RHBA-2019:3866 - Bug Fix Advisory

Topic

Updated Red Hat Software Collections container images are now available in the Red Hat Container Registry.

Description

The Red Hat Software Collections container images have been updated to address security fixes provided by the following advisories: RHSA-2019:3834

This update includes the following images:

rhscl/devtoolset-7-perftools-rhel7
rhscl/devtoolset-7-toolchain-rhel7
rhscl/devtoolset-8-perftools-rhel7
rhscl/devtoolset-8-toolchain-rhel7
ubi7/nodejs-10
ubi7/nodejs-8
rhscl/perl-524-rhel7
rhscl/perl-526-rhel7
rhscl/php-70-rhel7
rhscl/php-71-rhel7
ubi7/php-72
ubi7/python-27
ubi7/python-36
rhscl/ror-50-rhel7
rhscl/ruby-24-rhel7
ubi7/ruby-25
ubi7/ruby-26
rhscl/varnish-5-rhel7
rhscl/varnish-6-rhel7

To pull a container image, run the following command as root:

podman pull registry.access.redhat.com/<image_name>

Solution

The container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com using the "podman pull" command.

Affected Products

• Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
• Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7 s390x
• Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7 ppc64le

Fixes

• BZ - 1646768 - CVE-2018-12207 hw: Machine Check Error on Page Size Change (IFU)
• BZ - 1724393 - CVE-2019-0154 hw: Intel GPU Denial Of Service while accessing MMIO in lower power state
• BZ - 1753062 - CVE-2019-11135 hw: TSX Transaction Asynchronous Abort (TAA)

CVEs

• CVE-2018-1060
• CVE-2018-1061
• CVE-2018-12207
• CVE-2018-14647
• CVE-2018-20406
• CVE-2018-20852
• CVE-2019-0154
• CVE-2019-5010
• CVE-2019-9740
• CVE-2019-9947
• CVE-2019-11135
• CVE-2019-16056

References

• https://access.redhat.com/errata/RHSA-2019:3834
• https://access.redhat.com