Red Hat multicluster global hub 1.2.1 general
availability and release images provide enhancements, security fixes, and
 updated container images.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE links in the References section.

Red Hat multicluster global hub 1.2.1 images

This advisory contains the container images for multicluster
global hub. These container images provide enhancements.

This advisory contains enhancements and updates to the global hub 
container images.

Security fix(es):

* golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause
authorization bypass in golang.org/x/crypto (CVE-2024-45337)
* golang.org/x/net/html: Non-linear parsing of case-insensitive content in
golang.org/x/net/html (CVE-2024-45338)

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2024-45337: Improper Authorization (CWE-285)
CVE-2024-45338: Allocation of Resources Without Limits or Throttling (CWE-770)