Issued:: 2024-04-18
Updated:: 2024-04-18

RHSA-2024:1901 - Security Advisory

Overview
Updated Images

Synopsis

Moderate: Red Hat Service Interconnect 1.5.3 Release (images)

Type/Severity

Security Advisory: Moderate

Topic

OpenShift container images for the Red Hat Service Interconnect 1.5 release.

Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

Description

Red Hat Service Interconnect 1.5 creates a service network, linking
TCP and HTTP services across the hybrid cloud.
A service network enables communication between services running in different network locations or sites.
It allows geographically distributed services to connect as if they were all running in the same site.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Service Interconnect 1 for RHEL 9 x86_64

Fixes

BZ - 2237773 - CVE-2023-39319 golang: html/template: improper handling of special tags within script contexts
BZ - 2237776 - CVE-2023-39318 golang: html/template: improper handling of HTML-like comments within script contexts
BZ - 2237777 - CVE-2023-39321 golang: crypto/tls: panic when processing post-handshake message on QUIC connections
BZ - 2237778 - CVE-2023-39322 golang: crypto/tls: lack of a limit on buffered post-handshake
BZ - 2253193 - CVE-2023-45287 golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges.
BZ - 2253330 - CVE-2023-39326 golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests
SKUPPER-1304 - Fix statefulset cross-namespace
SKUPPER-1338 - Flow collector exception when reconciling connector record from podman site
SKUPPER-1463 - Service Controller failing to create k8s Events
SKUPPER-976 - Collector does not close receiver for a purged event source

CVEs

References

aarch64

service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68

service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b

service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4

service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2

service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f

service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632

service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c

ppc64le

service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc

service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a

service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5

service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97

service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b

s390x

service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491

service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f

service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c

service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021

service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e

x86_64

service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad

service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d

service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066

service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932

service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb

service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641

service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation