Red Hat Security Advisory: OpenShift Container Platform 4.14.0 security update

CVE-2022-27664 — golang: net/http: handle server errors after sending GOAWAY CVE-2023-2727 — kube-apiserver: Bypassing policies imposed by the ImagePolicyWebhook admission plugin CVE-2023-2728 — kube-apiserver: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin CVE-2023-3089 — openshift: OCP & FIPS mode CVE-2023-3153 — ovn: service monitor MAC flow is not rate limited CVE-2023-3978 — golang.org/x/net/html: Cross site scripting CVE-2023-29409 — golang: crypto/tls: slow verification of certificate chains containing large RSA keys CVE-2023-29824 — scipy: use-after-free in Py_FindObjects() function CVE-2023-37788 — goproxy: Denial of service (DoS) via unspecified vectors. CVE-2023-39318 — golang: html/template: improper handling of HTML-like comments within script contexts CVE-2023-39319 — golang: html/template: improper handling of special tags within script contexts CVE-2023-39321 — golang: crypto/tls: panic when processing post-handshake message on QUIC connections CVE-2023-39322 — golang: crypto/tls: lack of a limit on buffered post-handshake CVE-2023-39325 — golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) CVE-2023-44487 — HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)