Issued:: 2020-11-18
Updated:: 2020-11-18

RHSA-2020:5149 - Moderate: Release of OpenShift Serverless 1.11.0

Synopsis

Moderate: Release of OpenShift Serverless 1.11.0

Type/Severity

Security Advisory Moderate

Topic

Release of OpenShift Serverless 1.11.0

Description

Red Hat OpenShift Serverless 1.11.0 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.6.

Security Fix(es):

golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.

Solution

See the documentation at: This content is not included.https://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless_applications/index

Affected Products

Product	Version	Arch
Red Hat Openshift Serverless	1	x86_64

Fixes

CVEs

CVE-2018-20843
CVE-2019-1551
CVE-2019-5018
CVE-2019-13050
CVE-2019-13627
CVE-2019-14889
CVE-2019-15903
CVE-2019-16168
CVE-2019-16935
CVE-2019-19221
CVE-2019-19906
CVE-2019-19956
CVE-2019-20218
CVE-2019-20387
CVE-2019-20388
CVE-2019-20454
CVE-2019-20907
CVE-2019-20916
CVE-2020-1730
CVE-2020-1751
CVE-2020-1752
CVE-2020-6405
CVE-2020-7595
CVE-2020-8177
CVE-2020-8492
CVE-2020-9327
CVE-2020-10029
CVE-2020-13630
CVE-2020-13631
CVE-2020-13632
CVE-2020-14040
CVE-2020-14422

References

Additional information

The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.