RedHat: RHSA-2021-4725:03 Moderate: OpenShift Virtualization 2.6.8 Images
Summary
OpenShift Virtualization is Red Hat's virtualization solution designed for
Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization 2.6.8 images:
RHEL-8-CNV-2.6
=============kubevirt-v2v-conversion-container-v2.6.8-1
hyperconverged-cluster-webhook-container-v2.6.8-1
vm-import-controller-container-v2.6.8-1
kubevirt-cpu-model-nfd-plugin-container-v2.6.8-2
vm-import-operator-container-v2.6.8-1
kubevirt-cpu-node-labeller-container-v2.6.8-1
kubevirt-ssp-operator-container-v2.6.8-1
kubemacpool-container-v2.6.8-1
cluster-network-addons-operator-container-v2.6.8-1
virt-cdi-cloner-container-v2.6.8-1
virt-cdi-uploadproxy-container-v2.6.8-1
kubernetes-nmstate-handler-container-v2.6.8-1
ovs-cni-plugin-container-v2.6.8-1
ovs-cni-marker-container-v2.6.8-1
hostpath-provisioner-operator-container-v2.6.8-1
kubevirt-vmware-container-v2.6.8-2
kubevirt-template-validator-container-v2.6.8-2
kubevirt-kvm-info-nfd-plugin-container-v2.6.8-1
node-maintenance-operator-container-v2.6.8-1
vm-import-virtv2v-container-v2.6.8-1
hostpath-provisioner-container-v2.6.8-1
virt-cdi-uploadserver-container-v2.6.8-1
cnv-containernetworking-plugins-container-v2.6.8-1
virtio-win-container-v2.6.8-2
virt-cdi-controller-container-v2.6.8-1
virt-cdi-importer-container-v2.6.8-1
virt-cdi-apiserver-container-v2.6.8-1
virt-cdi-operator-container-v2.6.8-1
bridge-marker-container-v2.6.8-1
hyperconverged-cluster-operator-container-v2.6.8-1
cnv-must-gather-container-v2.6.8-5
virt-launcher-container-v2.6.8-5
virt-operator-container-v2.6.8-5
virt-api-container-v2.6.8-5
virt-controller-container-v2.6.8-5
virt-handler-container-v2.6.8-5
hco-bundle-registry-container-v2.6.8-23
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the
beginning of an IP address octet (CVE-2021-29923)
* golang: crypto/tls: certificate of wrong type is causing TLS client to
panic (CVE-2021-34558)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Summary
Solution
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
References
https://access.redhat.com/security/cve/CVE-2020-25648 https://access.redhat.com/security/cve/CVE-2021-3653 https://access.redhat.com/security/cve/CVE-2021-3733 https://access.redhat.com/security/cve/CVE-2021-22922 https://access.redhat.com/security/cve/CVE-2021-22923 https://access.redhat.com/security/cve/CVE-2021-22924 https://access.redhat.com/security/cve/CVE-2021-29923 https://access.redhat.com/security/cve/CVE-2021-34558 https://access.redhat.com/security/cve/CVE-2021-36222 https://access.redhat.com/security/cve/CVE-2021-37750 https://access.redhat.com/security/updates/classification/#moderate
Package List
Topic
Red Hat OpenShift Virtualization release 2.6.8 is now available withupdates to packages and images that fix several bugs and add enhancements.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.
Topic
Relevant Releases Architectures
Bugs Fixed
1983596 - CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic
1992006 - CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet
1998844 - virt-handler Pod is missing xorrisofs command
2008522 - "unable to execute QEMU agent command 'guest-get-users'" logs in virt-launcher pod every 10 seconds
2010334 - VM is not able to be migrated after failed migration
2012328 - 2.6.8 containers2013494 - [CNV-2.6.8] VMI is in LiveMigrate loop when Upgrading Cluster from 2.6.7/4.7.32 to OCP 4.8.13