Red Hat Product Errata RHBA-2024:3956 - Bug Fix Advisory
Issued:
2024-06-17
Updated:
2024-06-17

RHBA-2024:3956 - Bug Fix Advisory

Synopsis

updated RHEL-8 based Middleware Containers container images

Type/Severity

Bug Fix Advisory

Topic

Updated RHEL-8 based Middleware Containers container images are now available

Description

The RHEL-8 based Middleware Containers container images have been updated to address the following security advisory: RHSA-2024:3344 (see References)

Users of RHEL-8 based Middleware Containers container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in Red Hat Container Catalog (see References).

Solution

The RHEL-8 based Middleware Containers container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).

Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.

Affected Products

  • Red Hat OpenShift Container Platform 4.12 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.11 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64

Fixes

  • BZ - 2277202 - CVE-2024-33599 glibc: stack-based buffer overflow in netgroup cache
  • BZ - 2277204 - CVE-2024-33600 glibc: null pointer dereferences after failed netgroup cache insertion
  • BZ - 2277205 - CVE-2024-33601 glibc: netgroup cache may terminate daemon on memory allocation failure
  • BZ - 2277206 - CVE-2024-33602 glibc: netgroup cache assumes NSS callback uses in-buffer strings

ppc64le

ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:11fbb58a1a451fba5d87b495f09ebb943eae23cf71decea8a21e6919279e3eb0
ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:a7ced24c777fe8ccc627af7df9d8f38e69c65cb428b60fc2917d03f67c73a598
ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:18257fcfd9ae9786240a044f7acf390cba9af4536b97cbc502ea6482f6e03fc2
ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:b10110e4269b5445813c98838e0d6b4011ece12ad865cb22797f9beabee4b545

x86_64

ibm-bamoe-tech-preview/bamoe-kogito-runtime-native-rhel8@sha256:4ba41b60032d930873ff377ef72d3953cef996aefbd471d3cb3fa25251b0faad
ibm-bamoe/bamoe-businesscentral-monitoring-rhel8@sha256:aaeb54e8fbaf21b92dfdca31e3ed74c123bb95b6322d5647993075e67a72e062
ibm-bamoe/bamoe-businesscentral-rhel8@sha256:343ccbe9eaf86642960ac3c8f38920dac3c07226be28f5eb94c59b650fe6e4a9
ibm-bamoe/bamoe-controller-rhel8@sha256:ec73cd32fd075c8c62aff209aa0d306cade8ace3725c0dd1d71f74586f05290d
ibm-bamoe/bamoe-dashbuilder-rhel8@sha256:56f2ec9c53eca902bfb7b09d2ccedeca0dc39dccd2c50930b883d1ac4f71969e
ibm-bamoe/bamoe-kieserver-rhel8@sha256:c049e3dfba4db095e572e517f583d86bfb19c46e38e056bd4ceb41ace3f578e5
ibm-bamoe/bamoe-kogito-builder-rhel8@sha256:1711905ada82b3ff3eb91c63e6dd700e741a562c641ab99e7b4b36252901fa12
ibm-bamoe/bamoe-kogito-rhel8-operator@sha256:38859e15fdac8daf9ed3231947c652ea96b24294cd43f8283bcc98354c937fc9
ibm-bamoe/bamoe-kogito-rhel8-operator-bundle@sha256:5ed7da7a792dec837c64f795841232cff75c8c08ade87e12b082bee83997f208
ibm-bamoe/bamoe-kogito-runtime-jvm-rhel8@sha256:c622c7b8f68f71f54b7b52ab2e6b80dca9d414adddce8d37607389c8536394a4
ibm-bamoe/bamoe-operator-bundle@sha256:451a9b3a37557ab43827150f7f6f58727d4ca75c56b937d27854c0017a2aade8
ibm-bamoe/bamoe-process-migration-rhel8@sha256:db7cb420bde241bbc76deae7ef027e420c3c76a1a865b254fcf095ca5396c3d1
ibm-bamoe/bamoe-rhel8-operator@sha256:073327e7d02f431d32a959e7cc8582e15c3892877d86064b7f58a7c680f32a23
ibm-bamoe/bamoe-smartrouter-rhel8@sha256:00cf0d915455f3b982e69e08156fde512a7cbf9864a4fd41174278c629605951

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.