RHSA-2021:3555: Moderate: Release of OpenShift Serverless Client kn 1.17.0
Red Hat OpenShift Serverless Client kn 1.17.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.17.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms.Security Fix(es): serverless: incomplete fix for CVE-2021-27918 / CVE-2021-31525 / CVE-2021-33196 (CVE-2021-3703) golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558) golang: net: lookup functions may return invalid host names (CVE-2021-33195) golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197) golang: match/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198) For more details about the security issue(s), including the impact, a CVSSscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2021:3555?
The severity of RHSA-2021:3555 is classified as moderate.
How do I fix RHSA-2021:3555?
To fix RHSA-2021:3555, update the openshift-serverless-clients package to version 0.23.2-1.el8.
What software is affected by RHSA-2021:3555?
RHSA-2021:3555 affects the openshift-serverless-clients package versions up to 0.23.2-1.el8.
When was RHSA-2021:3555 released?
RHSA-2021:3555 was released on December 7, 2021.
What does RHSA-2021:3555 address?
RHSA-2021:3555 addresses a security vulnerability in the Red Hat OpenShift Serverless Client.