RHSA-2021:0146: Moderate: Release of OpenShift Serverless 1.12.0
Red Hat OpenShift Serverless 1.12.0 is a generally available release of theOpenShift Serverless Operator. This version of the OpenShift ServerlessOperator is supported on Red Hat OpenShift Container Platform version 4.6, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section.Security Fix(es): golang: default Content-Type setting in net/http/cgi and net/http/fcgi could cause XSS (CVE-2020-24553) golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362) golang: malicious symbol names can lead to code execution at build time (CVE-2020-28366) golang: improper validation of cgo flags can lead to code execution at build time (CVE-2020-28367) For more details about the security issues and their impact, the CVSSscore, acknowledgements, and other related information, see the CVE pageslisted in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2021:0146?
The severity of RHSA-2021:0146 is primarily categorized based on the specific vulnerabilities it addresses, which have varying impacts.
How do I fix RHSA-2021:0146?
To fix RHSA-2021:0146, you should update to the latest version of the OpenShift Serverless Operator supported on your platform.
What software is affected by RHSA-2021:0146?
RHSA-2021:0146 affects Red Hat OpenShift Serverless 1.12.0 and is supported on Red Hat OpenShift Container Platform version 4.6.
Are there known vulnerabilities associated with RHSA-2021:0146?
Yes, RHSA-2021:0146 addresses specific security vulnerabilities that were identified in prior versions.
When was RHSA-2021:0146 released?
RHSA-2021:0146 was released as a generally available update for Red Hat OpenShift Serverless 1.12.0.