Red Hat Security Advisory: AMQ Broker 7.12.0.OPR.1.GA Container Images release and security update

CVE-2021-43565 — golang.org/x/crypto: empty plaintext packet causes panic CVE-2022-2879 — golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers CVE-2022-2880 — golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters CVE-2022-21698 — prometheus/client_golang: Denial of service using InstrumentHandlerCounter CVE-2022-27664 — golang: net/http: handle server errors after sending GOAWAY CVE-2022-32189 — golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service CVE-2022-41678 — ActiveMQ: Deserialization vulnerability on Jolokia that allows authenticated users to perform RCE CVE-2022-41715 — golang: regexp/syntax: limit memory used by parsing regexps CVE-2022-41723 — golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding CVE-2022-41724 — golang: crypto/tls: large handshake records may cause panics CVE-2022-41725 — golang: net/http, mime/multipart: denial of service from excessive resource consumption CVE-2023-24534 — golang: net/http, net/textproto: denial of service from excessive memory allocation CVE-2023-24536 — golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption CVE-2023-24537 — golang: go/parser: Infinite loop in parsing CVE-2023-24538 — golang: html/template: backticks not treated as string delimiters CVE-2023-24539 — golang: html/template: improper sanitization of CSS values CVE-2023-24540 — golang: html/template: improper handling of JavaScript whitespace CVE-2023-29400 — golang: html/template: improper handling of empty HTML attributes