Red Hat Security Advisory: OpenShift Container Platform 4.17.54 bug fix and security update

CVE-2025-61662 — grub2: Missing unregister call for gettext command may lead to use-after-free CVE-2026-3497 — openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables CVE-2026-4111 — libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive CVE-2026-4424 — libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing CVE-2026-5121 — libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing CVE-2026-25646 — libpng: LIBPNG has a heap buffer overflow in png_set_quantize CVE-2026-25749 — vim: Vim: Arbitrary code execution via 'helpfile' option processing CVE-2026-27135 — nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination CVE-2026-28417 — vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28421 — vim: Vim: Denial of service and information disclosure via crafted swap file CVE-2026-33412 — vim: Vim: Arbitrary code execution via command injection in glob() function