Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2023:1174 - Security Advisory
Issued:
2023-03-09
Updated:
2023-03-09

RHSA-2023:1174 - Security Advisory

  • Overview
  • Updated Images

Synopsis

Moderate: OpenShift API for Data Protection (OADP) 1.1.2 security and bug fix update

Type/Severity

Security Advisory: Moderate

Topic

OpenShift API for Data Protection (OADP) 1.1.2 is now available.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.

Security Fix(es) from Bugzilla:

  • golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)
  • golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)
  • golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)
  • golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • OpenShift API for Data Protection 1 for RHEL 8 x86_64

Fixes

  • BZ - 2132867 - CVE-2022-2879 golang: archive/tar: unbounded memory consumption when reading headers
  • BZ - 2132868 - CVE-2022-2880 golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters
  • BZ - 2132872 - CVE-2022-41715 golang: regexp/syntax: limit memory used by parsing regexps
  • BZ - 2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
  • OADP-290 - Remove creation/usage of velero-privileged SCC
  • OADP-1217 - update velero + restic to 1.9.5
  • OADP-1056 - DPA fails validation if multiple BSLs have the same provider
  • OADP-1150 - Handle docker env config changes in the oadp-operator
  • OADP-1256 - Backup stays in progress status after restic pod is restarted due to OOM killed
  • OADP-1289 - Restore partially fails with error "Secrets \"deployer-token-rrjqx\" not found"

CVEs

  • CVE-2021-46848
  • CVE-2022-1122
  • CVE-2022-1304
  • CVE-2022-2056
  • CVE-2022-2057
  • CVE-2022-2058
  • CVE-2022-2519
  • CVE-2022-2520
  • CVE-2022-2521
  • CVE-2022-2867
  • CVE-2022-2868
  • CVE-2022-2869
  • CVE-2022-2879
  • CVE-2022-2880
  • CVE-2022-2953
  • CVE-2022-4415
  • CVE-2022-4883
  • CVE-2022-22624
  • CVE-2022-22628
  • CVE-2022-22629
  • CVE-2022-22662
  • CVE-2022-25308
  • CVE-2022-25309
  • CVE-2022-25310
  • CVE-2022-26700
  • CVE-2022-26709
  • CVE-2022-26710
  • CVE-2022-26716
  • CVE-2022-26717
  • CVE-2022-26719
  • CVE-2022-27404
  • CVE-2022-27405
  • CVE-2022-27406
  • CVE-2022-30293
  • CVE-2022-35737
  • CVE-2022-40303
  • CVE-2022-40304
  • CVE-2022-41715
  • CVE-2022-41717
  • CVE-2022-42010
  • CVE-2022-42011
  • CVE-2022-42012
  • CVE-2022-42898
  • CVE-2022-43680
  • CVE-2022-44617
  • CVE-2022-46285
  • CVE-2022-47629
  • CVE-2022-48303

References

  • https://access.redhat.com/security/updates/classification/#moderate

ppc64le

oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee
oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061
oadp/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24
oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe
oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7
oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5
oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2
oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8
oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970
oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb
oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7
oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62

s390x

oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008
oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f
oadp/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002
oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b
oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d
oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2
oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399
oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee
oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152
oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c
oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d
oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315

x86_64

oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d
oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f
oadp/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27
oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748
oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079
oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8
oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969
oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14
oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa
oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8
oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3
oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility