mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-07 00:48:01 +01:00
39 lines
1.6 KiB
Plaintext
39 lines
1.6 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * backup_and_restore/oadp-release-notes-1-2.adoc
|
|
|
|
:_mod-docs-content-type: REFERENCE
|
|
[id="migration-oadp-release-notes-1-2-3_{context}"]
|
|
= OADP 1.2.3 release notes
|
|
|
|
|
|
[id="new-features-1-2-3_{context}"]
|
|
== New features
|
|
|
|
There are no new features in the release of {oadp-first} 1.2.3.
|
|
|
|
// :FeatureName: OADP Data Mover
|
|
// include::snippets/technology-preview.adoc[]
|
|
|
|
[id="resolved-issues-1-2-3_{context}"]
|
|
== Resolved issues
|
|
|
|
The following highlighted issues are resolved in OADP 1.2.3:
|
|
|
|
|
|
.Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)
|
|
|
|
In previous releases of OADP 1.2, the HTTP/2 protocol was susceptible to a denial of service attack because request cancellation could reset multiple streams quickly. The server had to set up and tear down the streams while not hitting any server-side limit for the maximum number of active streams per connection. This resulted in a denial of service due to server resource consumption. For a list of all OADP issues associated with this CVE, see the following link:https://issues.redhat.com/browse/OADP-2868?filter=12421248[Jira list].
|
|
|
|
For more information, see link:https://access.redhat.com/security/cve/cve-2023-39325[CVE-2023-39325 (Rapid Reset Attack)].
|
|
|
|
|
|
For a complete list of all issues resolved in the release of OADP 1.2.3, see the list of link:https://issues.redhat.com/browse/OADP-2094?filter=12422262[OADP 1.2.3 resolved issues] in Jira.
|
|
|
|
|
|
[id="known-issues-1-2-3_{context}"]
|
|
== Known issues
|
|
|
|
There are no known issues in the release of OADP 1.2.3.
|
|
|