- Issued:
- 2018-05-25
- Updated:
- 2018-05-25
RHBA-2018:1729 - Bug Fix Advisory
Synopsis
Update to Fuse Integration Services 2.0 Images
Type/Severity
Bug Fix Advisory
Topic
This update addresses the Common Vulnerabilities and Exposures (CVE) issue
https://access.redhat.com/security/cve/CVE-2018-3639
Description
This update for the Fuse Integration Services 2.0 images for Fuse 6.3.0R6 patch incorporates the Critical Security Advisory
https://access.redhat.com/errata/RHSA-2018:1649 that addresses
CVE-2018-3639 on OpenJDK 1.8.0.
Solution
This update consists of the following parts:
- Updated FIS 2.0 images (provided through the Red Hat container catalog)
These images are intended for use with the following components (unchanged since the previous patch):
- JBoss Fuse version: JBoss Fuse 6.3.0 Roll Up 6 (build 630329)
- BOM version: 2.2.170.redhat-000023
- Fabric8 Maven plug-in version: 3.1.80.redhat-000023
- Archetype version: 2.2.195.redhat-000017
- Archetype Catalog URL: https://maven.repository.redhat.com/ga/io/fabric8/archetypes/archetypes-catalog/2.2.195.redhat-000017/archetypes-catalog-2.2.195.redhat-000017-archetype-catalog.xml
Update your FIS deployments to use the updated FIS image.
For details on how to apply this update, see the patching instructions in "Fuse Integration Services 2.0 for OpenShift" https://access.redhat.com/documentation/en-us/red_hat_jboss_fuse/6.3/html/fuse_integration_services_2.0_for_openshift/patching
Affected Products
- Red Hat OpenShift Container Platform 3.9 x86_64
- Red Hat OpenShift Container Platform 3.7 x86_64
- Red Hat OpenShift Container Platform 3.6 x86_64
Fixes
(none)CVEs
References
(none)
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
