Red Hat Product Errata RHBA-2024:3678 - Bug Fix Advisory
Issued:
2024-06-06
Updated:
2024-06-06

RHBA-2024:3678 - Bug Fix Advisory

Synopsis

updated RHEL-8 based Middleware Containers container images

Type/Severity

Bug Fix Advisory

Topic

Updated RHEL-8 based Middleware Containers container images are now available

Description

The RHEL-8 based Middleware Containers container images have been updated to address the following security advisory: RHSA-2024:3344 (see References)

Users of RHEL-8 based Middleware Containers container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in Red Hat Container Catalog (see References).

Solution

The RHEL-8 based Middleware Containers container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).

Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.

Affected Products

  • Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.9 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.9 for RHEL 7 x86_64
  • Red Hat OpenShift Container Platform 4.8 for RHEL 7 x86_64
  • Red Hat OpenShift Container Platform 3.11 x86_64
  • Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for Power 4.9 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.9 for RHEL 8 s390x

Fixes

  • BZ - 2277202 - CVE-2024-33599 glibc: stack-based buffer overflow in netgroup cache
  • BZ - 2277204 - CVE-2024-33600 glibc: null pointer dereferences after failed netgroup cache insertion
  • BZ - 2277205 - CVE-2024-33601 glibc: netgroup cache may terminate daemon on memory allocation failure
  • BZ - 2277206 - CVE-2024-33602 glibc: netgroup cache assumes NSS callback uses in-buffer strings

ppc64le

fuse7/fuse-console-rhel8@sha256:1335c7fdd3e2759de42c0308a4ef37366efa5e2b4156432476d733ca0dd5f947
fuse7/fuse-console-rhel8-operator@sha256:a6cbee9f8cf570216a0ed99d7be1be4c30b7ff284786b95a9684ba5bdc018808
fuse7/fuse-java-openshift-jdk11-rhel8@sha256:87166a23d419761715de78f56f0fdd022e047391ad445a7a7ea3d29f933f71dd
fuse7/fuse-java-openshift-jdk17-rhel8@sha256:28eac1846ded706210fc7d6fdad0e84df74f17c125821035b25bae0fc43fd611

s390x

fuse7/fuse-console-rhel8@sha256:6ce4c1618a6efd521c8dd71a4bb89e015cfc88424e5a66fcc424f424c1d51b9f
fuse7/fuse-console-rhel8-operator@sha256:6bc84ec13b06eb7a24f85097896108cffb16f34af926d0d9d9c5587cbf0aeaa8
fuse7/fuse-java-openshift-jdk11-rhel8@sha256:beea912285bf83827bc8588691883c535f1037584dbc024f47b8eeb9f849bf52
fuse7/fuse-java-openshift-jdk17-rhel8@sha256:0b5c358b13e47e2252bf84729bfd0f0d3a467f7060defb32c34ed9c3747c6cbc

x86_64

fuse7/fuse-apicurito-generator-rhel8@sha256:c2e8405237d22df85901176121875f44129a370929bfc67dd0f644197e055dd4
fuse7/fuse-apicurito-rhel8@sha256:99e49cbda7dd446724b58634159c1485abea0004bbe89d609c253dcba2eb28f7
fuse7/fuse-apicurito-rhel8-operator@sha256:0d7d36897bf6ad7cc14453a59e65605f5ce6d265fbab943a8a7fd3e14effe193
fuse7/fuse-console-rhel8@sha256:7e3759a7133aa3ee6c97e2ea6fff487b94f1e02fe2e744571a666bd8805d15c9
fuse7/fuse-console-rhel8-operator@sha256:6f48178e73eb997335ecc54c82e514fefd0163118798fa5ca03055397b50612f
fuse7/fuse-java-openshift-jdk11-rhel8@sha256:7e713a7fb685dc9484e565dfc0e73479e0a99bd1dc9b2d1e81cc342ecc9016ab
fuse7/fuse-java-openshift-jdk17-rhel8@sha256:e9ff225dbad565f8474a0b305f5c679d5383df2cc35b7b10ff24bbc8bd88d715
fuse7/fuse-java-openshift-rhel8@sha256:e0e826bf48798586e4c792413564734036c7e31406d65af80bf706336f224e2f
fuse7/fuse-karaf-openshift-jdk11-rhel8@sha256:30eab84464ec254bdc125c1d2ee273dbb4e9683fbb5c47394356c1c4b808c6d0
fuse7/fuse-karaf-openshift-jdk17-rhel8@sha256:5ca1939b44f32a5dc4f897786752d72466b4808a44c3fdb7939d1b2d7bede7b5
fuse7/fuse-karaf-openshift-rhel8@sha256:2efbdb02cb56c3a749d2be6c1f92b1c5b6967ebba77886da1147f7d7169138d1

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.