[RHSA-2023:5174-01] Moderate: Red Hat OpenShift Service Mesh Containers for 2.4.3 security update
Red Hat Security Advisory
Synopsis: Moderate: Red Hat OpenShift Service Mesh Containers for 2.4.3 security update
Advisory ID: RHSA-2023:5174-01
Product: Red Hat OpenShift Service Mesh
Advisory URL: https://access.redhat.com/errata/RHSA-2023:5174
Issue date: 2023-09-14
CVE Names: CVE-2016-3709 CVE-2023-2602 CVE-2023-2603
CVE-2023-2828 CVE-2023-3899 CVE-2023-27536
CVE-2023-28321 CVE-2023-28484 CVE-2023-29469
CVE-2023-32681 CVE-2023-34969 CVE-2023-35942
Red Hat OpenShift Service Mesh Containers for 2.4.3
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio
service mesh project, tailored for installation into an on-premise
OpenShift Container Platform installation.
This advisory covers container images for the release.
* envoy: gRPC access log crash caused by the listener draining
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
4. Bugs fixed ( https://bugzilla.redhat.com/):
2217978 - CVE-2023-35942 envoy: gRPC access log crash caused by the listener draining
5. JIRA issues fixed ( https://issues.redhat.com/):
OSSM-1182 - Deliver ARM images for OSSM Operator for Developer Preview
OSSM-3508 - Ensure Cluster Ingress Operator can create cluster-wide SMCP
OSSM-3979 - Implement envoyExtAuthzGrpc extension provider
OSSM-4247 - Service details of ServiceEntry fails
OSSM-4461 - Add FIPS annotation setting to kiali operator metadata
OSSM-4491 - Add missing configuration options to meshConfig.extensionProviders.envoyExtAuthzHttp
OSSM-4559 - Panic in conversion of extensionProviders.envoyExtAuthzHttp
OSSM-4627 - Add option to disable the GatewayClass controller
OSSM-4705 - Removing subset in config - Fails to save
The Red Hat security contact is [firstname.lastname@example.org]. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
A Red Hat OpenShift Service Mesh Containers for 2.4.3 security update has been released.