Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2023:1816 - Security Advisory
Issued:
2023-04-17
Updated:
2023-04-17

RHSA-2023:1816 - Security Advisory

  • Overview
  • Updated Images

Synopsis

Moderate: Red Hat OpenShift Data Foundation 4.12.2 Bug Fix and security update

Type/Severity

Security Advisory: Moderate

Topic

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.2 on Red Hat Enterprise Linux 8 from Red Hat Container Registry.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.

Security Fix(es):

  • golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • [backport 4.12] s3 sync directory to a bucket fails with Internal Error in between the upload operation (BZ#2170416)
  • [4.12 clone] [Noobaa] Secrets are used in env variables (BZ#2171968)
  • [Backport to 4.12.z] Placeholder bug to backport the odf changes for Managed services epic RHSTOR-2442 to 4.12.z (BZ#2174335)
  • [ODF 4.12] Missing the status-reporter binary causing pods "report-status-to-provider" remain in CreateContainerError on ODF to ODF cluster on ROSA (BZ#2179978)
  • [MDR] After upgrade(redhat-operators) on hub from 4.12.1 to 4.12.2 noticed 2 token-exchange-agent pods on managed clusters and one of them on CBLO (BZ#2183198)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat OpenShift Data Foundation 4 for RHEL 8 x86_64
  • Red Hat OpenShift Data Foundation for IBM Power, little endian 4 for RHEL 8 ppc64le
  • Red Hat OpenShift Data Foundation for IBM Z and LinuxONE 4 for RHEL 8 s390x

Fixes

  • BZ - 2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
  • BZ - 2171968 - [4.12 clone] [Noobaa] Secrets are used in env variables
  • BZ - 2174335 - [Backport to 4.12.z] Placeholder bug to backport the odf changes for Managed services epic RHSTOR-2442 to 4.12.z
  • BZ - 2175365 - [4.12.z] Upgrade from 4.12.0 to 4.12.1 doesn't work
  • BZ - 2179978 - [ODF 4.12] Missing the status-reporter binary causing pods "report-status-to-provider" remain in CreateContainerError on ODF to ODF cluster on ROSA
  • BZ - 2183198 - [MDR] After upgrade(redhat-operators) on hub from 4.12.1 to 4.12.2 noticed 2 token-exchange-agent pods on managed clusters and one of them on CBLO
  • BZ - 2186455 - Include at ODF 4.12 container images the RHEL8 CVE fix on "openssl"

CVEs

  • CVE-2020-10735
  • CVE-2021-28861
  • CVE-2022-4304
  • CVE-2022-4415
  • CVE-2022-4450
  • CVE-2022-40897
  • CVE-2022-41717
  • CVE-2022-45061
  • CVE-2022-48303
  • CVE-2023-0215
  • CVE-2023-0286
  • CVE-2023-23916

References

  • https://access.redhat.com/security/updates/classification/#moderate

ppc64le

odf4/cephcsi-rhel8@sha256:ec31241541e2abd78bf8cf2a627c7c2372f613462f450f244b5652de4f84be75
odf4/mcg-core-rhel8@sha256:8e832ccabcce01c544a66a8f0dce82bf817fbb57b9c32f9d08fb6648615017a8
odf4/mcg-operator-bundle@sha256:c8d9b5a89e1855d531c36376b746dd04a7bdcce04b756a5e0575eb607cd4c5fb
odf4/mcg-rhel8-operator@sha256:571a9816824bd780addd14bdebdfa33d6e2dae774d2eaf3ce4598f77c5d2f46c
odf4/ocs-metrics-exporter-rhel8@sha256:02aa79c70cdd7d6705901a0251ee034d6f99babffd6b53d284b2887977da56a2
odf4/ocs-must-gather-rhel8@sha256:d9869214ad82dbe0822c6d2fc6e68d3cc5f136eea360c6aa35ef80fc042e0e4f
odf4/ocs-operator-bundle@sha256:1ceee23741fdbd8ea57c896394b7907a0d085747761aaff7499f9acd3da12c05
odf4/ocs-rhel8-operator@sha256:b79e124c25a496d6faf8cb4fc2b6c6cfc16168a375ab74d646aeb47b7d313432
odf4/odf-console-rhel8@sha256:06fcb2723384a47645b02b1e5bf204ee164c237d5858d54dcdf824a3ed0dbb92
odf4/odf-csi-addons-operator-bundle@sha256:eb9a4f71876b95ae09ff265bd775213e5ab5a0a52df72b0e81a235ef9b4dfa0c
odf4/odf-csi-addons-rhel8-operator@sha256:81d995804e8323c5d3f8d97e4cfe3994f8557a570d95ef54d3a3fdb92983e36a
odf4/odf-csi-addons-sidecar-rhel8@sha256:279143d15ee81346544f3d349c31ceca4a961b7a0335ef244897b6f9539b0853
odf4/odf-multicluster-console-rhel8@sha256:f233577ffe579fe96f2bc5e40b31c503d07c1286a4552d13817f29e32a630bbf
odf4/odf-multicluster-operator-bundle@sha256:ce1e95332f5a1f26fda686689524434440cfaf79157b03e19bc6d5a8174ba08c
odf4/odf-multicluster-rhel8-operator@sha256:457dc81080a0b9eb0920edf2f4b485b004bd052b2aed5f67271deeface6d5bcb
odf4/odf-operator-bundle@sha256:d5cb1e7b977ac06f3d135b75039f5e7d9b72712fb56da46b3197934468087089
odf4/odf-rhel8-operator@sha256:548824cea11b74bd3cf029362e0af7ca4e274106536969e06100ed4d8e04c2ae
odf4/odr-cluster-operator-bundle@sha256:34a6065837c1298716257cf0d393d2976d617442690ef476d18f582d179f933f
odf4/odr-hub-operator-bundle@sha256:1c069d2e9b67ebcbaf69d6410556a52acdb54e2eb40fa6894bc849c7786d9453
odf4/odr-rhel8-operator@sha256:43b8ec1e8a4064044087ddfe6f69923bce5760fd6584796b658d91ae5a578af1
odf4/rook-ceph-rhel8-operator@sha256:e1c44a717f76e99f94453222c26c11122a12ff1257b52a5df5e2f298f648d7fc

s390x

odf4/cephcsi-rhel8@sha256:26cd66e3c1b82d8466b45ad04821c15a570ecb4527f5b21e7b80e8c2addc7779
odf4/mcg-core-rhel8@sha256:b6259101dd506a40cf2ada869a74c6dfee70c962ef33059beb93a566fc6a7352
odf4/mcg-operator-bundle@sha256:ae25765423b3c26edbf244565fda9bb803f3f88806e5ad7351e7eea5249dab32
odf4/mcg-rhel8-operator@sha256:6e707cf70c75e3ffe056c741e8f8a743f9274c31136e1e6b0d54849f97f9e839
odf4/ocs-metrics-exporter-rhel8@sha256:6f263c6ff6c9eb52d5a74977705357422750016f0e20aa5b4f0a2758ae2bf714
odf4/ocs-must-gather-rhel8@sha256:f8bb8fc209169c07136bf564d008dc945022d91a2b9701a2c26a8c9e119e48ae
odf4/ocs-operator-bundle@sha256:df37316320641fb32a777267be06ffcf40fac7c5e18347f9082b1ca16e64e6fb
odf4/ocs-rhel8-operator@sha256:f3febb8c575c0008630db316cd445ebfeb4cf22729109d29649e90835cf9864a
odf4/odf-console-rhel8@sha256:05ded1646a55559834a7b5b73efe4cc75eb5766dacbd13625ac762f6b653cd06
odf4/odf-csi-addons-operator-bundle@sha256:a03151222a299e9994de4e490169f326fe97b770966e37107d6615e4f8e5ed54
odf4/odf-csi-addons-rhel8-operator@sha256:dddbe73a0d0cb9cffef5cfe6c29d2fe5b1c47af44e461958dd40a7b1be7655d4
odf4/odf-csi-addons-sidecar-rhel8@sha256:0ef01ac2d319f6316a471a598c228b548496c34f65ac3408b7972a04b0322e9d
odf4/odf-multicluster-console-rhel8@sha256:2c3875c244464a22072601e67a8f823f668e184f5409a00ddbb76c210d16c308
odf4/odf-multicluster-operator-bundle@sha256:5ff129c7bd9895bd061b3f909dfa618a39de63c1a8962909fbd276ddb3cc0eac
odf4/odf-multicluster-rhel8-operator@sha256:5eacb98798e5cdb5230cabc933e73274a97fe4c1e08b2c56f830577ec86461c5
odf4/odf-operator-bundle@sha256:5b2c4038514d3ad2a50a0f1ff69d8bb1b63f68dc0a65cc59d84992544b129748
odf4/odf-rhel8-operator@sha256:ab710ac2f356c8328dddbd1471b0952ffd529de61630dd0d3702e8f9ab17834a
odf4/odr-cluster-operator-bundle@sha256:ea93d88a9abce4772f7fea2e1833d708f70261c99e4954fd1917d8ee8af3105e
odf4/odr-hub-operator-bundle@sha256:a10ee5a6d0925df1836742715253826171f698655c4977ae2825bdab4eb19288
odf4/odr-rhel8-operator@sha256:120ed6dbb7c2001e81ba53ec2a64f5ee8e5108ff65ffbda481cb37b8c548e40f
odf4/rook-ceph-rhel8-operator@sha256:a7a9d2468137c9c37acd96f3754088186491317d90537c6f90cf7a24bbe99ca3

x86_64

odf4/cephcsi-rhel8@sha256:02a45a4526c44cd9723abb0e155a627cd0d7e827dc11e4679ddab1067cf82239
odf4/mcg-core-rhel8@sha256:f870f0e1c9101cc1235955958132cdccc4239a394a91b794f9c7d1076a831fc3
odf4/mcg-operator-bundle@sha256:b359aa18d0e121a5a8806c3bfcab145a432068d96023e1dfb6c0ff61729530ed
odf4/mcg-rhel8-operator@sha256:780f21748e8a2e93c825b73dfa339a10eb40ed118440ec1e6463f18be050660b
odf4/ocs-metrics-exporter-rhel8@sha256:0c16859624d28c4ead088206ffe90a931950846a3f468ffe4180384fafb2e914
odf4/ocs-must-gather-rhel8@sha256:e4a184006675f2b90d4d61dff86314567926a462221d719d4f49b5aa539fd4d7
odf4/ocs-operator-bundle@sha256:5a7eb94cbe7c3c3beb5b0b578a594db5b21952a917b80d5d144fd131983136f6
odf4/ocs-rhel8-operator@sha256:aa296e043b81a7a56f50a030f145fc3ef29f5a5cd629b2e443ae4ebd4a579949
odf4/odf-console-rhel8@sha256:9f618cd8acce0a97eb6da2bd07a198a5ea6dde4f89aed5d3db690e693b934e7b
odf4/odf-csi-addons-operator-bundle@sha256:c749a20a95dd9a2d494c6850269da4c785a991f7f8315f284eb40a009012fad8
odf4/odf-csi-addons-rhel8-operator@sha256:34c31af6bc9075c1e87707424bbd73b2cd958a60a66c6ab2b0b9d0dd5cf43d71
odf4/odf-csi-addons-sidecar-rhel8@sha256:ab6ef8e5bac5ed45620fd70046fae897edf2cb4c3f979f143925ff25e39573fe
odf4/odf-multicluster-console-rhel8@sha256:f91d25a2921acf5dd00c1e02d5004369fb774ac35e74d2ca700707463abc3de9
odf4/odf-multicluster-operator-bundle@sha256:3b6baf191b4c18ab9919b2fdb466fff213423a317a7a4693e8c6b6bbe49fad0e
odf4/odf-multicluster-rhel8-operator@sha256:4882968a8b7e1409be1ffa26de6f7f8d07d381e2b43f79ce7a48b3ac9a6eb31e
odf4/odf-operator-bundle@sha256:ed4edaaa3aff9484ad8edf73b79674239b08e46b47783a32c2cdd30580a76f65
odf4/odf-rhel8-operator@sha256:93687d26b46bc7de5341a5e11a8040fcf47faaf8a21ce6dfd2128a00ede4ba40
odf4/odr-cluster-operator-bundle@sha256:08fb694a868637cc78da5d9a9a7de71c8f36ce54a8a66860aac95c9434207b80
odf4/odr-hub-operator-bundle@sha256:38d189fb8c68a5c1566fb87fc80c633ee21d351a9905cfb17d4585d70b448750
odf4/odr-rhel8-operator@sha256:127ede6c4d4e1d9e1e3639a7002b220e8b5610a0dbb86439f0fd21d7f2a60061
odf4/rook-ceph-rhel8-operator@sha256:a471ad0f59a27bd83a72f56016a53385692b23311ee37e74ae89a067fa931b49

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Twitter Facebook