Red Hat Product Errata RHBA-2024:0784 - Bug Fix Advisory
Issued:
2024-02-12
Updated:
2024-02-12

RHBA-2024:0784 - Bug Fix Advisory

Synopsis

updated RHEL-8 based Middleware Containers container images

Type/Severity

Bug Fix Advisory

Topic

Updated RHEL-8 based Middleware Containers container images are now available

Description

The RHEL-8 based Middleware Containers container images have been updated to address the following security advisory: RHSA-2024:0266 (see References)

Users of RHEL-8 based Middleware Containers container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in Red Hat Container Catalog (see References).

Solution

The RHEL-8 based Middleware Containers container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).

Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.

Affected Products

  • Red Hat OpenShift Container Platform 4.12 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.11 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64

Fixes

  • BZ - 2257728 - CVE-2024-20918 OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)
  • BZ - 2257837 - CVE-2024-20952 OpenJDK: RSA padding issue and timing side-channel attack against TLS (8317547)
  • BZ - 2257850 - CVE-2024-20926 OpenJDK: arbitrary Java code execution in Nashorn (8314284)
  • BZ - 2257853 - CVE-2024-20919 OpenJDK: JVM class file verifier flaw allows unverified bytecode execution (8314295)
  • BZ - 2257859 - CVE-2024-20921 OpenJDK: range check loop optimization issue (8314307)
  • BZ - 2257874 - CVE-2024-20945 OpenJDK: logging of digital signature private keys (8316976)

ppc64le

rhpam-7/rhpam-kogito-builder-rhel8@sha256:e7a4deb54fea8282d225bff611f5ea1384201ae0fea4dc75a9e411325164c635
rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:4c92fd79594bcf60a73eea3e2464b2de881fde9a7ca49a0ac24618cead8a95c9

x86_64

rhpam-7/rhpam-businesscentral-monitoring-rhel8@sha256:29978ff82c34e6ff6feacc9cc917121e5d771094d161679cb7bb32d2e0c3ea27
rhpam-7/rhpam-businesscentral-rhel8@sha256:35943d61f17050794431b5ffb2ee3824cd473c1aac4bdd6f00db9974c2a2008f
rhpam-7/rhpam-controller-rhel8@sha256:c686cfff08eff490679cddee578bcc889a45e85b161adb29f9c41d2d446c7dcf
rhpam-7/rhpam-dashbuilder-rhel8@sha256:8c7bdde7e17a5af7b49f00a6c8d5d72e6a8d7006f923970b3aa240df7a0c4c90
rhpam-7/rhpam-kieserver-rhel8@sha256:443630e927f2a473afeaaf2c0502c0d1dc310ab489607520cafa5fc2a65618ab
rhpam-7/rhpam-kogito-builder-rhel8@sha256:f6d4760e9a30a59b27a33862163917046cafdb6b1f6649f893dbc4deae823fc8
rhpam-7/rhpam-kogito-runtime-jvm-rhel8@sha256:4c9f04287b9b47a132c2f829d64b15edeec3e17917bd48c465e728db96eb419f
rhpam-7/rhpam-operator-bundle@sha256:785b78c62988a70fc84f7aa4d801bc2455eb4e8aeb3c5867e9fc77793814ff2d
rhpam-7/rhpam-process-migration-rhel8@sha256:71c48523b079da1a6fa41b9ef5c50019bbe9518140c816111d9a4fa8183f56e6
rhpam-7/rhpam-smartrouter-rhel8@sha256:5f2602ce2fe03f822806f62700d21368107e5fb7794732852816647c4033bb3d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.