Red Hat Security Advisory: OpenShift Container Platform 4.12.0 packages and security update

CVE-2021-4235 — go-yaml: Denial of Service in go-yaml CVE-2022-1705 — golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-2879 — golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers CVE-2022-2880 — golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters CVE-2022-2995 — cri-o: incorrect handling of the supplementary groups CVE-2022-2996 — python-scciclient: missing server certificate verification CVE-2022-3162 — kubernetes: Unauthorized read of Custom Resources CVE-2022-3172 — kube-apiserver: Aggregated API server can cause clients to be redirected (SSRF) CVE-2022-3259 — OpenShift: Missing HTTP Strict Transport Security CVE-2022-3466 — cri-o: Security regression of CVE-2022-27652 CVE-2022-27664 — golang: net/http: handle server errors after sending GOAWAY CVE-2022-30631 — golang: compress/gzip: stack exhaustion in Reader.Read CVE-2022-32148 — golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working CVE-2022-32189 — golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service CVE-2022-32190 — golang: net/url: JoinPath does not strip relative path components in all circumstances CVE-2022-41715 — golang: regexp/syntax: limit memory used by parsing regexps