RHSA-2023:4488MediumCVSS 7.5
Red Hat Security Advisory: Red Hat OpenShift support for Windows Containers 6.0.1[security update]
🔗 CVE IDs covered (3)
📋 Description
CVE-2022-27191 — golang: crash in a golang.org/x/crypto/ssh server CVE-2022-30629 — golang: crypto/tls: session tickets lack random ticket_age_add CVE-2023-25173 — containerd: Supplementary groups are not set up properly
🔗 References (16)
- selfhttps://access.redhat.com/errata/RHSA-2023:4488
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2064702
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2092793
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2174485
- externalhttps://issues.redhat.com/browse/OCPBUGS-10418
- externalhttps://issues.redhat.com/browse/OCPBUGS-11831
- externalhttps://issues.redhat.com/browse/OCPBUGS-15435
- externalhttps://issues.redhat.com/browse/OCPBUGS-3572
- externalhttps://issues.redhat.com/browse/OCPBUGS-4247
- externalhttps://issues.redhat.com/browse/OCPBUGS-5894
- externalhttps://issues.redhat.com/browse/OCPBUGS-7726
- externalhttps://issues.redhat.com/browse/OCPBUGS-8055
- externalhttps://issues.redhat.com/browse/WINC-818
- externalhttps://issues.redhat.com/browse/WINC-823
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4488.json