Uploaded image for project: 'OpenShift API for Data Protection'
  1. OpenShift API for Data Protection
  2. OADP-4439

[DOCS] Release Notes 1.3.3

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • False
    • ToDo
    • Hide
      OADP-3723 ON_QA wnstb
      OADP 1.3.3 CVE-2023-45288 oadp-operator-container: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS [oadp-1.3]   [ Actions https://issues.redhat.com/rest/api/1.0/issues/15876775/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
      OADP-4000 ON_QA rjohnson@redhat.com
      OADP 1.3.3 CVE-2024-24788 oadp-velero-container: golang: net: malformed DNS message can cause infinite loop [oadp-1]   [ Actions https://issues.redhat.com/rest/api/1.0/issues/15993097/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
      OADP-4329 ON_QA rjohnson@redhat.com
      OADP 1.3.3 CVE-2024-24789 oadp-velero-container: golang: archive/zip: Incorrect handling of certain ZIP files [oadp-1]   [ Actions https://issues.redhat.com/rest/api/1.0/issues/16078316/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
      OADP-4327 ON_QA rjohnson@redhat.com
      OADP 1.3.3 CVE-2024-24789 oadp-mustgather-container: golang: archive/zip: Incorrect handling of certain ZIP files [oadp-1]   [ Actions https://issues.redhat.com/rest/api/1.0/issues/16078314/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
      OADP-4328 ON_QA rjohnson@redhat.com
      OADP 1.3.3 CVE-2024-24789 oadp-operator-container: golang: archive/zip: Incorrect handling of certain ZIP files [oadp-1]   [ Actions https://issues.redhat.com/rest/api/1.0/issues/16078315/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
      OADP-4330 ON_QA rjohnson@redhat.com
      OADP 1.3.3 CVE-2024-24789 oadp-velero-restic-restore-helper-container: golang: archive/zip: Incorrect handling of certain ZIP files [oadp-1]   [ Actions https://issues.redhat.com/rest/api/1.0/issues/16078317/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
      OADP-4345 ON_QA rjohnson@redhat.com
      OADP 1.3.3 CVE-2024-24790 oadp-velero-container: golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses [oadp-1]   [ Actions https://issues.redhat.com/rest/api/1.0/issues/16082091/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
      OADP-3701 New alitke@redhat.com
      OADP 1.3.3 CVE-2024-28180 oadp-kubevirt-velero-plugin-container: jose-go: improper handling of highly compressed data [oadp-1]   [ Actions https://issues.redhat.com/rest/api/1.0/issues/15867083/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
      OADP-3835 Closed wnstb
      OADP 1.3.3 CVE-2024-30255 oadp-velero-container: envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood [oadp-1]   [ Actions https://issues.redhat.com/rest/api/1.0/issues/15918883/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
      OADP-3836 Closed wnstb
      OADP 1.3.3 CVE-2024-30255 oadp-velero-plugin-for-gcp-container: envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood [oadp-1]   [ Actions https://issues.redhat.com/rest/api/1.0/issues/15918884/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
      OADP-4387 New wnstb
      OADP 1.3.3 CVE-2024-6104 oadp-kubevirt-velero-plugin-container: go-retryablehttp: url might write sensitive information to log file [oadp-1.3]
      Show
      OADP-3723 ON_QA wnstb OADP 1.3.3 CVE-2023-45288 oadp-operator-container: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS [oadp-1.3] CVE-2023-45288 Security SecurityTracking flaw:bz#2268273 pscomponent:oadp-operator-container triaged   [ Actions https://issues.redhat.com/rest/api/1.0/issues/15876775/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin] OADP-4000 ON_QA rjohnson@redhat.com OADP 1.3.3 CVE-2024-24788 oadp-velero-container: golang: net: malformed DNS message can cause infinite loop [oadp-1] CVE-2024-24788 Security SecurityTracking flaw:bz#2279814 pscomponent:oadp-velero-container triaged   [ Actions https://issues.redhat.com/rest/api/1.0/issues/15993097/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin] OADP-4329 ON_QA rjohnson@redhat.com OADP 1.3.3 CVE-2024-24789 oadp-velero-container: golang: archive/zip: Incorrect handling of certain ZIP files [oadp-1] CVE-2024-24789 Security SecurityTracking flaw:bz#2292668 pscomponent:oadp-velero-container triaged   [ Actions https://issues.redhat.com/rest/api/1.0/issues/16078316/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin] OADP-4327 ON_QA rjohnson@redhat.com OADP 1.3.3 CVE-2024-24789 oadp-mustgather-container: golang: archive/zip: Incorrect handling of certain ZIP files [oadp-1] CVE-2024-24789 Security SecurityTracking flaw:bz#2292668 pscomponent:oadp-mustgather-container triaged   [ Actions https://issues.redhat.com/rest/api/1.0/issues/16078314/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin] OADP-4328 ON_QA rjohnson@redhat.com OADP 1.3.3 CVE-2024-24789 oadp-operator-container: golang: archive/zip: Incorrect handling of certain ZIP files [oadp-1] CVE-2024-24789 Security SecurityTracking flaw:bz#2292668 pscomponent:oadp-operator-container triaged   [ Actions https://issues.redhat.com/rest/api/1.0/issues/16078315/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin] OADP-4330 ON_QA rjohnson@redhat.com OADP 1.3.3 CVE-2024-24789 oadp-velero-restic-restore-helper-container: golang: archive/zip: Incorrect handling of certain ZIP files [oadp-1] CVE-2024-24789 Security SecurityTracking flaw:bz#2292668 pscomponent:oadp-velero-restic-restore-helper-container triaged   [ Actions https://issues.redhat.com/rest/api/1.0/issues/16078317/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin] OADP-4345 ON_QA rjohnson@redhat.com OADP 1.3.3 CVE-2024-24790 oadp-velero-container: golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses [oadp-1] CVE-2024-24790 Security SecurityTracking flaw:bz#2292787 pscomponent:oadp-velero-container triaged   [ Actions https://issues.redhat.com/rest/api/1.0/issues/16082091/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin] OADP-3701 New alitke@redhat.com OADP 1.3.3 CVE-2024-28180 oadp-kubevirt-velero-plugin-container: jose-go: improper handling of highly compressed data [oadp-1] CVE-2024-28180 Security SecurityTracking flaw:bz#2268854 pscomponent:oadp-kubevirt-velero-plugin-container   [ Actions https://issues.redhat.com/rest/api/1.0/issues/15867083/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin] OADP-3835 Closed wnstb OADP 1.3.3 CVE-2024-30255 oadp-velero-container: envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood [oadp-1] CVE-2024-30255 Security SecurityTracking flaw:bz#2272986 pscomponent:oadp-velero-container   [ Actions https://issues.redhat.com/rest/api/1.0/issues/15918883/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin] OADP-3836 Closed wnstb OADP 1.3.3 CVE-2024-30255 oadp-velero-plugin-for-gcp-container: envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood [oadp-1] CVE-2024-30255 Security SecurityTracking flaw:bz#2272986 pscomponent:oadp-velero-plugin-for-gcp-container   [ Actions https://issues.redhat.com/rest/api/1.0/issues/15918884/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin] OADP-4387 New wnstb OADP 1.3.3 CVE-2024-6104 oadp-kubevirt-velero-plugin-container: go-retryablehttp: url might write sensitive information to log file [oadp-1.3] CVE-2024-6104 Security SecurityTracking flaw:bz#2294000
    • 0
    • 0
    • Very Likely
    • 0
    • None
    • Unset
    • Unknown
    • No

      1.
      		 (QE) Verify for ( [DOCS] Release Notes 1.3.3 ) Sub-task New Undefined Sachin Singla

          rhn-support-anarnold A Arnold
          rhn-support-anarnold A Arnold
          Sachin Singla Sachin Singla
          Votes:
          0 Vote for this issue
          Watchers:
          1 Start watching this issue

            Created:
            Updated:
            Resolved: