Issued:: 2019-10-14
Updated:: 2019-10-14

RHSA-2019:3041 - Security Advisory

Overview
Updated Packages

Synopsis

Important: Red Hat OpenShift Service Mesh 1.0.1 RPMs

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Service Mesh 1.0.1.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.

This advisory covers the RPM packages for the OpenShift Service Mesh 1.0.1 release.

Security Fix(es):

HTTP/2: large amount of data requests leads to denial of service (CVE-2019-9511)
HTTP/2: flood using PRIORITY frames results in excessive resource consumption (CVE-2019-9513)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

The OpenShift Service Mesh release notes provide information on the features and known issues:

https://docs.openshift.com/container-platform/4.1/service_mesh/servicemesh-release-notes.html

Affected Products

Red Hat OpenShift Service Mesh 1.0 for RHEL 8 x86_64
Red Hat OpenShift Service Mesh 1.0 for RHEL 7 x86_64

Fixes

BZ - 1735741 - CVE-2019-9513 HTTP/2: flood using PRIORITY frames results in excessive resource consumption
BZ - 1741860 - CVE-2019-9511 HTTP/2: large amount of data requests leads to denial of service

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenShift Service Mesh 1.0 for RHEL 8

SRPM
servicemesh-1.0.1-8.el8.src.rpm	SHA-256: 676d27d878cdec20d594cdbf93f7543b9ed0dc05aaf8c44079f95e47c9de9313
servicemesh-cni-1.0.1-8.el8.src.rpm	SHA-256: 72ca6c364683125443b7240ea302dbf08e3e095818ca27c2b160f2abf8538d6f
servicemesh-grafana-6.2.2-21.el8.src.rpm	SHA-256: 88959ab65fa8e7722fb658a415122025916155b4f02a8f715e2a967863fcfcc3
servicemesh-operator-1.0.1-8.el8.src.rpm	SHA-256: 2da1157b7a3cd07a018676a2274f87daf7b2ea7f0088a28f4873d2d804e91359
servicemesh-prometheus-2.7.2-22.el8.src.rpm	SHA-256: 26343c07bbeb02474d47e82459534740ee3ce8a8d349d72ed7876726177752da
servicemesh-proxy-1.0.1-7.el8.src.rpm	SHA-256: 2e85b7345710cd367e6a545bfaecc090ce0bdcf527aae109031552c517d1bdeb
x86_64
servicemesh-1.0.1-8.el8.x86_64.rpm	SHA-256: e06eb0f49d89763ded8a3eac247765b85df01adcac6d24550aae7138f98d209c
servicemesh-citadel-1.0.1-8.el8.x86_64.rpm	SHA-256: b606e5faada5d200633e04f9fc68f3278764e689985d112e38362a6e7cb84114
servicemesh-cni-1.0.1-8.el8.x86_64.rpm	SHA-256: 1a61f5017253c5e19314cdf1a21e080de69d040b7a2e2ca9cfa92e7ebe70d21b
servicemesh-galley-1.0.1-8.el8.x86_64.rpm	SHA-256: 912a0ff2069e46dc1da9dfc70501b766807a29e62a4b4b3eefa0efe80e0d9151
servicemesh-grafana-6.2.2-21.el8.x86_64.rpm	SHA-256: 399824ad7b15564a2b8b0a4dfaa8fb322d28a8cc574ad8433285a89f662dca41
servicemesh-grafana-prometheus-6.2.2-21.el8.x86_64.rpm	SHA-256: 874ecdf435d7408b9c3ca0508276dc52f6ac06a5addcb63e9ff890cc61533fb0
servicemesh-istioctl-1.0.1-8.el8.x86_64.rpm	SHA-256: b2ac236a5a2039e4e142c30fbea57ff5c8faad71d14b3edc0f82151c0e8cde78
servicemesh-mixc-1.0.1-8.el8.x86_64.rpm	SHA-256: 0c7de34c261242676a9a978c4aee7006a2410357418bb423d29e6df84b714ec3
servicemesh-mixs-1.0.1-8.el8.x86_64.rpm	SHA-256: e214551e2d01f30c9ae5c91653f0a7672f1cc78378d786dcda9d8491b62ac67c
servicemesh-operator-1.0.1-8.el8.x86_64.rpm	SHA-256: 9c38f192125d34e1c082a3a69859c4f9afb3f4272342289b0012682a877145fc
servicemesh-pilot-agent-1.0.1-8.el8.x86_64.rpm	SHA-256: 3d038ad4ad5d50e1d8426ea98a672d772364e043b6304bf43ec3b658375e3384
servicemesh-pilot-discovery-1.0.1-8.el8.x86_64.rpm	SHA-256: 9a17873fcfaafe045dcf135c2c25d881b09554d4afd10672858fe1aaf41d13f3
servicemesh-prometheus-2.7.2-22.el8.x86_64.rpm	SHA-256: f05833cf3d90e548ea068737cae5ebc5f4b4c2ad8d42aa6040e34328332c37e1
servicemesh-proxy-1.0.1-7.el8.x86_64.rpm	SHA-256: 11f1733932e57ee8085837ec8731b561c0c6332c8a5bcb20e6beccd9cdf09db1
servicemesh-sidecar-injector-1.0.1-8.el8.x86_64.rpm	SHA-256: 3f09b0ceb3f324082dd23fdfd84b4484eda5198aeec4fd1f5c8200101e6343e2

Red Hat OpenShift Service Mesh 1.0 for RHEL 7

SRPM
kiali-v1.0.6.redhat1-1.el7.src.rpm	SHA-256: 0b34d2cfdf5d1aa3b14b20c5a7191f47f5617ea7a669767390e00b785e5e262e
x86_64
kiali-v1.0.6.redhat1-1.el7.x86_64.rpm	SHA-256: 5a5843dd986caaf6aa2c787ed6237e231651d4736a053da017f178589a4a560b

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation