- Issued:
- 2021-03-09
- Updated:
- 2021-03-09
RHBA-2021:0775 - Bug Fix Advisory
Synopsis
updated Red Hat Software Collections container images
Type/Severity
Bug Fix Advisory
Topic
Updated Red Hat Software Collections container images are now available in the Red Hat Container Registry.
Description
Red Hat Software Collections container images are based on the corresponding collection and the rhel7 or the ubi7 base image.
This following container images have been updated to provide a fix for CVE-2020-8625, addressed in the RHSA-2021:0671 advisory:
rhscl/httpd-24-rhel7
rhscl/mariadb-103-rhel7
rhscl/mongodb-36-rhel7
rhscl/mysql-80-rhel7
rhscl/nginx-116-rhel7
ubi7/nginx-118
rhscl/postgresql-10-rhel7
rhscl/postgresql-12-rhel7
rhscl/varnish-5-rhel7
rhscl/varnish-6-rhel7
To pull a container image, run the following command as root:
podman pull registry.access.redhat.com/<image_name>
For details regarding usage of the images, see Using Red Hat Software Collections Container Images linked from the References section.
All users of the Red Hat Software Collections container images are advised to pull these updated images from the Red Hat Container Registry.
Solution
The container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com using the "podman pull" command.
Affected Products
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
- Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7 s390x
- Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7 ppc64le
Fixes
- BZ - 1928486 - CVE-2020-8625 bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation
CVEs
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.