A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded to the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. This CVE is specific to golang, but is also tracked as CVE-2023-44487.
Created golang tracking bugs for this issue: Affects: epel-all [bug 2243616] Affects: fedora-all [bug 2243617]
This issue has been addressed in the following products: Red Hat Developer Tools Via RHSA-2023:5719 https://access.redhat.com/errata/RHSA-2023:5719
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:5721 https://access.redhat.com/errata/RHSA-2023:5721
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:5738 https://access.redhat.com/errata/RHSA-2023:5738
*** Bug 2242010 has been marked as a duplicate of this bug. ***
This issue has been addressed in the following products: Red Hat Ansible Automation Platform 2.4 for RHEL 8 Red Hat Ansible Automation Platform 2.4 for RHEL 9 Via RHSA-2023:5805 https://access.redhat.com/errata/RHSA-2023:5805
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:5672 https://access.redhat.com/errata/RHSA-2023:5672
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:5675 https://access.redhat.com/errata/RHSA-2023:5675
This issue has been addressed in the following products: Red Hat Ansible Automation Platform 2.2 for RHEL 8 Red Hat Ansible Automation Platform 2.2 for RHEL 9 Via RHSA-2023:5809 https://access.redhat.com/errata/RHSA-2023:5809
This issue has been addressed in the following products: Red Hat Ansible Automation Platform 2.3 for RHEL 8 Red Hat Ansible Automation Platform 2.3 for RHEL 9 Via RHSA-2023:5810 https://access.redhat.com/errata/RHSA-2023:5810
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:5677 https://access.redhat.com/errata/RHSA-2023:5677
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:5679 https://access.redhat.com/errata/RHSA-2023:5679
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:5835 https://access.redhat.com/errata/RHSA-2023:5835
RHEL9 advisory: https://access.redhat.com/errata/RHSA-2023:5738 Fixed in package: golang-1.19.13-1.el9_2.x86_64.rpm New base image rhel9/go-toolset:1.19.13-4 contains rpm golang-1.19.13-1.el9_2.x86_64. $➔ podman run -it --rm --entrypoint /bin/bash --user root registry.redhat.io/rhel9/go-toolset:1.19.13-4 -c "go version; rpm -qa | grep golang-" go version go1.19.13 linux/amd64 golang-src-1.19.13-1.el9_2.noarch golang-bin-1.19.13-1.el9_2.x86_64 golang-1.19.13-1.el9_2.x86_64
RHEL8 advisory: https://access.redhat.com/errata/RHSA-2023:5721 Fixed in package: golang-1.19.13-1.module+el8.8.0+20373+d9cd605c New base image rhel8/go-toolset:1.19.13-2 @ https://catalog.redhat.com/software/containers/rhel8/go-toolset/5b9c810add19c70b45cbd666
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:5697 https://access.redhat.com/errata/RHSA-2023:5697
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:5717 https://access.redhat.com/errata/RHSA-2023:5717
This issue has been addressed in the following products: RHACS-4.1-RHEL-8 Via RHSA-2023:5851 https://access.redhat.com/errata/RHSA-2023:5851
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:5864 https://access.redhat.com/errata/RHSA-2023:5864
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:5866 https://access.redhat.com/errata/RHSA-2023:5866
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:5865 https://access.redhat.com/errata/RHSA-2023:5865
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:5867 https://access.redhat.com/errata/RHSA-2023:5867
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:5863 https://access.redhat.com/errata/RHSA-2023:5863
This issue has been addressed in the following products: Red Hat Satellite 6.13 for RHEL 8 Via RHSA-2023:5931 https://access.redhat.com/errata/RHSA-2023:5931
This issue has been addressed in the following products: Red Hat OpenStack Platform 16.2 Via RHSA-2023:5935 https://access.redhat.com/errata/RHSA-2023:5935
This issue has been addressed in the following products: Red Hat OpenShift Service Mesh 2.2 for RHEL 8 Via RHSA-2023:5950 https://access.redhat.com/errata/RHSA-2023:5950
This issue has been addressed in the following products: Red Hat OpenShift Service Mesh 2.3 for RHEL 8 Via RHSA-2023:5951 https://access.redhat.com/errata/RHSA-2023:5951
This issue has been addressed in the following products: Red Hat OpenShift Service Mesh 2.4 for RHEL 8 Via RHSA-2023:5952 https://access.redhat.com/errata/RHSA-2023:5952
