RHSA-2022:0237: Important: Red Hat OpenStack Platform 16.2 (etcd) security update
A highly-available key value store for shared configurationSecurity Fix(es): net/http: limit growth of header canonicalization cache (CVE-2021-44716) net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923) crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)For more details about the security issue(s), including the impact, a CVSSscore, acknowledgments, and other related information, refer to the CVEpage listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2022:0237?
The severity of RHSA-2022:0237 is classified as moderate.
How do I fix RHSA-2022:0237?
To fix RHSA-2022:0237, update etcd to version 3.3.23-7.el8 or later.
What vulnerabilities are addressed in RHSA-2022:0237?
RHSA-2022:0237 addresses vulnerabilities related to HTTP header canonicalization cache and incorrect parsing of extraneous zero characters.
Which packages are affected by RHSA-2022:0237?
The affected packages include etcd, etcd-debuginfo, and etcd-debugsource up to version 3.3.23-7.el8.
Is a restart required after applying the fix for RHSA-2022:0237?
Yes, a restart of the etcd service is recommended after applying the fix for RHSA-2022:0237.