Red Hat Product Errata RHBA-2023:3779 - Bug Fix Advisory
Issued:
2023-06-22
Updated:
2023-06-22

RHBA-2023:3779 - Bug Fix Advisory

Synopsis

updated RHEL-7 based Middleware Containers container images

Type/Severity

Bug Fix Advisory

Topic

Updated RHEL-7 based Middleware Containers container images are now available

Description

The RHEL-7 based Middleware Containers container images have been updated to address the following security advisory: RHSA-2023:3555 (see References)

Users of RHEL-7 based Middleware Containers container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in Red Hat Container Catalog (see References).

Solution

The RHEL-7 based Middleware Containers container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).

Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.

Affected Products

  • Red Hat OpenShift Container Platform 4.5 for RHEL 7 x86_64
  • Red Hat OpenShift Container Platform 4.4 for RHEL 7 x86_64

Fixes

  • BZ - 2173917 - CVE-2023-24329 python: urllib.parse url blocklisting bypass

x86_64

amq7/amq-online-1-address-space-controller@sha256:521fba33aa96b3b6c76a32135c05e3ca31c810ce14e5af35c231b368fecd803e
amq7/amq-online-1-agent@sha256:195fd554964a5bef709f902b5a317a687f6723843973a346d8cb781f9b6b060a
amq7/amq-online-1-auth-plugin@sha256:1e0d1c08a8c06fb40c424b6598669cf4540deda1b53190f8787dd2eb96e7a6b6
amq7/amq-online-1-broker-plugin@sha256:7c9a76fabf9912ae2088b4412a5cb7e5b48758a2bca2ff4eac617ba7f8ed1e49
amq7/amq-online-1-console-init@sha256:bad99a254c4c079ac17be6e2cd33997c087b9c1674d22747d61373ee961eda0d
amq7/amq-online-1-console-server-rhel7@sha256:fe04a92c211b9543e57f6a507b09e13914ac4f525a03cb1c4b207c9a6b3b62bc
amq7/amq-online-1-controller-manager-rhel7-operator@sha256:b86c7a8e36ef691cc554e24910d8de979d726da6a7c8bef51ad565f7b77e819d
amq7/amq-online-1-none-auth-service@sha256:9250521aded0a5a6fc1a4314e05a6b302a5f2126133cf377b05eb2392bed33d9
amq7/amq-online-1-service-broker@sha256:d4751beef2cca487e95222d61a359ebb19aaa659a6201272fdb7345be7d678d8
amq7/amq-online-1-standard-controller@sha256:0a5eee4ef47ea7b21a16b951da422873641f3c67668b849607b36d0f75b109a0
amq7/amq-online-1-topic-forwarder@sha256:a19be4b40caa6e264cde1f0fec3058726232c6c09b50c9443372189156aee983

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.