从这个网页截图中,可以获取到以下关于漏洞的关键信息: 1. 漏洞编号:RHSA-2024:4963 2. 发布日期:2024-08-07 3. 类型/严重性:重要 4. 受影响的产品: - Red Hat OpenShift Container Platform 4.14 - Red Hat OpenShift Container Platform 4.14 for RHEL 9 x86_64 - Red Hat OpenShift Container Platform 4.14 for RHEL 8 x86_64 - Red Hat OpenShift Container Platform for Power 4.14 for RHEL 9 ppc64le - Red Hat OpenShift Container Platform for Power 4.14 for RHEL 8 ppc64le - Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.14 for RHEL 9 s390x - Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.14 for RHEL 8 s390x - Red Hat OpenShift Container Platform for ARM 64 4.14 for RHEL 9 aarch64 - Red Hat OpenShift Container Platform for ARM 64 4.14 for RHEL 8 aarch64 5. 安全修复: - golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288) - golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) - dnspython: denial of service in stub resolver (CVE-2023-29483) - ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795) - containers/image: digest type does not guarantee valid type (CVE-2024-3727) - go-retryablehttp: url might write sensitive information to log file (CVE-2024-6104) - openssh: Possible remote code execution due to a race condition in signal handling affecting Red Hat Enterprise Linux 9 (CVE-2024-6409) 6. 解决方案: - 使用OpenShift CLI (oc)或web控制台检查可用更新。 - 参考OpenShift Container Platform 4.14的发布说明,了解如何升级集群并完全应用此异步补丁更新。 7. 受影响的组件: - Red Hat OpenShift Container Platform 4.14 - Red Hat OpenShift Container Platform 4.14 for RHEL 9 x86_64 - Red Hat OpenShift Container Platform 4.14 for RHEL 8 x86_64 - Red Hat OpenShift Container Platform for Power 4.14 for RHEL 9 ppc64le - Red Hat OpenShift Container Platform for Power 4.14 for RHEL 8 ppc64le - Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.14 for RHEL 9 s390x - Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.14 for RHEL 8 s390x - Red Hat OpenShift Container Platform for ARM 64 4.14 for RHEL 9 aarch64 - Red Hat OpenShift Container Platform for ARM 64 4.14 for RHEL 8 aarch64 这些信息可以帮助用户了解漏洞的详细情况、受影响的产品和组件,以及如何解决和应用修复措施。