- Issued:
- 2019-04-10
- Updated:
- 2019-04-10
RHBA-2019:0740 - Bug Fix Advisory
Synopsis
updated CodeReady Workspaces 1.0 container images
Type/Severity
Bug Fix Advisory
Topic
Updated Red Hat CodeReady Workspaces container images are now available in the Red Hat Container Registry.
Description
Red Hat CodeReady Workspaces 1.0 provides a cloud developer-workspace server and a browser-based IDE built for teams and organizations. CodeReady Workspaces runs in OpenShift and is well-suited for container-based development.
This update includes updated container images, which are based on an updated Red Hat Enterprise Linux image that contains fixes for the following security issue: CVE-2019-9636.
This update includes the following images:
codeready-workspaces/server-container:1.0-25.1554788750
codeready-workspaces/stacks-java:1.0-17.1554788912
All users of the Red Hat CodeReady Workspaces container images are advised to pull these updated images from the Red Hat Container Registry.
Solution
The container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available on the pages of the respective images in the Red Hat Container Catalog as listed in the References section.
Dockerfiles and scripts should be amended either to refer to this new image specifically or to the latest image generally.
Affected Products
- Red Hat Developer Tools (for RHEL Server) 1 x86_64
Fixes
- BZ - 1688543 - CVE-2019-9636 python: Information Disclosure due to urlsplit improper NFKC normalization
CVEs
(none)
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
