What customers of Red Hat OpenShift hosted services should know about the April 2020 HAProxy HTTP/2 flaws
April 3, 2020 | by
On April 2, 2020, details were made public about a security flaw that impacts systems running the HAProxy component when HTTP/2 support is enabled. Before the flaws were publicly disclosed, Red Hat worked to determine the impact to our customers for hosted services that use HAProxy - including OpenShift Dedicated, OpenShift Online, and Azure Red Hat OpenShift. We have verified that none of these managed services are using the vulnerable HAProxy configuration.
Introduction This is the fourth post of the blog series on HashiCorp Vault. The first post proposed a custom orchestration to more securely retrieve secrets stored in the Vault from a pod running in ...