From 2274adcdaba8fd8b80940ffec413ccb657911e6e Mon Sep 17 00:00:00 2001 From: Andy Arnold Date: Mon, 23 Oct 2023 22:37:22 +0100 Subject: [PATCH] MIG-1476: release notes for MTC 1.8.1 Signed-off-by: Andy Arnold --- .../mtc-release-notes.adoc | 1 + .../migration-mtc-release-notes-1-8-1.adoc | 26 +++++++++++++++++++ 2 files changed, 27 insertions(+) create mode 100644 modules/migration-mtc-release-notes-1-8-1.adoc diff --git a/migration_toolkit_for_containers/mtc-release-notes.adoc b/migration_toolkit_for_containers/mtc-release-notes.adoc index 501b0a557e..b0d2f23a71 100644 --- a/migration_toolkit_for_containers/mtc-release-notes.adoc +++ b/migration_toolkit_for_containers/mtc-release-notes.adoc @@ -17,6 +17,7 @@ You can migrate from xref:../migrating_from_ocp_3_to_4/about-migrating-from-3-to For information on the support policy for {mtc-short}, see link:https://access.redhat.com/support/policy/updates/openshift#app_migration[OpenShift Application and Cluster Migration Solutions], part of the _Red Hat {product-title} Life Cycle Policy_. +include::modules/migration-mtc-release-notes-1-8-1.adoc[leveloffset=+1] include::modules/migration-mtc-release-notes-1-8.adoc[leveloffset=+1] include::modules/migration-mtc-release-notes-1-7-13.adoc[leveloffset=+1] include::modules/migration-mtc-release-notes-1-7-12.adoc[leveloffset=+1] diff --git a/modules/migration-mtc-release-notes-1-8-1.adoc b/modules/migration-mtc-release-notes-1-8-1.adoc new file mode 100644 index 0000000000..d16fa5824b --- /dev/null +++ b/modules/migration-mtc-release-notes-1-8-1.adoc @@ -0,0 +1,26 @@ +// Module included in the following assemblies: +// +// * migration_toolkit_for_containers/mtc-release-notes.adoc +:_content-type: REFERENCE +[id="migration-mtc-release-notes-1-8-1_{context}"] += {mtc-full} 1.8.1 release notes + +[id="resolved-issues-1-8-1_{context}"] +== Resolved issues + +This release has the following major resolved issues: + +.CVE-2023-39325: golang: net/http, x/net/http2: rapid stream resets can cause excessive work + +A flaw was found in handling multiplexed streams in the HTTP/2 protocol, which is used by {mtc-full} ({mtc-short}). A client could repeatedly make a request for a new multiplex stream and immediately send an `RST_STREAM` frame to cancel it. This creates additional workload for the server in terms of setting up and dismantling streams, while avoiding any server-side limitations on the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. link:https://bugzilla.redhat.com/show_bug.cgi?id=2245079[(BZ#2245079)] + +It is advised to update to {mtc-short} 1.8.1 or later, which resolve this issue. + +For more details, see link:https://access.redhat.com/security/cve/cve-2023-39325[(CVE-2023-39325)] and link:https://access.redhat.com/security/cve/cve-2023-44487[(CVE-2023-44487)] + + + +[id="known-issues-1-8-1_{context}"] +== Known issues + +There are no major known issues in this release.