—–BEGIN PGP SIGNED MESSAGE—–
\nHash: SHA256<\/p>\n
=====================================================================
\nRed Hat Security Advisory<\/p>\n
Synopsis: Moderate: OpenShift Virtualization 4.10.2 Images security and bug fix update
\nAdvisory ID: RHSA-2022:5026-01
\nProduct: cnv
\nAdvisory URL: https:\/\/access.redhat.com\/errata\/RHSA-2022:5026
\nIssue date: 2022-06-14
\nCVE Names: CVE-2018-25032 CVE-2022-1271 CVE-2022-21698
\n=====================================================================<\/p>\n
1. Summary:<\/p>\n
Red Hat OpenShift Virtualization release 4.10.2 is now available with
\nupdates to packages and images that fix several bugs and add enhancements.<\/p>\n
Red Hat Product Security has rated this update as having a security impact
\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
\ngives a detailed severity rating, is available for each vulnerability from
\nthe CVE link(s) in the References section.<\/p>\n
2. Description:<\/p>\n
This advisory contains the following OpenShift Virtualization 4.10.2
\nimages:<\/p>\n
RHEL-8-CNV-4.10
\n===============<\/p>\n
virt-artifacts-server-container-v4.10.2-1
\nkubevirt-template-validator-container-v4.10.2-1
\nvirtio-win-container-v4.10.2-1
\nnode-maintenance-operator-container-v4.10.2-1
\nhostpath-provisioner-operator-container-v4.10.2-1
\nvirt-handler-container-v4.10.2-1
\nlibguestfs-tools-container-v4.10.2-1
\nhostpath-csi-driver-container-v4.10.2-1
\nvirt-operator-container-v4.10.2-1
\nvirt-launcher-container-v4.10.2-1
\nhostpath-provisioner-container-v4.10.2-1
\nvirt-api-container-v4.10.2-1
\nvirt-controller-container-v4.10.2-1
\ncnv-must-gather-container-v4.10.2-2
\nkubernetes-nmstate-handler-container-v4.10.2-3
\nbridge-marker-container-v4.10.2-3
\nvirt-cdi-uploadproxy-container-v4.10.2-3
\nvirt-cdi-uploadserver-container-v4.10.2-3
\novs-cni-marker-container-v4.10.2-3
\nvirt-cdi-operator-container-v4.10.2-3
\novs-cni-plugin-container-v4.10.2-3
\nkubemacpool-container-v4.10.2-3
\nvirt-cdi-controller-container-v4.10.2-3
\nkubevirt-ssp-operator-container-v4.10.2-4
\ncnv-containernetworking-plugins-container-v4.10.2-3
\ncluster-network-addons-operator-container-v4.10.2-3
\nvirt-cdi-apiserver-container-v4.10.2-3
\nhyperconverged-cluster-operator-container-v4.10.2-2
\nhyperconverged-cluster-webhook-container-v4.10.2-2
\nvirt-cdi-cloner-container-v4.10.2-3
\nvirt-cdi-importer-container-v4.10.2-3
\nhco-bundle-registry-container-v4.10.2-10<\/p>\n
Security Fix(es):<\/p>\n
* prometheus\/client_golang: Denial of service using
\nInstrumentHandlerCounter (CVE-2022-21698)<\/p>\n
For more details about the security issue(s), including the impact, a CVSS
\nscore, acknowledgments, and other related information, refer to the CVE
\npage(s) listed in the References section.<\/p>\n
3. Solution:<\/p>\n
For details on how to apply this update, which includes the changes
\ndescribed in this advisory, refer to:<\/p>\n
https:\/\/access.redhat.com\/articles\/11258<\/p>\n
4. Bugs fixed (https:\/\/bugzilla.redhat.com\/):<\/p>\n
2016290 – [Warm] Warm Migration Fails and reporting ambiguous status.
