Red Hat Product Errata RHBA-2019:3910 - Bug Fix Advisory
Issued:
2019-11-19
Updated:
2019-11-19

RHBA-2019:3910 - Bug Fix Advisory

Synopsis

updated Application Stream container images

Type/Severity

Bug Fix Advisory

Topic

Updated Application Stream container images are now available in the Red Hat Container Registry.

Description

Red Hat Enterprise Linux 8 Application Stream container images are based on the corresponding Application Stream component and the ubi8 base image.

The following container images have been updated to provide fixes for CVE-2019-0155

This update includes the following images:

rhel8/varnish-6
ubi8/python-27
ubi8/python-36
ubi8/perl-526
ubi8/ruby-25
ubi8/ruby-26
ubi8/nodejs-10
ubi8/nodejs-12

To pull a container image, run the following command as root:

podman pull registry.redhat.io/<image_name>

Solution

The container images provided by this update can be downloaded from the Red Hat Container Registry at registry.redhat.io using the "podman pull" command.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.2 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.1 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.1 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.4 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.1 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

Fixes

  • BZ - 1724398 - CVE-2019-0155 hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.