(RHSA-2024:1859) Moderate: OpenShift API for Data Protection (OADP) 1.3.1 security and bug fix update

OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Security Fix(es) from Bugzilla: opentelemetry: DoS vulnerability in otelhttp (CVE-2023-45142) golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (CVE-2023-45287) golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326) ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795) golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786) jose-go: improper handling of highly compressed data (CVE-2024-28180) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References…Read More