Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-3249

CVE-2022-27191 ose-installer-container: golang: crash in a golang.org/x/crypto/ssh server [openshift-4]

    XMLWordPrintable

Details

    • Moderate
    • Hide

      None

      Show
      None
    • Hide
      Previously, the `golang.org/x/crypto/ssh` package had an issue where an attacker could cause an SSH server to reject clients using the SHA-2 algorithm. This release fixes the broken cryptographic algorithm in the `golang.org/x/crypto/ssh`, allowing users to encrypt data using the SHA-2 algorithm without issue.

      (link:https://issues.redhat.com/browse/OCPBUGS-3249[*OCPBUGS-3249*]
      Show
      Previously, the `golang.org/x/crypto/ssh` package had an issue where an attacker could cause an SSH server to reject clients using the SHA-2 algorithm. This release fixes the broken cryptographic algorithm in the `golang.org/x/crypto/ssh`, allowing users to encrypt data using the SHA-2 algorithm without issue. (link: https://issues.redhat.com/browse/OCPBUGS-3249 [* OCPBUGS-3249 *]
    • CVE - Common Vulnerabilities and Exposures
    • Done

    Description

      Description of problem:

      This is a clone of https://bugzilla.redhat.com/show_bug.cgi?id=2074299 for backporting purposes.

      Version-Release number of selected component (if applicable):

       

      How reproducible:

       

      Steps to Reproduce:

      1.
      2.
      3.
      

      Actual results:

       

      Expected results:

       

      Additional info:

       

      Attachments

        Issue Links

          Activity

            Public project attachment banner

              context keys: [headless, issue, helper, isAsynchronousRequest, project, action, user]
              current Project key: OCPBUGS

              People

                rdossant Rafael Fonseca dos Santos
                rdossant Rafael Fonseca dos Santos
                Gaoyun Pei Gaoyun Pei
                Darragh Fitzmaurice Darragh Fitzmaurice
                Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: