- Issued:
- 2023-09-04
- Updated:
- 2023-09-04
RHBA-2023:4912 - Bug Fix Advisory
Synopsis
Update Technology Preview of JBoss Web Server 5.7 for OpenShift image with OpenJDK 17 for 5.7.4
Type/Severity
Bug Fix Advisory
Topic
This erratum covers updates to the current Technology Preview release of the JBoss Web Server 5.7 for OpenShift container image with OpenJDK 17 support to consume the JBoss Web Server 5.7.4 release.
Description
The current Technology Preview release of the JBoss Web Server 5.7 for OpenShift image with OpenJDK 17 support has been updated to consume the JBoss Web Server 5.7.4 release.
Solution
You can download the RHEL-8-based Middleware Containers image that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).
Dockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.
Affected Products
- Red Hat OpenShift Container Platform 4.11 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
Fixes
- CLOUD-4193 - [JWS57-JDK17] Update JWS 5.7 JDK17 image with Service Pack 4
- CLOUD-4197 - [JWS57 JDK17TP] - Important: subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allows local users to modify configuration (CVE-2023-3899)
- CLOUD-4199 - [JWS57 JDK17TP] - Important: cups: Information leak through Cups-Get-Document operation (CVE-2023-32360)
CVEs
(none)
References
(none)
ppc64le
jboss-webserver-5/jws57-openjdk17-openshift-rhel8@sha256:bbf0f71cdad098b194fb2c1d32e7db6375981096cded9d255123fa10a468ae3d |
s390x
jboss-webserver-5/jws57-openjdk17-openshift-rhel8@sha256:04ec3b01cb894c547eb78c54a88466de7e11d02bd4807ec256a356c066986a77 |
x86_64
jboss-webserver-5/jws57-openjdk17-openshift-rhel8@sha256:3c524c24ec5fe76c14e53fe79bde3bd608338b53f5055df3a5176aedbb61ff3d |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.