Red Hat Product Errata RHBA-2024:0708 - Bug Fix Advisory
Issued:
2024-02-06
Updated:
2024-02-06

RHBA-2024:0708 - Bug Fix Advisory

Synopsis

updated jboss-eap-7/eap-xp4-openjdk17-openshift-rhel8 container image

Type/Severity

Bug Fix Advisory

Topic

Updated jboss-eap-7/eap-xp4-openjdk17-openshift-rhel8 container image is now available for RHEL-8 based Middleware Containers.

Description

The jboss-eap-7/eap-xp4-openjdk17-openshift-rhel8 container image has been updated for RHEL-8 based Middleware Containers to address the following security advisory: RHSA-2024:0266 (see References)

Users of jboss-eap-7/eap-xp4-openjdk17-openshift-rhel8 container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in Red Hat Container Catalog (see References).

Solution

The RHEL-8 based Middleware Containers container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).

Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.

Affected Products

  • Red Hat OpenShift Container Platform 4.12 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.11 for RHEL 8 x86_64

Fixes

  • BZ - 2257728 - CVE-2024-20918 OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)
  • BZ - 2257837 - CVE-2024-20952 OpenJDK: RSA padding issue and timing side-channel attack against TLS (8317547)
  • BZ - 2257850 - CVE-2024-20926 OpenJDK: arbitrary Java code execution in Nashorn (8314284)
  • BZ - 2257853 - CVE-2024-20919 OpenJDK: JVM class file verifier flaw allows unverified bytecode execution (8314295)
  • BZ - 2257859 - CVE-2024-20921 OpenJDK: range check loop optimization issue (8314307)
  • BZ - 2257874 - CVE-2024-20945 OpenJDK: logging of digital signature private keys (8316976)

aarch64

jboss-eap-7/eap-xp4-openjdk17-openshift-rhel8@sha256:ffb1c9f79d33d73d9d78e49af59eeed7a7e53040be7f0bbecc17f2f46ef09599
jboss-eap-7/eap-xp4-openjdk17-runtime-openshift-rhel8@sha256:0810eafeb8b67af0f781bc19c1684c8e6fd94712434f860ba37699ba3a19a3c5

ppc64le

jboss-eap-7/eap-xp4-openjdk17-openshift-rhel8@sha256:ed904e0874adfb60692341cf7d0ef4cd94e10cf48704ab5188dc100a59572135
jboss-eap-7/eap-xp4-openjdk17-runtime-openshift-rhel8@sha256:5bc0e28aacaadfd81dcf0590b05773afc1f86880d8ff77487cebcedf6cb475de

s390x

jboss-eap-7/eap-xp4-openjdk17-openshift-rhel8@sha256:18d673e8d775f934389f44984b34a7c98275bad573e4b2db92231da1bd97a7bb
jboss-eap-7/eap-xp4-openjdk17-runtime-openshift-rhel8@sha256:47807fc5aa4f2265adef8806e6d312f856ae98fe5be8c6264fe3dca523a407b3

x86_64

jboss-eap-7/eap-xp4-openjdk17-openshift-rhel8@sha256:956e2e4134cfd3df4b5c75723722a3d19ad023a262756993dfe47ded9fcfefb1
jboss-eap-7/eap-xp4-openjdk17-runtime-openshift-rhel8@sha256:cdaad2b7f5eacd5496e7f891e89f1ee5de7a8211c37e569e67837d0e9f399cb5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.