Important: Release of containers for OSP 16.2 director operator tech preview

Topic

Red Hat OpenStack Platform 16.2 (Train) director Operator containers are
available for technology preview.

Description

Release osp-director-operator images

Security Fix(es):

• golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.

Solution

OSP 16.2.z Release - OSP Director Operator Containers

Affected Products

• Red Hat OpenStack 16.2 x86_64

Fixes

• BZ - 2025995 - Rebase tech preview on latest upstream v1.2.x branch
• BZ - 2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache
• BZ - 2036784 - osp controller (fencing enabled) in downed state after system manual crash test

CVEs

• CVE-2019-5827
• CVE-2019-13750
• CVE-2019-13751
• CVE-2019-17594
• CVE-2019-17595
• CVE-2019-18218
• CVE-2019-19603
• CVE-2019-20838
• CVE-2020-12762
• CVE-2020-13435
• CVE-2020-14155
• CVE-2020-16135
• CVE-2020-24370
• CVE-2021-3200
• CVE-2021-3426
• CVE-2021-3445
• CVE-2021-3521
• CVE-2021-3572
• CVE-2021-3580
• CVE-2021-3712
• CVE-2021-3800
• CVE-2021-3872
• CVE-2021-3984
• CVE-2021-4019
• CVE-2021-4122
• CVE-2021-4192
• CVE-2021-4193
• CVE-2021-20231
• CVE-2021-20232
• CVE-2021-22876
• CVE-2021-22898
• CVE-2021-22925
• CVE-2021-27645
• CVE-2021-28153
• CVE-2021-33560
• CVE-2021-33574
• CVE-2021-35942
• CVE-2021-36084
• CVE-2021-36085
• CVE-2021-36086
• CVE-2021-36087
• CVE-2021-42574
• CVE-2021-44716
• CVE-2022-24407

References

• https://access.redhat.com/security/updates/classification/#important