\n2033346 – [cnv-4.10] Add vm name label to virt-launcher pods
\n2037605 – Openshift Virtualization alert 50% of the hyperconverged-cluster-operator-metrics\/hyperconverged-cluster-operator-metrics targets in openshift-cnv namespace have been unreachable for more than 15 minutes on port 8686
\n2045880 – CVE-2022-21698 prometheus\/client_golang: Denial of service using InstrumentHandlerCounter
\n2074384 – SAP HANA template – template should be moved to https:\/\/github.com\/RHsyseng\/cnv-supplemental-templates
\n2080453 – [4.10.z] cluster-network-addons-operator deployment’s MULTUS_IMAGE is pointing to brew image
\n2080918 – Upgrade CNV from 4.10.1 to 4.11 should be blocked if CNV k8s-nmstate is still installed
\n2083594 – virtctl guestfs incorrectly assumes image name
\n2085459 – smartclone-controller not started and cloned DataVolumes stuck in SnapshotForSmartCloneInProgress
\n2086114 – HCO is taking more than 12 minutes to reconcile consolequickstart connect-ext-net-to-vm and customize-a-boot-source
\n2086541 – NMO CSV dependency to CNV is failing
\n2088476 – [4.10.z] VMSnapshot restore fails to provision volume with size mismatch error
\n2088622 – 4.10.2 containers
\n2089637 – CNAO is blocking upgrade to 4.11 despite standalone nmstate operator is installed
\n2089658 – SSP Reconcile logging improvement when CR resources are changed
\n2089661 – [CNV-4.10] HCO Being Unable to Reconcile State<\/p>\n
5. References:<\/p>\n
https:\/\/access.redhat.com\/security\/cve\/CVE-2018-25032
\nhttps:\/\/access.redhat.com\/security\/cve\/CVE-2022-1271
\nhttps:\/\/access.redhat.com\/security\/cve\/CVE-2022-21698
\nhttps:\/\/access.redhat.com\/security\/updates\/classification\/#moderate<\/p>\n
6. Contact:<\/p>\n
The Red Hat security contact is <secalert@redhat.com>. More contact
\ndetails at https:\/\/access.redhat.com\/security\/team\/contact\/<\/p>\n
Copyright 2022 Red Hat, Inc.
\n—–BEGIN PGP SIGNATURE—–
\nVersion: GnuPG v1<\/p>\n
iQIVAwUBYqkgw9zjgjWX9erEAQgx+Q\/8D2hk89x\/JBZwDsyIG\/MKZv4CSdKzpdEv
\nhXrzpPanW2er9kpYXXFtzIXTpE72UHhbcDvDypyYWPTFaf7b1Lh8Xnk2\/3EJMBym
\nwoyeAngh7a8R7bYNQaokpNVUPTk3IifQkh3ZfRQn5O5GRP2sIZe1eOAc5OX05\/\/R
\nVzjfKv5KEJlbW\/9EYlmXhQUUirhRsAmKKakRWtMxAMjepatjvR1kuJVn6GWBRlWj
\nHOKi8oku30sk3SPWs3oBQ4tzPa2eJu9xAohO5wi16WlCcUj8T4V8yQiO5Ej2gEbY
\n0jxYZ1KERyLGxOOP5Pfx1ZkcxmOydvRPxAfqqU7tKoiZPRrOropKJwXpQMGDXxnJ
\nTnHPP0Y7KaoI8ybC45nY4pYpPimxRl4+o0hzoIEomOdCFpg+e1aNj2sQE\/IzUYAT
\nnn6b9n5gm3tKNGbgaQu3P+HA2BVIEmZnCGMOknD0ji3yLiVBObri+mSr0TgaQrNt
\nvvIsBdfbDfOOI6ZFhl55fAowj0o8UATfBDbh0G\/eO5fQ3g3f1Ydk1\/jleOaQwZ1U
\nusNYXKD2hbfq0Hq4GaI+a\/4ZGFSJ1eRUFSdUtWHvX69DBtrDAj4ivCv6AX5jAoWL
\nB66g76\/nyTqxVT6frlTh2BT5ZC4T8DoICLB+HLlmXSu9sk4fLGGGCkaqq\/wTagfE
\nKAa582gklnA=
\n=C1sU
\n—–END PGP SIGNATURE—–
\n—
\nRHSA-announce mailing list
\nRHSA-announce@redhat.com
\nhttps:\/\/listman.redhat.com\/mailman\/listinfo\/rhsa-announce<\/p>\n","protected":false},"excerpt":{"rendered":"
—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Virtualization 4.10.2 Images security and bug fix update Advisory ID: RHSA-2022:5026-01 Product: cnv Advisory URL: https:\/\/access.redhat.com\/errata\/RHSA-2022:5026 Issue date: 2022-06-14 CVE Names: CVE-2018-25032 CVE-2022-1271 CVE-2022-21698 ===================================================================== 1. Summary: Red Hat OpenShift Virtualization release 4.10.2 is now available with updates to packages and …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-25921","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/25921","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=25921"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/25921\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=25921"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=25921"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=25921"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}