Red Hat Product Errata RHBA-2024:0329 - Bug Fix Advisory
Issued:
2024-01-22
Updated:
2024-01-22

RHBA-2024:0329 - Bug Fix Advisory

Synopsis

Updated Middleware Openshift Containers container images

Type/Severity

Bug Fix Advisory

Topic

Updated Middleware Openshift Containers container images are now available.

Description

The Middleware Openshift Containers container images have been updated to address the following security advisory: RHSA-2024:0267 (see the References section)

Users of Middleware Openshift Containers container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in Red Hat Container Catalog (see the References section).

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat OpenShift Container Platform 4.12 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.11 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
  • Red Hat OpenShift Container Platform for ARM 64 4.10 aarch64

Fixes

  • BZ - 2257720 - CVE-2024-20932 OpenJDK: incorrect handling of ZIP files with duplicate entries (8276123)
  • BZ - 2257728 - CVE-2024-20918 OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)
  • BZ - 2257837 - CVE-2024-20952 OpenJDK: RSA padding issue and timing side-channel attack against TLS (8317547)
  • BZ - 2257853 - CVE-2024-20919 OpenJDK: JVM class file verifier flaw allows unverified bytecode execution (8314295)
  • BZ - 2257859 - CVE-2024-20921 OpenJDK: range check loop optimization issue (8314307)
  • BZ - 2257874 - CVE-2024-20945 OpenJDK: logging of digital signature private keys (8316976)

aarch64

ubi9/openjdk-17@sha256:adb688d913c6742ceabc7dc58a6c770acb0e2fa29574c4bb0582b1af096fb1f3
ubi9/openjdk-17-runtime@sha256:b34d1fb6670d8ab187df3b74932bcfe33b6c969f8de00a3decf5343aa4e5ff8c

ppc64le

ubi9/openjdk-17@sha256:32def3f7bca214ad4734d16974165842131ed6b59bcef3ad582282d45d42af92
ubi9/openjdk-17-runtime@sha256:cfed9b4c526e8ef433e12b3f0808608d2c4c980fecd12f967e88a86f31d067d4

s390x

ubi9/openjdk-17@sha256:fe5b667ec592ef4f24a03abd015d04fc8c92180bfe256e8e31ff31f76f3ff87a
ubi9/openjdk-17-runtime@sha256:ba89fab3de1a0b1c2a7cbdfcf41cf282bc480fe9c23edf7d34b5ffe0554620fc

x86_64

ubi9/openjdk-17@sha256:8c879894582b0545312483d492769ccb4b04ffa489d8a1679f6dbd435f8e44f2
ubi9/openjdk-17-runtime@sha256:886a65b318dd415daa9fab36a3b06608b8f4b20ef0429ed95c4a1c730d0b8832

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.