(RHSA-2024:0045) Important: OpenShift Container Platform 4.16.0 security update

Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.16.0. See the following advisory for the container images for
this release:

https://access.redhat.com/errata/RHSA-2024:0041

Security Fix(es):

• dnspython: denial of service in stub resolver (CVE-2023-29483)
• golang: net/http/cookiejar: incorrect forwarding of sensitive headers and
  cookies on HTTP redirect (CVE-2023-45289)
• golang: net/http: memory exhaustion in Request.ParseMultipartForm
  (CVE-2023-45290)
• containers/image: digest type does not guarantee valid type
  (CVE-2024-3727)
• golang: crypto/x509: Verify panics on certificates with an unknown public
  key algorithm (CVE-2024-24783)
• golang: net/mail: comments in display names are incorrectly handled
  (CVE-2024-24784)
• golang: html/template: errors returned from MarshalJSON methods may break
  template escaping (CVE-2024-24785)
• golang-protobuf: encoding/protojson, internal/encoding/json: infinite
  loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON
  (CVE-2024-24786)
• jose: resource exhaustion (CVE-2024-28176)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

All OpenShift Container Platform 4.16 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift CLI (oc)
or web console. Instructions for upgrading a cluster are available at
https://docs.openshift.com/container-platform/4.16/updating/updating_a_cluster/updating-cluster-cli.html