RHSA-2022:6290: Moderate: OpenShift API for Data Protection (OADP) 1.1.0 security and bug fix update
OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.Security Fix(es) from Bugzilla: golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631) prometheus/clientgolang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698) golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675) golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327) golang: crypto/tls: session tickets lack random ticketageadd (CVE-2022-30629) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2022:6290?
The severity of RHSA-2022:6290 is classified as important.
How do I fix RHSA-2022:6290?
To fix RHSA-2022:6290, you should apply the available security update for OpenShift API for Data Protection.
What vulnerabilities does RHSA-2022:6290 address?
RHSA-2022:6290 addresses vulnerabilities related to the OpenShift API for Data Protection that could impact data backup and restore processes.
Who is affected by RHSA-2022:6290?
RHSA-2022:6290 affects users of OpenShift API for Data Protection (OADP) that rely on backup and restore functionalities.
What is the primary focus of RHSA-2022:6290?
The primary focus of RHSA-2022:6290 is to enhance security for backup and restore operations of application resources and persistent volumes.