RHBA-2024:1026 - Bug Fix Advisory

Topic

Updated RHEL-9-based Middleware Container images are now available.

Description

The RHEL-9-based Red Hat build of OpenJDK container images have been updated with bug fixes and enhancements.

Users of RHEL-9-based Middleware container images are advised to upgrade to these updated images. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in the Red Hat Ecosystem Catalog (see the References section).

Solution

You can download the RHEL-9-based OpenJDK container images that this update provides from the unauthenticated Red Hat container registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Ecosystem Catalog (see the References section).

Dockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.

Affected Products

• Red Hat JBoss Middleware 1 x86_64

Fixes

• OPENJDK-1165 - Removal of Tar and Rsync in OpenJDK image breaks `oc cp` commands
• OPENJDK-2408 - s2i-core script uses rsync, but doesn't preserve modification time
• OPENJDK-2414 - [rhel-9] Explicitly set "version" and "name" labels for consistency
• OPENJDK-2519 - reinstall tzdata RPM to fix missing data in the ubi-minimal base image
• OPENJDK-2595 - [rhel-9] usage label for jdk21 image inconsistent with others
• OPENJDK-1963 - MAVEN_MIRRORS documentation does not explain upcasing behaviour
• OPENJDK-2177 - re-organise behave test files to match cekit module heirarchy

CVEs

• CVE-2021-35937
• CVE-2021-35938
• CVE-2021-35939
• CVE-2023-5363
• CVE-2023-5981
• CVE-2023-6135
• CVE-2023-7104
• CVE-2023-27043
• CVE-2024-0553
• CVE-2024-0567

References

• https://catalog.redhat.com/software/containers/explore