Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHBA-2023:1313 - Bug Fix Advisory
Issued:
2023-03-16
Updated:
2023-03-16

RHBA-2023:1313 - Bug Fix Advisory

  • Overview
  • Updated Images

Synopsis

updated RHEL-8 based Middleware Containers container images

Type/Severity

Bug Fix Advisory

Topic

Updated RHEL-8 based Middleware Containers container images are now available

Description

The RHEL-8 based Middleware Containers container images have been updated to address the following security advisory: RHSA-2023:1252 (see References)

Users of RHEL-8 based Middleware Containers container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in Red Hat Container Catalog (see References).

Solution

The RHEL-8 based Middleware Containers container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).

Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.

Affected Products

  • Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
  • Red Hat OpenShift Container Platform for ARM 64 4.10 aarch64

Fixes

  • BZ - 2170377 - CVE-2023-0767 nss: Arbitrary memory write via PKCS 12

CVEs

  • CVE-2023-0767
  • CVE-2023-23916

References

  • https://access.redhat.com/errata/RHSA-2023:1252
  • https://access.redhat.com/containers

aarch64

ubi8/openjdk-11@sha256:a862c0f78b3487028a90d06c40bb4cd3e0fdbca1eb9a6eeaba272764dfb6f591
ubi8/openjdk-11-runtime@sha256:2afc183ece4d4452eb35ab4c58d2f430bc1d24eb73d40ac70665f758f469f8dc
ubi8/openjdk-17@sha256:b8fce57a37fe4517f41fe6184d676a20c873d6ac1d568ebfa3c249634af042ea
ubi8/openjdk-17-runtime@sha256:37f9570b5849b8ecfab309144693cca1c0590e193c5e6419d25e63cb0b34b0bc
ubi8/openjdk-8@sha256:2cfd0805e7c5f11ba371495753621a5e3d1a425f77f7ecf08774346fa4acbdea
ubi8/openjdk-8-runtime@sha256:6ac7b0f493a377b743cd73442c24ba6543f56704ba5760f56d8d243ac1d5c6e3

ppc64le

ubi8/openjdk-11@sha256:e48dc8a7e40f86c590d6d3e8579ab9fc93923712fe50727aba7ad7d5a7ace516
ubi8/openjdk-11-runtime@sha256:e791e29fd682e92fa7b31e666ac2edd8048f609b31936dcd1f14d0de469a5b8e
ubi8/openjdk-17@sha256:7222513bd4f02b0558806a61f551a07a2d23524bf24b079c8c69a29f640f73ab
ubi8/openjdk-17-runtime@sha256:a76f3c30975218115189a41e18b8fb44dc6dba5611ffca733be2d86e7bb74ff7
ubi8/openjdk-8@sha256:a459db884fc8e61a2a6bf0369e12e24b21c2b0f10606be5c3e7c0f2e32fc2f2a
ubi8/openjdk-8-runtime@sha256:dafd665fd3e88f227c89539ee84e82fbdf1f50eea42398cefc11958a8e29a178

s390x

ubi8/openjdk-11@sha256:e1b970af50ed0c944abfda2cd5c83d53c2f5e75a4e75d4762e55c30087f8bee0
ubi8/openjdk-11-runtime@sha256:2477bc2810e694c27a311808ad03a4372e0e04f9aaf642c5ce5b2688375e62f9
ubi8/openjdk-17@sha256:9511c592e403defdbeea8256835a9dbb8716d1c47a2e122f55d0f8a8fc2072d2
ubi8/openjdk-17-runtime@sha256:62b653fad33b79b2fbb032d2ce0eea3bf4f1e6010409f164eed0278320a0ad8d
ubi8/openjdk-8@sha256:434a79f12cdc95545be89ec0ad3fe067fce0b4c544b5d35235e1451cda21cab3
ubi8/openjdk-8-runtime@sha256:ac997749b43fdc48dcd461a4d1dfb7f8aad765e6144589da17c6d122a3c33488

x86_64

ubi8/openjdk-11@sha256:4a2e7a205c557faf6bcfcfd34a28a90eb7133a35f4417de568f3081fb6eec907
ubi8/openjdk-11-runtime@sha256:6516c1ae250eb3d60f558672f149d82c2a9f0c59b00430d7ea0b7a8970d093ab
ubi8/openjdk-17@sha256:7d976b3705f44999c0f078365d9792919c36af267372cd22bccadca1260f1980
ubi8/openjdk-17-runtime@sha256:0d7f7fcf24f1284f549dc51a2732c4e4b4b735186c02835f47016019d45435b1
ubi8/openjdk-8@sha256:131f9c504c5d68a704e5099a0750bf8909e4dfa999f6194a1aeea54d963fd3ad
ubi8/openjdk-8-runtime@sha256:8b178c5a049da06a6826c70a91becadb6c193e9772cb1507e31dff36a68d1c89

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Terms of Use
  • All Policies and Guidelines
We've updated our <a href='http://www.redhat.com/en/about/privacy-policy' class='privacy-policy'>Privacy Statement</a> effective September 15, 2023.
Red Hat Summit Red Hat Summit
Twitter