- Issued:
- 2024-07-23
- Updated:
- 2024-07-23
RHBA-2024:4525 - Bug Fix Advisory
Synopsis
Red Hat Quay v3.12.0 bug fix release
Type/Severity
Bug Fix Advisory
Topic
Red Hat Quay 3.12.0 is now available with bug fixes.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Quay 3.12.0
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Quay Enterprise 3 x86_64
Fixes
- PROJQUAY-6763 - Quay 3.11 new UI operations of enable/disable team sync from OIDC group should be audited
- PROJQUAY-6826 - Log histogram can't be hidden in the new UI
- PROJQUAY-6855 - Quay 3.11 new UI no usage log to audit operations under user namespace
- PROJQUAY-6857 - Quay 3.11 new UI usage log chart covered the operations types list
- PROJQUAY-6931 - OCI-compliant pagination
- PROJQUAY-6972 - Quay 3.11 new UI can't open repository page when Quay has 2k orgs and 2k image repositories
- PROJQUAY-7037 - Can't get slack and email notification when package vulnerability found
- PROJQUAY-7069 - Invalid time format error messages and layout glitches in tag expiration modal
- PROJQUAY-7107 - Quay.io overview page does not work in dark mode
- PROJQUAY-7239 - Quay logging exception when caching specific `security_reports`
- PROJQUAY-7304 - security: Add Vary header to 404 responses
- PROJQUAY-6973 - Add OCI Pagination
- PROJQUAY-6974 - Set a default auto-pruning policy at the registry level
- PROJQUAY-6976 - Org owner can change ownership of API tokens
- PROJQUAY-6977 - Trigger event on image expiration
- PROJQUAY-6979 - Annotation Parsing
- PROJQUAY-6980 - Add support for a global read only superuser
- PROJQUAY-7360 - Missing index on subject_backfilled field in manifest table
- PROJQUAY-7393 - Create backfill index concurrently
- PROJQUAY-7116 - Allow to ignore audit logging failures
CVEs
- CVE-2020-15778
- CVE-2021-43618
- CVE-2022-36763
- CVE-2022-36764
- CVE-2022-36765
- CVE-2022-40897
- CVE-2023-2953
- CVE-2023-6004
- CVE-2023-6597
- CVE-2023-6918
- CVE-2023-25193
- CVE-2023-37328
- CVE-2023-43785
- CVE-2023-43786
- CVE-2023-43787
- CVE-2023-45229
- CVE-2023-45231
- CVE-2023-45232
- CVE-2023-45233
- CVE-2023-45235
- CVE-2024-0450
- CVE-2024-3651
- CVE-2024-25062
- CVE-2024-28182
- CVE-2024-28834
- CVE-2024-33599
- CVE-2024-33600
- CVE-2024-33601
- CVE-2024-33602
References
(none)
ppc64le
quay/clair-rhel8@sha256:bbfe2282ff5ab6ff2f14c7232f451c6a976f06e55c024cd61b09962212b4d13c |
quay/quay-bridge-operator-bundle@sha256:7037eef7a950cb3be76550f815f5cbbfe4e37c5ad04706af98e608cbb0d59c72 |
quay/quay-bridge-operator-rhel8@sha256:3c17d533303104721194885066088ad7eb1b51f475a168b886a416e9eebe2369 |
quay/quay-builder-qemu-rhcos-rhel8@sha256:cbfc6385a5a8af2b0ba60ab5d37256ed1c6ddbf5250deda94f8ad0ca551a50e3 |
quay/quay-builder-rhel8@sha256:76bad19d8a5f5fe68d5ddbc6779c7ced5b5b70ab4567a07b2bbe03990f096862 |
quay/quay-container-security-operator-bundle@sha256:b03c3938bdf6dc9a47cedc5aac7f6e8f5d5d443d134701d6ce909e4c755582ba |
quay/quay-container-security-operator-rhel8@sha256:f34ea7ab218f93e36b65ef014f465f16d362aaf4c05f66697b0814662d4e9238 |
quay/quay-operator-bundle@sha256:7d15f9be437aad9d68ac90c788c647a46d53c8b8536635ee03ef9da623383ee6 |
quay/quay-operator-rhel8@sha256:cb93ba6f1e5bd8c5cf0ba1d45b327b632f9567323f703c8afda689fa346af0b9 |
quay/quay-rhel8@sha256:d667d4f5cb41fc815c24ac25af7cba9c93a277f16ac5276210b8e98bad5a596d |
s390x
quay/clair-rhel8@sha256:3d404e0ac2feacd35608c637e8a58053ff86270107813aabe2ca9c167ce05884 |
quay/quay-bridge-operator-bundle@sha256:49107dc34c46c5e48bd11811a2eaff57a208ea444a2f8fa974fa0a91870534ae |
quay/quay-bridge-operator-rhel8@sha256:ae7645c9f18d7428871ddaa957b808b2368280b7488001b162cce414e1f7f267 |
quay/quay-builder-qemu-rhcos-rhel8@sha256:4736a78d7c51060d09df67e8e085d8855ac0a751b675aa2a0dc42604f7c3baf7 |
quay/quay-builder-rhel8@sha256:9f190ef2be8f8b578abcdc9f3cd1e7b2557063dd6d7431194ff058c458d96dd7 |
quay/quay-container-security-operator-bundle@sha256:85ac81195575a11944402baeec2a6c1fdb42902c6193ccd60f5f636a664d91a2 |
quay/quay-container-security-operator-rhel8@sha256:bf213e88105f651f764261cabe188f7cdcf39776f16a6d2a59de0b8b5ef222a2 |
quay/quay-operator-bundle@sha256:1398117e7caff049c7b94a0522e50953778b48771b678a2b85de318e9c38cb06 |
quay/quay-operator-rhel8@sha256:1511f11dbb9b15512b979ef7cb5230c2210e07b456daa776bae4075f0b8a6cf9 |
quay/quay-rhel8@sha256:b9170a984ef6aa5595496bc901826bd61fb422202206b6237f1f210418aa9d88 |
x86_64
quay/clair-rhel8@sha256:8bdc9606cff78634b33895af4430f8c4c08d451a6d1d445f6bcd55c129345895 |
quay/quay-bridge-operator-bundle@sha256:e4634d56d71c4185858b616d32fed46b94539b3a00d8ad1cca061cc4c4d49b7d |
quay/quay-bridge-operator-rhel8@sha256:240acfa200e9b49f8d7801b5c813bd6f88223ce3ff17050bc3fddd38b70a330d |
quay/quay-builder-qemu-rhcos-rhel8@sha256:575985ff6f349562904aa63b9cf18c30df191f483a576c9a163adb6aff48b0a5 |
quay/quay-builder-rhel8@sha256:05bfe7664b05cc25fbba13c0ef58717587d7b1c60c0ef7bca7019675a8552b36 |
quay/quay-container-security-operator-bundle@sha256:b034d99361eb704ac3faa07c8240d0c292ddfefdf307be8bd2dca8aa25d33f67 |
quay/quay-container-security-operator-rhel8@sha256:51e198c27fca755c0910b8f7ae9cd1d55ef18a6b8cccc2dd46273548ad52b546 |
quay/quay-operator-bundle@sha256:12b32f188ca5b74182a70a821b92d0586412bbc669f05e737518bec4599fc819 |
quay/quay-operator-rhel8@sha256:5da8264fcfc1a3d872031a565986d093584eb89db140d9339e932f179501f8d4 |
quay/quay-rhel8@sha256:0ede1c815d5c0a4b398e1fe4d808b909854007683c83cca08713f1ac4325ab8d |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.