This issue has been addressed in the following products: RHOL-5.6-RHEL-8 Via RHSA-2023:5541 https://access.redhat.com/errata/RHSA-2023:5541
This issue has been addressed in the following products: RHOL-5.7-RHEL-8 Via RHSA-2023:5530 https://access.redhat.com/errata/RHSA-2023:5530
This issue has been addressed in the following products: Red Hat OpenStack Platform 17.1 Via RHSA-2023:5969 https://access.redhat.com/errata/RHSA-2023:5969
This issue has been addressed in the following products: Red Hat OpenStack Platform 17.1 Via RHSA-2023:5971 https://access.redhat.com/errata/RHSA-2023:5971
This issue has been addressed in the following products: Red Hat OpenStack Platform 17.1 Via RHSA-2023:5970 https://access.redhat.com/errata/RHSA-2023:5970
This issue has been addressed in the following products: Red Hat OpenStack Platform 16.1 Via RHSA-2023:5967 https://access.redhat.com/errata/RHSA-2023:5967
This issue has been addressed in the following products: Red Hat OpenStack Platform 16.2 Via RHSA-2023:5965 https://access.redhat.com/errata/RHSA-2023:5965
This issue has been addressed in the following products: Red Hat OpenStack Platform 16.2 Via RHSA-2023:5964 https://access.redhat.com/errata/RHSA-2023:5964
This issue has been addressed in the following products: NETWORK-OBSERVABILITY-1.4.0-RHEL-9 Via RHSA-2023:5974 https://access.redhat.com/errata/RHSA-2023:5974
This issue has been addressed in the following products: STF-1.5-RHEL-8 Via RHSA-2023:5976 https://access.redhat.com/errata/RHSA-2023:5976
This issue has been addressed in the following products: Red Hat Satellite 6.12 for RHEL 8 Via RHSA-2023:5979 https://access.redhat.com/errata/RHSA-2023:5979
This issue has been addressed in the following products: Red Hat Satellite 6.11 for RHEL 7 Red Hat Satellite 6.11 for RHEL 8 Via RHSA-2023:5980 https://access.redhat.com/errata/RHSA-2023:5980
This issue has been addressed in the following products: Satellite Client 6 for RHEL 6 Satellite Client 6 for RHEL 7 Satellite Client 6 for RHEL 8 Satellite Client 6 for RHEL 9 Via RHSA-2023:5982 https://access.redhat.com/errata/RHSA-2023:5982
This issue has been addressed in the following products: Cryostat 2 on RHEL 8 Via RHSA-2023:6031 https://access.redhat.com/errata/RHSA-2023:6031
(In reply to Nick Boldt from comment #249) > RHEL8 advisory: https://access.redhat.com/errata/RHSA-2023:5721 > > Fixed in package: golang-1.19.13-1.module+el8.8.0+20373+d9cd605c > > New base image rhel8/go-toolset:1.19.13-2 @ > https://catalog.redhat.com/software/containers/rhel8/go-toolset/5b9c810add19c70b45cbd666 I'm the maintainer of golang for EPEL7 which I base on RHEL8, so I looked at this source package in detail. I do not believe that it has a fix for the Important CVE-2023-39325 as claimed. It was fixed upstream only in golang 1.21.3 and 1.20.10 and I do not see the patch backported. Here for example is the commit that backported it to go 1.20.10: https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68
This issue has been addressed in the following products: Node Maintenance Operator 5.0 for RHEL 8 Via RHSA-2023:6039 https://access.redhat.com/errata/RHSA-2023:6039
This issue has been addressed in the following products: Node Maintenance Operator 5.2 for RHEL 8 Via RHSA-2023:6040 https://access.redhat.com/errata/RHSA-2023:6040
This issue has been addressed in the following products: Self Node Remediation 0.7 for RHEL 8 Via RHSA-2023:6041 https://access.redhat.com/errata/RHSA-2023:6041
This issue has been addressed in the following products: Self Node Remediation 0.5 for RHEL 8 Via RHSA-2023:6042 https://access.redhat.com/errata/RHSA-2023:6042
This issue has been addressed in the following products: Cost Management for RHEL 8 Via RHSA-2023:6044 https://access.redhat.com/errata/RHSA-2023:6044
This issue has been addressed in the following products: Red Hat Advanced Cluster Security 4.2 Via RHSA-2023:6048 https://access.redhat.com/errata/RHSA-2023:6048
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:6057 https://access.redhat.com/errata/RHSA-2023:6057
This issue has been addressed in the following products: OpenShift-Pipelines-1.12-RHEL-8 Via RHSA-2023:6059 https://access.redhat.com/errata/RHSA-2023:6059
This issue has been addressed in the following products: OpenShift-Pipelines-1.12-RHEL-8 Via RHSA-2023:6061 https://access.redhat.com/errata/RHSA-2023:6061
This issue has been addressed in the following products: RHACS-4.0-RHEL-8 Via RHSA-2023:6071 https://access.redhat.com/errata/RHSA-2023:6071
This issue has been addressed in the following products: RHOL-5.5-RHEL-8 Via RHSA-2023:5542 https://access.redhat.com/errata/RHSA-2023:5542
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:6077 https://access.redhat.com/errata/RHSA-2023:6077
This issue has been addressed in the following products: RHACS-3.74-RHEL-8 Via RHSA-2023:6084 https://access.redhat.com/errata/RHSA-2023:6084
This issue has been addressed in the following products: Red Hat Openshift distributed tracing 2.9 Via RHSA-2023:6085 https://access.redhat.com/errata/RHSA-2023:6085
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:5895 https://access.redhat.com/errata/RHSA-2023:5895
This issue has been addressed in the following products: OADP-1.1-RHEL-8 Via RHSA-2023:6115 https://access.redhat.com/errata/RHSA-2023:6115
This issue has been addressed in the following products: OADP-1.0-RHEL-8 Via RHSA-2023:6116 https://access.redhat.com/errata/RHSA-2023:6116
This issue has been addressed in the following products: OADP-1.2-RHEL-8 Via RHSA-2023:6118 https://access.redhat.com/errata/RHSA-2023:6118
This issue has been addressed in the following products: multicluster engine for Kubernetes 2.3 for RHEL 8 Via RHSA-2023:6119 https://access.redhat.com/errata/RHSA-2023:6119
This issue has been addressed in the following products: Red Hat Migration Toolkit for Containers 1.8 Via RHSA-2023:6121 https://access.redhat.com/errata/RHSA-2023:6121
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8 Via RHSA-2023:6122 https://access.redhat.com/errata/RHSA-2023:6122
This issue has been addressed in the following products: RODOO-1.0-RHEL-8 Via RHSA-2023:5947 https://access.redhat.com/errata/RHSA-2023:5947
This issue has been addressed in the following products: OSSO-1.1-RHEL-8 Via RHSA-2023:5933 https://access.redhat.com/errata/RHSA-2023:5933
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:6143 https://access.redhat.com/errata/RHSA-2023:6143
This issue has been addressed in the following products: multicluster engine for Kubernetes 2.2 for RHEL 8 Via RHSA-2023:6145 https://access.redhat.com/errata/RHSA-2023:6145
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.7 for RHEL 8 Via RHSA-2023:6148 https://access.redhat.com/errata/RHSA-2023:6148
(In reply to Dave Dykstra from comment #296) > (In reply to Nick Boldt from comment #249) > > RHEL8 advisory: https://access.redhat.com/errata/RHSA-2023:5721 > > > > Fixed in package: golang-1.19.13-1.module+el8.8.0+20373+d9cd605c > > > > New base image rhel8/go-toolset:1.19.13-2 @ > > https://catalog.redhat.com/software/containers/rhel8/go-toolset/5b9c810add19c70b45cbd666 > > I'm the maintainer of golang for EPEL7 which I base on RHEL8, so I looked at > this source package in detail. I do not believe that it has a fix for the > Important CVE-2023-39325 as claimed. It was fixed upstream only in golang > 1.21.3 and 1.20.10 and I do not see the patch backported. Here for example > is the commit that backported it to go 1.20.10: > https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 Well, if you look at https://catalog.redhat.com/software/containers/rhel8/go-toolset/5b9c810add19c70b45cbd666?architecture=amd64&image=652d47582fd993af22f76402 (1.19.13-2) and scroll down to the Advisory link for RHBA-2023:5782 --> https://access.redhat.com/errata/RHBA-2023:5782 That advisory states that it contains these fixes ** BZ - 2242803 - CVE-2023-44487 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) ** BZ - 2243296 - CVE-2023-39325 golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) There have been two CVE fixes since that one as well: * https://access.redhat.com/errata/RHBA-2023:5884 -> https://bugzilla.redhat.com/show_bug.cgi?id=2242803 CVE-2023-44487 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) * https://access.redhat.com/errata/RHBA-2023:6051 -> https://bugzilla.redhat.com/show_bug.cgi?id=2235789 CVE-2023-40217 python: TLS handshake bypass
(In reply to Nick Boldt from comment #330) > (In reply to Dave Dykstra from comment #296) ... > > I'm the maintainer of golang for EPEL7 which I base on RHEL8, so I looked at > > this source package in detail. I do not believe that it has a fix for the > > Important CVE-2023-39325 as claimed. It was fixed upstream only in golang > > 1.21.3 and 1.20.10 and I do not see the patch backported. Here for example > > is the commit that backported it to go 1.20.10: > > https://github.com/golang/go/commit/e175f27f58aa7b9cd4d79607ae65d2cd5baaee68 > > Well, if you look at > https://catalog.redhat.com/software/containers/rhel8/go-toolset/ > 5b9c810add19c70b45cbd666?architecture=amd64&image=652d47582fd993af22f76402 > (1.19.13-2) and scroll down to the Advisory link for RHBA-2023:5782 --> > https://access.redhat.com/errata/RHBA-2023:5782 > > That advisory states that it contains these fixes > > ** BZ - 2242803 - CVE-2023-44487 HTTP/2: Multiple HTTP/2 enabled web servers > are vulnerable to a DDoS attack (Rapid Reset Attack) > ** BZ - 2243296 - CVE-2023-39325 golang: net/http, x/net/http2: rapid stream > resets can cause excessive work (CVE-2023-44487) Ah, now I see that the patch was backported into the second tarball go1.19.13-2-openssl-fips.tar.gz. Very good, I'm sorry for the noise. Dave
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:6156 https://access.redhat.com/errata/RHSA-2023:6156
This issue has been addressed in the following products: Red Hat Migration Toolkit for Containers 1.7 Via RHSA-2023:6161 https://access.redhat.com/errata/RHSA-2023:6161
This issue has been addressed in the following products: Service Interconnect 1 for RHEL 8 Service Interconnect 1 for RHEL 9 Via RHSA-2023:6165 https://access.redhat.com/errata/RHSA-2023:6165
This issue has been addressed in the following products: OpenShift Developer Tools and Services for OCP 4.13 Via RHSA-2023:6179 https://access.redhat.com/errata/RHSA-2023:6179
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:6129 https://access.redhat.com/errata/RHSA-2023:6129
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:6130 https://access.redhat.com/errata/RHSA-2023:6130
This issue has been addressed in the following products: multicluster engine for Kubernetes 2.1 for RHEL 8 Via RHSA-2023:6200 https://access.redhat.com/errata/RHSA-2023:6200
This issue has been addressed in the following products: Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8 Via RHSA-2023:6202 https://access.redhat.com/errata/RHSA-2023:6202
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:5005 https://access.redhat.com/errata/RHSA-2023:5005
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:5006 https://access.redhat.com/errata/RHSA-2023:5006
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:5007 https://access.redhat.com/errata/RHSA-2023:5007
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:5009 https://access.redhat.com/errata/RHSA-2023:5009
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:6217 https://access.redhat.com/errata/RHSA-2023:6217
This issue has been addressed in the following products: Red Hat OpenShift GitOps 1.10 Via RHSA-2023:6220 https://access.redhat.com/errata/RHSA-2023:6220
This issue has been addressed in the following products: OSSO-1.2-RHEL-8 Via RHSA-2023:6154 https://access.redhat.com/errata/RHSA-2023:6154
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:6125 https://access.redhat.com/errata/RHSA-2023:6125
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:6126 https://access.redhat.com/errata/RHSA-2023:6126
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:6233 https://access.redhat.com/errata/RHSA-2023:6233
This issue has been addressed in the following products: RHEL-9-CNV-4.13 Via RHSA-2023:6235 https://access.redhat.com/errata/RHSA-2023:6235
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:6240 https://access.redhat.com/errata/RHSA-2023:6240
This issue has been addressed in the following products: Red Hat OpenShift GitOps 1.10 Via RHSA-2023:6243 https://access.redhat.com/errata/RHSA-2023:6243
This issue has been addressed in the following products: RHEL-8-CNV-4.12 Via RHSA-2023:6248 https://access.redhat.com/errata/RHSA-2023:6248
This issue has been addressed in the following products: RHEL-8-CNV-4.11 Via RHSA-2023:6251 https://access.redhat.com/errata/RHSA-2023:6251
This issue has been addressed in the following products: MTA-6.2-RHEL-9 MTA-6.2-RHEL-8 Via RHSA-2023:6280 https://access.redhat.com/errata/RHSA-2023:6280
This issue has been addressed in the following products: Red Hat OpenShift Serverless 1.30 Via RHSA-2023:6296 https://access.redhat.com/errata/RHSA-2023:6296
This issue has been addressed in the following products: Openshift Serverless 1 on RHEL 8 Via RHSA-2023:6298 https://access.redhat.com/errata/RHSA-2023:6298
This issue has been addressed in the following products: MTA-6.1-RHEL-8 Via RHSA-2023:6305 https://access.redhat.com/errata/RHSA-2023:6305
This issue has been addressed in the following products: OpenShift-Pipelines-1.11-RHEL-8 Via RHSA-2023:6779 https://access.redhat.com/errata/RHSA-2023:6779
This issue has been addressed in the following products: Red Hat OpenShift GitOps 1.8 Via RHSA-2023:6782 https://access.redhat.com/errata/RHSA-2023:6782
This issue has been addressed in the following products: OpenShift-Pipelines-1.11-RHEL-8 Via RHSA-2023:6781 https://access.redhat.com/errata/RHSA-2023:6781
This issue has been addressed in the following products: Node Healthcheck Operator 0.4 for RHEL 8 Via RHSA-2023:6783 https://access.redhat.com/errata/RHSA-2023:6783
This issue has been addressed in the following products: Node Healthcheck Operator 0.6 for RHEL 8 Via RHSA-2023:6784 https://access.redhat.com/errata/RHSA-2023:6784
This issue has been addressed in the following products: Machine Deletion Remediation 0.2 for RHEL 8 Via RHSA-2023:6785 https://access.redhat.com/errata/RHSA-2023:6785
This issue has been addressed in the following products: Fence Agents Remediation 0.2 for RHEL 8 Via RHSA-2023:6786 https://access.redhat.com/errata/RHSA-2023:6786
This issue has been addressed in the following products: NETWORK-OBSERVABILITY-1.4.0-RHEL-9 Via RHSA-2023:6787 https://access.redhat.com/errata/RHSA-2023:6787
This issue has been addressed in the following products: Red Hat OpenShift GitOps 1.8 Via RHSA-2023:6788 https://access.redhat.com/errata/RHSA-2023:6788
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:6256 https://access.redhat.com/errata/RHSA-2023:6256
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:6257 https://access.redhat.com/errata/RHSA-2023:6257
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:6271 https://access.redhat.com/errata/RHSA-2023:6271
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:6275 https://access.redhat.com/errata/RHSA-2023:6275
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:6276 https://access.redhat.com/errata/RHSA-2023:6276
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:6272 https://access.redhat.com/errata/RHSA-2023:6272
This issue has been addressed in the following products: RHEL-9-CNV-4.14 Via RHSA-2023:6817 https://access.redhat.com/errata/RHSA-2023:6817
This issue has been addressed in the following products: Red Hat Satellite 6.14 for RHEL 8 Via RHSA-2023:6818 https://access.redhat.com/errata/RHSA-2023:6818
This issue has been addressed in the following products: RHACS-4.1-RHEL-8 Via RHSA-2023:6828 https://access.redhat.com/errata/RHSA-2023:6828
This issue has been addressed in the following products: RHODF-4.14-RHEL-9 Via RHSA-2023:6832 https://access.redhat.com/errata/RHSA-2023:6832
This issue has been addressed in the following products: Red Hat OpenShift Service Mesh 2.2 for RHEL 8 Via RHSA-2023:7215 https://access.redhat.com/errata/RHSA-2023:7215
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:6845 https://access.redhat.com/errata/RHSA-2023:6845
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:6836 https://access.redhat.com/errata/RHSA-2023:6836
This issue has been addressed in the following products: CERT-MANAGER-1.11-RHEL-9 Via RHSA-2023:6279 https://access.redhat.com/errata/RHSA-2023:6279
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:6846 https://access.redhat.com/errata/RHSA-2023:6846
This issue has been addressed in the following products: CERT-MANAGER-1.12-RHEL-9 Via RHSA-2023:6269 https://access.redhat.com/errata/RHSA-2023:6269
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:6837 https://access.redhat.com/errata/RHSA-2023:6837
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:6840 https://access.redhat.com/errata/RHSA-2023:6840
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:6839 https://access.redhat.com/errata/RHSA-2023:6839
This issue has been addressed in the following products: OpenShift Developer Tools and Services for OCP 4.14 Via RHSA-2023:7288 https://access.redhat.com/errata/RHSA-2023:7288
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:6841 https://access.redhat.com/errata/RHSA-2023:6841
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:6842 https://access.redhat.com/errata/RHSA-2023:6842
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:7342 https://access.redhat.com/errata/RHSA-2023:7342
This issue has been addressed in the following products: Red Hat OpenShift GitOps 1.9 Via RHSA-2023:7344 https://access.redhat.com/errata/RHSA-2023:7344
This issue has been addressed in the following products: Red Hat OpenShift GitOps 1.9 Via RHSA-2023:7345 https://access.redhat.com/errata/RHSA-2023:7345
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:7315 https://access.redhat.com/errata/RHSA-2023:7315
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:7323 https://access.redhat.com/errata/RHSA-2023:7323
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:7322 https://access.redhat.com/errata/RHSA-2023:7322
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Ironic content for Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:7325 https://access.redhat.com/errata/RHSA-2023:7325
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:6893 https://access.redhat.com/errata/RHSA-2023:6893
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:6894 https://access.redhat.com/errata/RHSA-2023:6894
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:7515 https://access.redhat.com/errata/RHSA-2023:7515
This issue has been addressed in the following products: RHEL-9-CNV-4.13 RHEL-7-CNV-4.13 RHEL-8-CNV-4.13 Via RHSA-2023:7521 https://access.redhat.com/errata/RHSA-2023:7521
This issue has been addressed in the following products: RHEL-9-CNV-4.13 Via RHSA-2023:7522 https://access.redhat.com/errata/RHSA-2023:7522
This issue has been addressed in the following products: OADP-1.3-RHEL-9 Via RHSA-2023:7555 https://access.redhat.com/errata/RHSA-2023:7555
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:7474 https://access.redhat.com/errata/RHSA-2023:7474
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:7478 https://access.redhat.com/errata/RHSA-2023:7478
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:7479 https://access.redhat.com/errata/RHSA-2023:7479
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:7475 https://access.redhat.com/errata/RHSA-2023:7475
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:7469 https://access.redhat.com/errata/RHSA-2023:7469
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:7470 https://access.redhat.com/errata/RHSA-2023:7470
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:7599 https://access.redhat.com/errata/RHSA-2023:7599
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:7602 https://access.redhat.com/errata/RHSA-2023:7602
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:7662 https://access.redhat.com/errata/RHSA-2023:7662
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:7604 https://access.redhat.com/errata/RHSA-2023:7604
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:7607 https://access.redhat.com/errata/RHSA-2023:7607
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:7608 https://access.redhat.com/errata/RHSA-2023:7608
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Ironic content for Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:7610 https://access.redhat.com/errata/RHSA-2023:7610
This issue has been addressed in the following products: OpenShift-Pipelines-1.10-RHEL-8 Via RHSA-2023:7699 https://access.redhat.com/errata/RHSA-2023:7699
This issue has been addressed in the following products: OpenShift-Pipelines-1.10-RHEL-8 Via RHSA-2023:7703 https://access.redhat.com/errata/RHSA-2023:7703
This issue has been addressed in the following products: RHEL-9-CNV-4.14 Via RHSA-2023:7704 https://access.redhat.com/errata/RHSA-2023:7704
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:7710 https://access.redhat.com/errata/RHSA-2023:7710
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:7682 https://access.redhat.com/errata/RHSA-2023:7682
This issue has been addressed in the following products: Red Hat Ceph Storage 6.1 Via RHSA-2023:7741 https://access.redhat.com/errata/RHSA-2023:7741
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:7687 https://access.redhat.com/errata/RHSA-2023:7687
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:7690 https://access.redhat.com/errata/RHSA-2023:7690
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2023:7691 https://access.redhat.com/errata/RHSA-2023:7691
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2023:7831 https://access.redhat.com/errata/RHSA-2023:7831
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2023:7827 https://access.redhat.com/errata/RHSA-2023:7827
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2023:7823 https://access.redhat.com/errata/RHSA-2023:7823
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:0050 https://access.redhat.com/errata/RHSA-2024:0050
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2024:0059 https://access.redhat.com/errata/RHSA-2024:0059
This issue has been addressed in the following products: RHEL-8-CNV-4.12 Via RHSA-2024:0273 https://access.redhat.com/errata/RHSA-2024:0273
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2024:0193 https://access.redhat.com/errata/RHSA-2024:0193
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2024:0198 https://access.redhat.com/errata/RHSA-2024:0198
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:0290 https://access.redhat.com/errata/RHSA-2024:0290
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2024:0306 https://access.redhat.com/errata/RHSA-2024:0306
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2024:0485 https://access.redhat.com/errata/RHSA-2024:0485
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2024:0484 https://access.redhat.com/errata/RHSA-2024:0484
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2024:0660 https://access.redhat.com/errata/RHSA-2024:0660
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:0642 https://access.redhat.com/errata/RHSA-2024:0642
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2024:0682 https://access.redhat.com/errata/RHSA-2024:0682
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2024:0664 https://access.redhat.com/errata/RHSA-2024:0664
This issue has been addressed in the following products: OpenShift Developer Tools and Services for OCP 4.14 Via RHSA-2024:0777 https://access.redhat.com/errata/RHSA-2024:0777
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2024:0741 https://access.redhat.com/errata/RHSA-2024:0741
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:0837 https://access.redhat.com/errata/RHSA-2024:0837
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2024:0833 https://access.redhat.com/errata/RHSA-2024:0833
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2024:0954 https://access.redhat.com/errata/RHSA-2024:0954
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2023:7197 https://access.redhat.com/errata/RHSA-2023:7197
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2023:7198 https://access.redhat.com/errata/RHSA-2023:7198
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2023:7201 https://access.redhat.com/errata/RHSA-2023:7201
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2023:7200 https://access.redhat.com/errata/RHSA-2023:7200
This issue has been addressed in the following products: RODOO-1.1-RHEL-9 Via RHSA-2024:0269 https://access.redhat.com/errata/RHSA-2024:0269
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:0941 https://access.redhat.com/errata/RHSA-2024:0941
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2024:0766 https://access.redhat.com/errata/RHSA-2024:0766
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2024:0946 https://access.redhat.com/errata/RHSA-2024:0946
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2024:1052 https://access.redhat.com/errata/RHSA-2024:1052
This issue has been addressed in the following products: KDO-5.0-RHEL-9 Via RHSA-2024:0302 https://access.redhat.com/errata/RHSA-2024:0302
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2024:1037 https://access.redhat.com/errata/RHSA-2024:1037
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:1458 https://access.redhat.com/errata/RHSA-2024:1458
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.13 Via RHSA-2024:1454 https://access.redhat.com/errata/RHSA-2024:1454
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2024:1449 https://access.redhat.com/errata/RHSA-2024:1449
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.11 Via RHSA-2024:1464 https://access.redhat.com/errata/RHSA-2024:1464
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.12 Via RHSA-2024:1572 https://access.redhat.com/errata/RHSA-2024:1572
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.15 Via RHSA-2024:1770 https://access.redhat.com/errata/RHSA-2024:1770
This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.14 Via RHSA-2024:1765 https://access.redhat.com/errata/RHSA-2024:1765