3rd April 2020

Emergency maintenance: Disabling of HTTP/2 on all OpenShift Routers, scheduled 1 year ago

In order to mitigate CVE-2020-11100 "haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes" (see Incident #228) we will roll out a change which disables HTTP/2 on all OpenShift routers/load balancers tonight at 22:00 CEST.

Impact: During the rollout, the application load balancers will experience a rolling restart. This will interrupt long-living TCP connections, and might lead to downtimes of a couple of seconds.

Update 22:03 CEST: The change has been rolled out to all OpenShift clusters.