Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2022:1372
HistoryApr 13, 2022 - 6:44 p.m.

(RHSA-2022:1372) Important: Red Hat OpenShift Data Foundation 4.10.0 enhancement, security & bug fix update

2022-04-1318:44:45
access.redhat.com
53

0.007 Low

EPSS

Percentile

80.5%

JSON

Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.

Security Fix(es):

  • golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)
  • golang: syscall: don’t close fd 0 on ForkExec error (CVE-2021-44717)
  • golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)
  • golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)
  • golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
  • golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)

Bug Fix(es):
These updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:

https://access.redhat.com//documentation/en-us/red_hat_openshift_data_foundation/4.10/html/4.10_release_notes/index

All Red Hat OpenShift Data Foundation users are advised to upgrade to these updated packages, which provide numerous bug fixes and enhancements.

or more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information refer to the CVE
page(s) listed in the References section.

Related

redhat 16
nessus 53
openvas 31
altlinux 2
osv 13
oraclelinux 2
fedora 5
almalinux 1
suse 7
freebsd 3
ibm 24
mageia 2
rocky 2
debian 2
photon 3
veracode 3
gitlab 2
prion 3
cgr 1
ubuntucve 2
alpinelinux 4
nvd 3
redhatcve 3
wolfi 1
debiancve 2
cbl_mariner 2
githubexploit 1
cnvd 1
cve 3
cvelist 2
redhat
redhat
(RHSA-2022:1361) Important: Red Hat OpenShift Data Foundation 4.10.0 RPM security,enhancement&bugfix update
2022-04-13 15:16:03
(RHSA-2022:0557) Moderate: OpenShift Container Platform 4.9.22 security update
2022-02-23 12:29:19
(RHSA-2022:0237) Important: Red Hat OpenStack Platform 16.2 (etcd) security update
2022-01-24 13:44:14
nessus
nessus
RHEL 8 : Red Hat OpenShift Data Foundation 4.10.0 RPM (RHSA-2022:1361)
2024-04-28 00:00:00
RHEL 7 / 8 : OpenShift Container Platform 4.9.22 (RHSA-2022:0557)
2022-02-23 00:00:00
RHEL 8 : Red Hat OpenStack Platform 16.1 (etcd) (RHSA-2022:0260)
2022-01-26 00:00:00
openvas
openvas
Fedora: Security Advisory for golang (FEDORA-2021-6fdc5ea304)
2022-01-01 00:00:00
openSUSE: Security Advisory for go1.17 (openSUSE-SU-2021:4186-1)
2022-02-08 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-1506)
2022-04-20 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package golang version 1.17.5-alt1
2021-12-09 00:00:00
Security fix for the ALT Linux 9 package golang version 1.15.15-alt1
2021-08-11 00:00:00
osv
osv
Important: go-toolset:rhel8 security and bug fix update
2021-12-15 16:11:05
Important: go-toolset:rhel8 security and bug fix update
2021-12-15 16:11:05
golang-1.7 - security update
2022-01-21 00:00:00
oraclelinux
oraclelinux
go-toolset:ol8 security and bug fix update
2021-12-16 00:00:00
go-toolset:ol8 security update
2021-09-22 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: golang-1.16.12-1.fc34
2021-12-30 01:43:52
[SECURITY] Fedora 35 Update: golang-1.16.12-1.fc35
2021-12-30 01:19:52
[SECURITY] Fedora 34 Update: golang-1.16.6-1.fc34
2021-07-28 01:24:52
almalinux
almalinux
Important: go-toolset:rhel8 security and bug fix update
2021-12-15 16:11:05
suse
suse
Security update for go1.17 (moderate)
2021-12-23 00:00:00
Security update for go1.16 (moderate)
2021-12-26 00:00:00
Security update for go1.16 (moderate)
2021-12-23 00:00:00
freebsd
freebsd
go -- multiple vulnerabilities
2021-12-08 00:00:00
go -- crypto/tls: clients can panic when provided a certificate of the wrong type for the negotiated parameters
2021-07-07 00:00:00
go -- net/http: panic due to racy read of persistConn after handler panic
2021-06-21 00:00:00
ibm
ibm
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Golang (CVE-2021-44716, CVE-2021-44717)
2022-04-22 20:46:15
Security Bulletin: IBM DataPower Gateway Operand affected by vulnerabilities in Go (CVE-2021-44716, CVE-2021-44717)
2022-05-23 19:55:40
Security Bulletin: Vulnerabilities in IBM Java Runtime and Golang Go affect IBM Spectrum Protect Server (CVE-2021-35578, CVE-2021-44716, CVE-2021-44717)
2022-03-16 02:27:54
mageia
mageia
Updated golang packages fix security vulnerability
2021-12-26 03:14:13
Updated golang packages fix security vulnerability
2021-09-04 20:01:38
rocky
rocky
go-toolset:rhel8 security and bug fix update
2021-12-15 16:11:05
go-toolset:rhel8 security update
2021-09-21 07:12:48
debian
debian
[SECURITY] [DLA 2891-1] golang-1.8 security update
2022-01-21 22:02:40
[SECURITY] [DLA 2892-1] golang-1.7 security update
2022-01-21 22:02:47
photon
photon
Important Photon OS Security Update - PHSA-2021-0294
2021-09-02 00:00:00
Important Photon OS Security Update - PHSA-2021-3.0-0294
2021-09-02 00:00:00
Critical Photon OS Security Update - PHSA-2021-0130
2021-11-29 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-04-13 00:42:00
Invalid I/O Calculation
2021-12-14 20:52:34
Privilege Escalation
2021-08-10 06:24:31
gitlab
gitlab
x/crypto/ssh vulnerable to panic via SSH server
2022-09-07 00:00:00
x/crypto/ssh vulnerable to panic via SSH server
2022-09-07 00:00:00
prion
prion
Code injection
2022-09-06 18:15:00
Code injection
2022-01-01 05:15:00
Improper access control
2021-08-07 17:15:00
cgr
cgr
CVE-2021-43565 vulnerabilities
2024-05-19 03:07:16
ubuntucve
ubuntucve
CVE-2021-29923
2021-08-07 00:00:00
CVE-2021-44717
2022-01-01 00:00:00
alpinelinux
alpinelinux
CVE-2021-44717
2022-01-01 05:15:08
CVE-2021-34558
2021-07-15 14:15:19
CVE-2021-29923
2021-08-07 17:15:07
nvd
nvd
CVE-2021-43565
2022-09-06 18:15:10
CVE-2021-44717
2022-01-01 05:15:08
CVE-2021-29923
2021-08-07 17:15:07
redhatcve
redhatcve
CVE-2021-43565
2022-04-30 13:10:01
CVE-2021-29923
2022-05-07 13:54:34
CVE-2021-44717
2022-05-07 14:09:50
wolfi
wolfi
CVE-2021-43565 vulnerabilities
2024-06-29 09:08:33
debiancve
debiancve
CVE-2021-44717
2022-01-01 05:15:08
CVE-2021-29923
2021-08-07 17:15:07
cbl_mariner
cbl_mariner
CVE-2021-34558 affecting package golang 1.15.13-1
2021-09-09 15:03:05
CVE-2021-29923 affecting package golang 1.16.15-2
2021-09-09 15:03:05
githubexploit
githubexploit
Exploit for Improper Certificate Validation in Golang Go
2021-07-13 06:15:21
cnvd
cnvd
Google Golang Trust Management Issue Vulnerability
2021-07-19 00:00:00
cve
cve
CVE-2021-34558
2021-07-15 14:15:19
CVE-2021-44717
2022-01-01 05:15:08
CVE-2021-29923
2021-08-07 17:15:07
cvelist
cvelist
CVE-2021-29923
2021-08-07 16:38:59
CVE-2021-44717
2022-01-01 00:00:00

0.007 Low

EPSS

Percentile

80.5%

JSON
Related for RHSA-2022:1372
redhat16nessus53openvas31altlinux2osv13oraclelinux2fedora5almalinux1suse7freebsd3ibm24mageia2rocky2debian2photon3veracode3gitlab2prion3cgr1ubuntucve2alpinelinux4nvd3redhatcve3wolfi1debiancve2cbl_mariner2githubexploit1cnvd1cve3cvelist2