Issued:: 2024-06-20
Updated:: 2024-06-20

RHSA-2024:4034 - Security Advisory

Overview
Updated Images

Synopsis

Important: Red Hat Service Interconnect 1.5.4 Release security update (images)

Type/Severity

Security Advisory: Important

Topic

OpenShift container images for the Red Hat Service Interconnect 1.5 release.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat Service Interconnect 1.5 creates a service network, linking TCP and HTTP services across the hybrid cloud.
A service network enables communication between services running in different network locations or sites.

It allows geographically distributed services to connect as if they were all running in the same site.

Security Fix(es):

golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm (CVE-2024-24783)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Service Interconnect 1 for RHEL 9 x86_64

Fixes

BZ - 2268019 - CVE-2024-24783 golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm
BZ - 2268273 - CVE-2023-45288 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS
SKUPPER-1705 - null pointer deference in policy controller
SKUPPER-1812 - Connection token requests are not being processed

References

https://access.redhat.com/security/updates/classification/#important

aarch64

service-interconnect/skupper-config-sync-rhel9@sha256:7417dd94c72f697b0194ec3430aefcd53074c5c353b210298b7012f5b35511da

service-interconnect/skupper-controller-podman-rhel9@sha256:b32e96d024cd877c3501b338e9d20218218359ebdf88b3e0745c59b38bdcc268

service-interconnect/skupper-controller-podman-container-rhel9@sha256:b32e96d024cd877c3501b338e9d20218218359ebdf88b3e0745c59b38bdcc268

service-interconnect/skupper-flow-collector-rhel9@sha256:ec468a0f7e21c47f1a092deb64f330490a45751991336cd97473dced366afd75

service-interconnect/skupper-operator-bundle@sha256:1149aa94f8b90f5d3465be98b5987e87aa98360a52d2feb5f1db440652a11173

service-interconnect/skupper-router-rhel9@sha256:c77ee9fafbbfb708007d93616aa853379db2af25e23c49ebf3ce703ff4b23f28

service-interconnect/skupper-service-controller-rhel9@sha256:958aa99f850af72491ae40ff3252923cfd638307e6f3af54b34c38fd70286459

service-interconnect/skupper-site-controller-rhel9@sha256:5f08fcf316bd6ec13bbab275ef67c6d176bcee7b763926c68c913247aa2ac7a6

ppc64le

service-interconnect/skupper-config-sync-rhel9@sha256:3c4213507b54371c603cf95b52d346549a6a588e47454ab5c59c602c81e4e719

service-interconnect/skupper-controller-podman-rhel9@sha256:1971d75601f7495ecb0375f3547f5ac718466ac8bcbe13d0eb3b30ce4db75b3d

service-interconnect/skupper-controller-podman-container-rhel9@sha256:1971d75601f7495ecb0375f3547f5ac718466ac8bcbe13d0eb3b30ce4db75b3d

service-interconnect/skupper-flow-collector-rhel9@sha256:828f14882526d50e1a87071c3ae97c9805e5b1873974c6ea332c58674f4b8db2

service-interconnect/skupper-service-controller-rhel9@sha256:0a38f9096db65c7f2abc64749d34ee2277d46e0d037e0a40e89c2d39cc5be7f0

service-interconnect/skupper-site-controller-rhel9@sha256:f1dd18bb676d367b031f136f997632957ba5b947d9b0595e5ff7821910ee2a27

s390x

service-interconnect/skupper-config-sync-rhel9@sha256:2e1d7dec803be1c1ffded00635f745f0691d86edc6c4576f285225e292cb6885

service-interconnect/skupper-controller-podman-rhel9@sha256:2f76950fa9874ba93b437d218c7eb4923871072e29c51fe057cda5589e3dde0a

service-interconnect/skupper-controller-podman-container-rhel9@sha256:2f76950fa9874ba93b437d218c7eb4923871072e29c51fe057cda5589e3dde0a

service-interconnect/skupper-flow-collector-rhel9@sha256:127780faef70d6015eff3c3ba0a108fa26ba18b1794e5b60c8ee2bb696ae4232

service-interconnect/skupper-service-controller-rhel9@sha256:3f879b5ce179ea8284d7ac364cb0a408909878205fab10c9624403b7b59da00d

service-interconnect/skupper-site-controller-rhel9@sha256:b06235b32b81d24d40761b358eff2db65a7f18db8cdee7c099b8833ad66a2fcd

x86_64

service-interconnect/skupper-config-sync-rhel9@sha256:f4073ebfafda5d847abb3b4429e35ece7107866dead94ec5a90c009905105352

service-interconnect/skupper-controller-podman-rhel9@sha256:ce560444ad40e6cf92fa446cb8a50b081b91c292e0588965c42e86476b39a23f

service-interconnect/skupper-controller-podman-container-rhel9@sha256:ce560444ad40e6cf92fa446cb8a50b081b91c292e0588965c42e86476b39a23f

service-interconnect/skupper-flow-collector-rhel9@sha256:f5bc6ca008d1429b187b7283167c610c670ffb41168bc63a86a8ca7b6d9d9fe7

service-interconnect/skupper-operator-bundle@sha256:e8abb03720a450190a62c9f4a43bd3afdc09f30d7bedcdf22be97138263dd2a7

service-interconnect/skupper-router-rhel9@sha256:39df97ea1774b942b5bf1965f56da4ba2dcbfd8aad05a4611fbc334c01fbb13d

service-interconnect/skupper-service-controller-rhel9@sha256:9af0f0a5d3778297728506b779b638a185e129e74876a1a57efef522b0b7c38b

service-interconnect/skupper-site-controller-rhel9@sha256:beaa6806edfefbf50a94d7dcdbf11e9e69447556794c7e82c190d75e63188d4f

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation