RHBA-2023:4912 - Bug Fix Advisory

Topic

This erratum covers updates to the current Technology Preview release of the JBoss Web Server 5.7 for OpenShift container image with OpenJDK 17 support to consume the JBoss Web Server 5.7.4 release.

Description

The current Technology Preview release of the JBoss Web Server 5.7 for OpenShift image with OpenJDK 17 support has been updated to consume the JBoss Web Server 5.7.4 release.

Solution

You can download the RHEL-8-based Middleware Containers image that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).

Dockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.

Affected Products

• Red Hat OpenShift Container Platform 4.11 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x

Fixes

• CLOUD-4193 - [JWS57-JDK17] Update JWS 5.7 JDK17 image with Service Pack 4
• CLOUD-4197 - [JWS57 JDK17TP] - Important: subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allows local users to modify configuration (CVE-2023-3899)
• CLOUD-4199 - [JWS57 JDK17TP] - Important: cups: Information leak through Cups-Get-Document operation (CVE-2023-32360)

CVEs

(none)

References

(none)