RedHatRHSA-2023:3445(RHSA-2023:3445) Important: Red Hat OpenStack Platform 16.2 (etcd) security update
0.024 Low
EPSS
Percentile
90.0%
A highly-available key value store for shared configuration
Security Fix(es):
-
Information discosure via debug function (CVE-2021-28235)
-
html/template: improper handling of JavaScript whitespace
(CVE-2023-24540) -
golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding
(CVE-2022-41723) -
crypto/tls: large handshake records may cause panics (CVE-2022-41724)
-
net/http mime/multipart: denial of service from excessive resource
consumption (CVE-2022-41725) -
net/http net/textproto: denial of service from excessive memory
allocation (CVE-2023-24534) -
net/http net/textproto mime/multipart: denial of service from excessive
resource consumption (CVE-2023-24536) -
go/parser: Infinite loop in parsing (CVE-2023-24537)
-
html/template: backticks not treated as string delimiters
(CVE-2023-24538) -
html/template: improper sanitization of CSS values (CVE-2023-24539)
-
html/template: improper handling of empty HTML attributes
(CVE-2023-29400)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | x86_64 | etcd-debuginfo | < 3.3.23-14.el8ost | etcd-debuginfo-3.3.23-14.el8ost.x86_64.rpm |
| RedHat | 8 | ppc64le | etcd-debugsource | < 3.3.23-14.el8ost | etcd-debugsource-3.3.23-14.el8ost.ppc64le.rpm |
| RedHat | 8 | x86_64 | etcd-debugsource | < 3.3.23-14.el8ost | etcd-debugsource-3.3.23-14.el8ost.x86_64.rpm |
| RedHat | 8 | x86_64 | etcd | < 3.3.23-14.el8ost | etcd-3.3.23-14.el8ost.x86_64.rpm |
| RedHat | 8 | ppc64le | etcd-debuginfo | < 3.3.23-14.el8ost | etcd-debuginfo-3.3.23-14.el8ost.ppc64le.rpm |
| RedHat | 8 | ppc64le | etcd | < 3.3.23-14.el8ost | etcd-3.3.23-14.el8ost.ppc64le.rpm |
Related
