- Issued:
- 2023-11-15
- Updated:
- 2023-11-16
RHBA-2023:7228 - Bug Fix Advisory
Synopsis
Updated ubi9-init container image
Type/Severity
Bug Fix Advisory
Topic
An updated ubi9-init container image is now available in the Red Hat container registry.
Description
The Universal Base Image Init Image (ubi9-init) allows creating containerized services based on the systemd init system. This container image configures systemd in an OCI container and enables running one or more services in a RHEL user space using unit files, init scripts, or both.
This updates the ubi9-init image in the Red Hat container registry.
To pull a container image, run the following command as root:
podman pull registry.access.redhat.com/<image_name>
Solution
The container images provided by this update can be downloaded from the Red Hat container registry at registry.access.redhat.com using the "podman pull" command.
For more information about the image, search the <image_name> in the Red Hat Ecosystem Catalog: https://catalog.redhat.com/software/containers/search.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
- Red Hat Enterprise Linux Server - AUS 9.4 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
- Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
- Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x
Fixes
- BZ - 2241933 - CVE-2023-38545 curl: heap based buffer overflow in the SOCKS5 proxy handshake
- BZ - 2241938 - CVE-2023-38546 curl: cookie injection with none file
aarch64
ubi9/ubi-init@sha256:13f5d8d6e64e37d8202efc7128cedbb9c2257bf937246b08e3f7a447bc2a42c1 |
ubi9-init@sha256:13f5d8d6e64e37d8202efc7128cedbb9c2257bf937246b08e3f7a447bc2a42c1 |
ppc64le
ubi9/ubi-init@sha256:3041b4b9931397aeb9566a2b3eed6dac6ae8c06648d79cfc84517ceaeb5bf470 |
ubi9-init@sha256:3041b4b9931397aeb9566a2b3eed6dac6ae8c06648d79cfc84517ceaeb5bf470 |
s390x
ubi9/ubi-init@sha256:488d4c3094a7a2d934427724ec995f49ef4fb6a6375bb764b4f63845d49181bf |
ubi9-init@sha256:488d4c3094a7a2d934427724ec995f49ef4fb6a6375bb764b4f63845d49181bf |
x86_64
ubi9/ubi-init@sha256:05fb505fb5657076ab258fafb063625ee3a68d64f02444fc0879b295f89f9a94 |
ubi9-init@sha256:05fb505fb5657076ab258fafb063625ee3a68d64f02444fc0879b295f89f9a94 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.