- Issued:
- 2019-09-09
- Updated:
- 2019-09-09
RHBA-2019:2686 - Bug Fix Advisory
Synopsis
updated CodeReady Workspaces 1.2.1 container images
Type/Severity
Bug Fix Advisory
Topic
Updated Red Hat CodeReady Workspaces container images are now available in the Red Hat Container Registry.
Description
Red Hat CodeReady Workspaces 1.2.1 provides a cloud-developer-workspace server and a browser-based IDE built for teams and organizations. CodeReady Workspaces runs in OpenShift and is well-suited for container-based development.
This update includes updated container images, which are based on an updated Red Hat Enterprise Linux image that contains fixes for the following security issue: CVE-2019-1010238.
This update includes the following images:
codeready-workspaces-stacks-node-rhel8-container-1.2-16.1567589243
codeready-workspaces-stacks-python-rhel8-container-1.2-6.1567589244
codeready-workspaces-stacks-golang-rhel8-container-1.2-5.1567589245
codeready-workspaces-server-rhel8-container-1.2-35.1567589251
codeready-workspaces-stacks-java-rhel8-container-1.2-13.1567589252
codeready-workspaces-stacks-cpp-rhel8-container-1.2-5.1567589240
codeready-workspaces-stacks-php-rhel8-container-1.2-8.1567589247
All users of the Red Hat CodeReady Workspaces container images are advised to pull these updated images from the Red Hat Container Registry.
Solution
The container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available on the pages of the respective images in the Red Hat Container Catalog as listed in the References section.
Dockerfiles and scripts should be amended either to refer to this new image specifically or to the latest image generally.
Affected Products
- Red Hat Developer Tools (for RHEL Server) 1 x86_64
Fixes
- BZ - 1737785 - CVE-2019-1010238 pango: pango_log2vis_get_embedding_levels() heap-based buffer overflow
CVEs
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.