Red Hat Product Errata RHBA-2024:7093 - Bug Fix Advisory
Issued:
2024-09-25
Updated:
2024-09-25

RHBA-2024:7093 - Bug Fix Advisory

Synopsis

updated RHEL-8 based Middleware Containers container images

Type/Severity

Bug Fix Advisory

Topic

Updated RHEL-8 based Middleware Containers container images are now available

Description

The RHEL-8 based Middleware Containers container images have been updated to address the following security advisory: RHSA-2024:6975 (see References)

Users of RHEL-8 based Middleware Containers container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in Red Hat Container Catalog (see References).

Solution

The RHEL-8 based Middleware Containers container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).

Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.

Affected Products

  • Red Hat OpenShift Container Platform 4.12 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.11 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
  • Red Hat OpenShift Container Platform for ARM 64 4.10 aarch64

Fixes

  • BZ - 2292921 - CVE-2024-4032 python: incorrect IPv4 and IPv6 private ranges
  • BZ - 2302255 - CVE-2024-6923 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection
  • BZ - 2309426 - CVE-2024-6232 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

aarch64

ubi8/openjdk-11@sha256:d8d1ed7bc727b9ec879c917a91293430b2f6f2e9572965f21f597ab6712875e9
ubi8/openjdk-11-runtime@sha256:2044adcfdbaf102fbc69fef2646b9109114dec8ce3cb89ad4f09beb8b05218d2
ubi8/openjdk-17@sha256:673b043417ab5b26132fbd48f43b5da62ce97ac3ebf1a075266e5bc84c55b8ba
ubi8/openjdk-17-runtime@sha256:000fe0d769fbcb87379ecd46b59bea9a9486011f4f9f2a2a242e6124b635b876
ubi8/openjdk-21@sha256:43e320fdd9f044439807d3c910018c28057e22456d7e0f2bbb4cc70acb5abcb5
ubi8/openjdk-21-runtime@sha256:ce9ba5177878ef546713f74b8ce036cbd61c2bfb1e8efcc3e223787979c1905e
ubi8/openjdk-8@sha256:640e87554cb2390042bcd68227f10c6c145883ee427c05af71ddb8eff8a9abb3
ubi8/openjdk-8-runtime@sha256:0cee6ae3578d1638c6bd1b5e3b0cfd9c76c5e91529d720010c22007eb9becc5d

ppc64le

ubi8/openjdk-11@sha256:0a28c7306fdc45b453ed16dd858374ee1344d943851b3907668535134853ff4f
ubi8/openjdk-11-runtime@sha256:6c73007410013bb3abf5b0bec9d06642f67dd70940fbbd8b3c9ac75caa9fafa1
ubi8/openjdk-17@sha256:d9fdf5fe1fd0173d207f8dbbdb74299770fe8b106885d2178e8c9c18bcb13f73
ubi8/openjdk-17-runtime@sha256:75c78dec59a120a03a1f6a1e572d56c2302ed668a68702214a5ffdc5d1cafcb7
ubi8/openjdk-21@sha256:e43491161793f682d73417879d781842d6332f354abaafff1d5aab5d34b0fa7a
ubi8/openjdk-21-runtime@sha256:dccd6f11917176df74e8dae6e13ec9052536e15b087bfffcc8267d53e7468319
ubi8/openjdk-8@sha256:77a5347f66cae574895b451762f1d2d7b6a7f0df16323bf4e995591001ae4b59
ubi8/openjdk-8-runtime@sha256:cc6cba9bbb084ab38dbcd2d40a8a6b457cc44c3abebe38af5394cf27533c3bac

s390x

ubi8/openjdk-11@sha256:59272c54f5b21f52451e6003ad4009b5ef95df927f1a31b61a4a3583acc97f70
ubi8/openjdk-11-runtime@sha256:e59a5a8a6de304b23ed46c1dfc53c75f185c25001a79f514aee199e2a5176e49
ubi8/openjdk-17@sha256:ac1deb6c99a499c9d8884d86fc2c2148fc5efd2fd58fcf1f5421deda149b91a5
ubi8/openjdk-17-runtime@sha256:1609a376535d86a7e4a83bed7b76f0720fce1192a72d547494fb7439f64ce88e
ubi8/openjdk-21@sha256:c20970de7e60a55fb2f77dceda3ee564322d5c9b74afa08a0274db85d7090cc1
ubi8/openjdk-21-runtime@sha256:abb352bffdfc41abb9989029121429ffec2afe1183d8b26042940dff9f889548
ubi8/openjdk-8@sha256:e6f0e1b2b006714babffd7668009ec2347e34b3d637a6795630d2fde759aded3
ubi8/openjdk-8-runtime@sha256:3d726015461f2657432f2755bc9cfa30cf61b87dd3ecf979a138076e255d56ed

x86_64

ubi8/openjdk-11@sha256:3079d840963b3416337120e483700a78529cb2ca0bfbbcdec3049cb86d5b6cb0
ubi8/openjdk-11-runtime@sha256:83bd688115a4a3f73f41dd2570c77df11a28de25280816b13baedbe8c5bb5950
ubi8/openjdk-17@sha256:1b94a4b1786a53c0712f8bf7b78598501369921ca7e3b43a036199694a91dd30
ubi8/openjdk-17-runtime@sha256:0da8f4367cc107997e968f114f6c148246bb9d4847948870ddca263a3e98ec7d
ubi8/openjdk-21@sha256:dd24bbdaffe2241bb8c7308bbe277bb2ef27fb7235866a8e5c4246fd1045fde7
ubi8/openjdk-21-runtime@sha256:692733685e50199d114aadaa1bd24f0d2e38bb4b4e112ad2c6b896488a49098b
ubi8/openjdk-8@sha256:45faee6de1bdd1f691bbd52acf19722bdfea78ab2344b4c977c4a7137f61f3b6
ubi8/openjdk-8-runtime@sha256:9083674837f016c015df38684bca988606c5d9cba28a55b2ed7ea437aceeb93d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.