.x86_64.rpm SHA-256: cef738c526d9b9a9df438f3a722b3d689b6b1cae7c6ae90a3bd531968f9859ba
servicemesh-pilot-agent-2.0.10-1.el8.x86_64.rpm SHA-256: 63b205bf697e1f58e901098748a74e9bc2af7256f98a0eb7e02c1173106afebe
servicemesh-pilot-discovery-2.0.10-1.el8.x86_64.rpm SHA-256: bfce48926583fa4e79f7f16174dba73cc3a4a5f1a1d244a8e521a416e0de94cf
servicemesh-prometheus-2.14.0-17.el8.1.x86_64.rpm SHA-256: 1bd5eff5ff1303243b8a63d977ebe33b1fde34f92efd1144b4f102f4ad8d3610
servicemesh-proxy-2.0.10-1.el8.x86_64.rpm SHA-256: 8a3a48a3f0a0597459e4810af010303ef6a794ac06ae0bd84c8c8b25a08fbdac

Red Hat OpenShift Service Mesh for Power 2.0 for RHEL 8

SRPM
servicemesh-2.0.10-1.el8.src.rpm SHA-256: c15370a41bba35f4367978f6f6866d342211e3a442c1f857e9b7b37375063200
servicemesh-cni-2.0.10-1.el8.src.rpm SHA-256: 34f9395705805f097df68cf569d0e93bc467bac90a289bff9e2fdc91aa1b23f7
servicemesh-operator-2.0.10-1.el8.src.rpm SHA-256: 549c8ab77d51fca51bf648d3ff39db3cf6fa9c461caa3fcb544007280001f4e4
servicemesh-prometheus-2.14.0-17.el8.1.src.rpm SHA-256: fd6c7055c4751019c009214626a0a9d73e5b3db7cedd1d73cc362069bfe8f9f2
servicemesh-proxy-2.0.10-1.el8.src.rpm SHA-256: 37f873de22f5ccf6b947cbdc65c163e76d646a7a05974e55e94213a15829e5a7
ppc64le
servicemesh-2.0.10-1.el8.ppc64le.rpm SHA-256: 1f1cde1077f41db4a3758301db53327d6c56642c6f115876ffe9aab685a2fb95
servicemesh-cni-2.0.10-1.el8.ppc64le.rpm SHA-256: e5e23fd246b5b57c6805e37c83ca2979807cf273fcae02e6d43d1ce0aa8c6589
servicemesh-istioctl-2.0.10-1.el8.ppc64le.rpm SHA-256: b91a0b482a31700521c5983a6527371943f55a79951646f5dcc2ade64ed495aa
servicemesh-mixc-2.0.10-1.el8.ppc64le.rpm SHA-256: e385430a3dc4b8fddc3461510c4c01d56d756cc3eb6dd2bf776dc8510108f1e6
servicemesh-mixs-2.0.10-1.el8.ppc64le.rpm SHA-256: f810afa5baab0aa4a1eb7ec1aa75b5bc24ee0a19468eee1919c425dbbf6eff6d
servicemesh-operator-2.0.10-1.el8.ppc64le.rpm SHA-256: bfd8121ed3be610d6469e0aa19471bfb8e20311e9b1ff2f5259afe1539cec1d5
servicemesh-pilot-agent-2.0.10-1.el8.ppc64le.rpm SHA-256: 8acb3f092a7a7ddec67d5a51077151b34cb0dfa43504bdf833cc6229882baa07
servicemesh-pilot-discovery-2.0.10-1.el8.ppc64le.rpm SHA-256: 9ab2e7d041786e4e39e7303f83ece45ed3aaf65192454fb2375b22e73ec564a3
servicemesh-prometheus-2.14.0-17.el8.1.ppc64le.rpm SHA-256: 63ca138557c4e78c0dfc1518977163c631e19f2ca6306f89d606c7f1c2d83b86
servicemesh-proxy-2.0.10-1.el8.ppc64le.rpm SHA-256: 11d6384a161e5473459852fbb73cd8d9e178fa2e33c4cba14e1e32487c5358ed

Red Hat OpenShift Service Mesh for IBM Z 2.0 for RHEL 8

SRPM
servicemesh-2.0.10-1.el8.src.rpm SHA-256: c15370a41bba35f4367978f6f6866d342211e3a442c1f857e9b7b37375063200
servicemesh-cni-2.0.10-1.el8.src.rpm SHA-256: 34f9395705805f097df68cf569d0e93bc467bac90a289bff9e2fdc91aa1b23f7
servicemesh-operator-2.0.10-1.el8.src.rpm SHA-256: 549c8ab77d51fca51bf648d3ff39db3cf6fa9c461caa3fcb544007280001f4e4
servicemesh-prometheus-2.14.0-17.el8.1.src.rpm SHA-256: fd6c7055c4751019c009214626a0a9d73e5b3db7cedd1d73cc362069bfe8f9f2
servicemesh-proxy-2.0.10-1.el8.src.rpm SHA-256: 37f873de22f5ccf6b947cbdc65c163e76d646a7a05974e55e94213a15829e5a7
s390x
servicemesh-2.0.10-1.el8.s390x.rpm SHA-256: 4c77e2cc6496eb3dd370c3f0107712bd9855df2d1423981358b16f4130df516d
servicemesh-cni-2.0.10-1.el8.s390x.rpm SHA-256: 2a6bed930e5b0dcf0a5fa75fe884670fdd0e84c52a265f467cdb14241a572b34
servicemesh-istioctl-2.0.10-1.el8.s390x.rpm SHA-256: a80a1b87306ff42955049baef6d3b7a1872e8deaee95e56f1aa5248fbfbbc217
servicemesh-mixc-2.0.10-1.el8.s390x.rpm SHA-256: 9ae34135912ba3dd8161666b0d4daf7cbf249c69bf7339f74c5091c1d9f00ce4
servicemesh-mixs-2.0.10-1.el8.s390x.rpm SHA-256: a2e3493ad6d444626e24f3169381d40cdd7a8609f9c96a240f2afe67b0af34db
servicemesh-operator-2.0.10-1.el8.s390x.rpm SHA-256: 3a31a4d26ed977eeacc15214855238c769b1e8460b4e06555118d8840b7423cc
servicemesh-pilot-agent-2.0.10-1.el8.s390x.rpm SHA-256: dfd35929a03b827dd9bccc69d833937758db17e96b56a2fd7a4a0081a51882f3
servicemesh-pilot-discovery-2.0.10-1.el8.s390x.rpm SHA-256: 9d5573a69a6fc069013b984dc84155d229e3def8feca5a12bd94f8defe2acb6a
servicemesh-prometheus-2.14.0-17.el8.1.s390x.rpm SHA-256: 675cecd586e00e2680d487dad8db3020428ce096b90470fa8268646325ff341d
servicemesh-proxy-2.0.10-1.el8.s390x.rpm SHA-256: 986683a92aed576a4ca8a0b75fe5c61fc10c51eaff3a96d4cf3bd024cda9005b

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter