The etcd package distributed with Red Hat OpenStack platform has been identified to have an incomplete fix for CVE-2021-44716. This happens because the etcd package in Red Hat OpenStack platform is using the http://golang.org/x/net/http2 instead the one provided by the Red Hat Enterprise linux versions, meaning it should be updated at compile time instead
This issue has been addressed in the following products: Red Hat OpenStack Platform 16.2 Via RHSA-2024:3352 https://access.redhat.com/errata/RHSA-2024:3352
This issue has been addressed in the following products: Red Hat OpenStack Platform 16.1 Via RHSA-2024:3467 https://access.redhat.com/errata/RHSA-2024:3467