Red Hat Product Errata RHSA-2022:6517 - Security Advisory
Issued:
2022-09-14
Updated:
2022-09-14

RHSA-2022:6517 - Security Advisory

Synopsis

Important: Release of containers for OSP 16.2.z director operator tech preview

Type/Severity

Security Advisory: Important

Topic

Red Hat OpenStack Platform 16.2 (Train) director operator containers, with several Important security fixes, are available for technology preview.

Description

Release osp-director-operator images

Security Fix(es):

  • CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read [important]
  • CVE-2021-41103 golang: containerd: insufficiently restricted permissions on container root and plugin directories [medium]

Solution

OSP 16.2.z Release - OSP Director Operator Containers

Affected Products

  • Red Hat OpenStack 16.2 x86_64

Fixes

  • BZ - 2011007 - CVE-2021-41103 containerd: insufficiently restricted permissions on container root and plugin directories
  • BZ - 2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.