Red Hat Product Errata RHBA-2024:8297 - Bug Fix Advisory
Issued:
2024-10-21
Updated:
2024-10-21

RHBA-2024:8297 - Bug Fix Advisory

Synopsis

updated Red Hat OpenStack Platform 17.1 for RHEL 9 container images

Type/Severity

Bug Fix Advisory

Topic

Updated Red Hat OpenStack Platform 17.1 for RHEL 9 container images are now available

Description

The Red Hat OpenStack Platform 17.1 for RHEL 9 container images have been updated to address the following security advisory: RHSA-2024:6909 (see References)

Users of Red Hat OpenStack Platform 17.1 for RHEL 9 container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in Red Hat Container Catalog (see References).

Solution

The Red Hat OpenStack Platform 17.1 for RHEL 9 container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).

Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.

Affected Products

  • Red Hat OpenStack 17.1 for RHEL 9 x86_64

Fixes

  • BZ - 2302255 - CVE-2024-6923 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection
  • BZ - 2309426 - CVE-2024-6232 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

x86_64

rhosp-rhel9/openstack-aodh-api@sha256:b219d2432fa0d5392bcde9cb575ede322532ccfcd287ea8deac618ea238bc3d3
rhosp-rhel9/openstack-aodh-base@sha256:72d91c1238d011916c78fd9b5e7575667fe89772b47c0b225315ffe990a5b7f4
rhosp-rhel9/openstack-aodh-evaluator@sha256:a98ecc1b4ebe98310045312e20fcef7a2d830d5acd0e21db105e7d51f3777be2
rhosp-rhel9/openstack-aodh-listener@sha256:9e7bfc102ca0b4a496e7a924d3030f0c1ae5a59ca90438df282bd3fe5435ed08
rhosp-rhel9/openstack-aodh-notifier@sha256:a08a31eb3079016b15df6c09683c5d22a83dd9592ba8b1580ff730600d78d240
rhosp-rhel9/openstack-barbican-api@sha256:f97004877bc02654c848718dcbc226e16cc9ff47c9c933bd10763b620470b2fc
rhosp-rhel9/openstack-barbican-base@sha256:ffd0886622a99df6b539b975e8accdc379aa3513392477c596caba457ac662e6
rhosp-rhel9/openstack-barbican-keystone-listener@sha256:739dced27bc45433a4d70035a948016a7e3f5f79c2f2407c0d7a7d9f31bcdcca
rhosp-rhel9/openstack-barbican-worker@sha256:98ecf199d039df2fb6a500b52aaa67df0d5988daf05918e0b2e4ca103128f4f2
rhosp-rhel9/openstack-base@sha256:f223f638728b7ce44e690821b9720742a03c6bb174d36231928f8ab0a4622df8
rhosp-rhel9/openstack-ceilometer-base@sha256:676d5facaeb74649ce8142c2a02cfa5f2da8ea7c353a7a31f5ca5dca71db2d5a
rhosp-rhel9/openstack-ceilometer-central@sha256:65951dcf44f82f3f90c9e81f282bd1702c36d55aed2e67f39ac971ad5a7ad758
rhosp-rhel9/openstack-ceilometer-compute@sha256:16643d159d8c375841a38a4a11bf1dae65713edc0954bfc094dff50259196068
rhosp-rhel9/openstack-ceilometer-ipmi@sha256:7b802f56d66a87b9df7205d5a45b61f8ba738681685a69664fbf3092895a3d5f
rhosp-rhel9/openstack-ceilometer-notification@sha256:e0a6992b329aa2fd6188edbcf344151f00dcaeb76ef1ea6b6d2fa2b5500a9f57
rhosp-rhel9/openstack-cinder-api@sha256:24c9205b1fd9715e186672bda3344b3ae99d759670bb0e0e7ec87a50385ecdeb
rhosp-rhel9/openstack-cinder-backup@sha256:213f9cfef6b476b69f357d51966c847bc6ca96af46d590a22489d63439c45ec2
rhosp-rhel9/openstack-cinder-base@sha256:fcf0c9a282f50423dfc8c4680338c133caba3376b174e0efe74e92d13cd69911
rhosp-rhel9/openstack-cinder-scheduler@sha256:618ed7e57be35d736fde1a798f40d5775b78478765f43b98f092473d8568995f
rhosp-rhel9/openstack-cinder-volume@sha256:cb9be8c6258e788bb0958d38a91f21224723ac2fc3d15902b2c856c842be6d75
rhosp-rhel9/openstack-collectd@sha256:db7f1e0787a3f3ef0ec350b7dd96573b1829befd2ff5676119d6a89d6d4d994a
rhosp-rhel9/openstack-cron@sha256:8a4005bfd725efce0714f8c60b62ce808db0b6f5e4cbd49b089bb45550a092e2
rhosp-rhel9/openstack-dependencies@sha256:ef6231d0425c4ca4fb4a97d500df14f68210cc6d1559bd83fd57513c9714bde2
rhosp-rhel9/openstack-designate-api@sha256:b84558855369cf73ac9147b8c657e7b939dd83f81c119e5c7e1021b8c77ffa71
rhosp-rhel9/openstack-designate-backend-bind9@sha256:07fd4cc796c254c552db4f5e202fb93fb407c3b8a2553cf53fbc91a1a1d8371f
rhosp-rhel9/openstack-designate-base@sha256:90e595d6529497852a0e0b761ca94fd63da1a255bb1eb4e05c23c44841fd76ce
rhosp-rhel9/openstack-designate-central@sha256:924f8830f09ab3136c146caf105ca2e832e4f5aec6e69969dd7a282bac1c23fb
rhosp-rhel9/openstack-designate-mdns@sha256:e628b47a5a8c2398b0240a8dd4e5bace9b7d4d370cddb8b237e56a0e48c34780
rhosp-rhel9/openstack-designate-producer@sha256:82828ddf2632ebf3679040145c7516d19251cb99f7fccdd3a4f0b59b81694fb7
rhosp-rhel9/openstack-designate-sink@sha256:33cea1adf683414e333af798fee91a2ab5759fee2554fbfa1be45b6e2d92884e
rhosp-rhel9/openstack-designate-worker@sha256:8b52acdb20ac9e16f347d5062b70dbb6b963b0f94ab3b4380851faee5480d099
rhosp-rhel9/openstack-etcd@sha256:e3d8181c7f2800818d0862006ba09b81226ee6b521e60671d51975ad0d54de61
rhosp-rhel9/openstack-frr@sha256:cea64ac2bac7265fc09b85e3447cc5ce70046656f38460ffc5c0ce622a4d41e9
rhosp-rhel9/openstack-glance-api@sha256:f526028a387cd11299b5f15f381537d76c200b5f2f75f191be9d2bc61b34597f
rhosp-rhel9/openstack-gnocchi-api@sha256:6dee4c2bd6d07d9a691f43049b8f0391fd73225cbbfd71229daf7429e04e8e5e
rhosp-rhel9/openstack-gnocchi-base@sha256:c422aa735aa9af73ad6578d1e56ead8dc3bd07bb2656080cbe7ee52ac771dccd
rhosp-rhel9/openstack-gnocchi-metricd@sha256:aee0244fe09d0c05c0b3dde8ec36e0ef2bd3c27b4a33b767ad1402c35fa7262e
rhosp-rhel9/openstack-gnocchi-statsd@sha256:ce2df24d8e06fced1719c9c4947be84d99e4b28e287dd7a18359b7f5f12086e4
rhosp-rhel9/openstack-haproxy@sha256:28d725bf495cedd170176a89c38a7ae66abbd30dde9dc924676a78b49c98b2c1
rhosp-rhel9/openstack-heat-all@sha256:616a3457456bd548f4feef0ee86b8cbd46f57b9db21b2fbd3a5841fd75e0df82
rhosp-rhel9/openstack-heat-api@sha256:a569997b1ce8b3270ff55878d48cdd9420d28e2b079f8166d9aa69b78ffd9835
rhosp-rhel9/openstack-heat-api-cfn@sha256:1500afa433b7985c24da027247d12a83fc7dc86b3fc490af6e2df5be34c5adc6
rhosp-rhel9/openstack-heat-base@sha256:720a3d60ca18fb2231fb0409413ef9d3d23cd9dc45df31af51b04d81212fad1c
rhosp-rhel9/openstack-heat-engine@sha256:19cc98a647ce9c5c8843b108f6997497f97550b7957ac0b2c20f0e5b7815f307
rhosp-rhel9/openstack-horizon@sha256:f896d838372221bfa1b79756cb1ea29c6f4fd9e04a6c9a91e8163bdce116910b
rhosp-rhel9/openstack-ironic-api@sha256:bca0b90c01bc0a2c2ece58480df5b88d248b2b744375d115412fa3efe5719034
rhosp-rhel9/openstack-ironic-base@sha256:f9f34035a9d4ed1c098822097e05b4657d3f9bab93a6adcaddfbe418ff30652b
rhosp-rhel9/openstack-ironic-conductor@sha256:9032ba4ddd9967f14223036aec131bb1a8e6d19ff6196567e3293853a8b92aba
rhosp-rhel9/openstack-ironic-inspector@sha256:eb0d6f09ef2d3e308b0d9c098d3855b6bcc16af9c6bb3f334df84170576d223b
rhosp-rhel9/openstack-ironic-neutron-agent@sha256:7d6f2ec82f191078f26db3bf9272ea17b5aff0002ba95667a824c25bbb5cc3b9
rhosp-rhel9/openstack-ironic-pxe@sha256:f18a0bf5ff46450dead6326697c140a12544cb0524c27fdd740344d044171013
rhosp-rhel9/openstack-iscsid@sha256:9929f0b4835a403adfdc87578fe19951b9bf7f4b903a9743dea6e5297f51291e
rhosp-rhel9/openstack-keystone@sha256:74bcff6cdd5729bcbedb472794a5566bd06edce3d387a932fcc93d89e42af172
rhosp-rhel9/openstack-manila-api@sha256:ec842e9c602d07d54b0fc3f8c9f9d07d0dfe291e46d7f287f05312cf9114c93d
rhosp-rhel9/openstack-manila-base@sha256:864b5907b9d8f633ff27e5a6889dfb6a40f1cd71fbb76fa6f8fe119b0a4c00ad
rhosp-rhel9/openstack-manila-scheduler@sha256:5ce26c43d49a176277613e3c1442f31637b5f374a213f7fabd91eaceb4a68d07
rhosp-rhel9/openstack-manila-share@sha256:2da36f7f8bffb1859b3d596faf38281c585b12e55e5d0a965978aa0bd079784d
rhosp-rhel9/openstack-mariadb@sha256:b8528b622097129bc9109fe5799b8f4d121475b00351f22a58e449b3a26836ec
rhosp-rhel9/openstack-memcached@sha256:e4b24ecbeeba3d1e698e438b5544dd785cac975ec8e780abca865e7068049b73
rhosp-rhel9/openstack-multipathd@sha256:b2d574f9fe9c84451cad15ed657ddab8f8a719a94ff5fe5cabef013d9b9965b7
rhosp-rhel9/openstack-neutron-agent-base@sha256:00289337742387258ff105d423b524ecfe6877dd811b726865d488a67e58b4ec
rhosp-rhel9/openstack-neutron-base@sha256:3febb981b30437a9678f70fe57de28958a3c4e57b95c003055fda299736458e6
rhosp-rhel9/openstack-neutron-dhcp-agent@sha256:81ac69e5b4ab4dedca36f310461193098a8a2ef7414c2783dfeae3d17067f8ab
rhosp-rhel9/openstack-neutron-l3-agent@sha256:acf57618fdded992043c4403301b0e9f89d35dfd5d26964ae6e7e98da8745496
rhosp-rhel9/openstack-neutron-metadata-agent@sha256:b30e9e88d922d6776e2591d30acbc232c0e0ffebce6e936e52f32fbb1a03d9b3
rhosp-rhel9/openstack-neutron-metadata-agent-ovn@sha256:27d3454004952566ee11530bfa8ed961b1d80e0a07c5b38d97225435525d2cee
rhosp-rhel9/openstack-neutron-openvswitch-agent@sha256:2930d6114184054bded06a3748e3f6c86f1f5ce4ed1df58bb75500a7a5bdd621
rhosp-rhel9/openstack-neutron-server@sha256:e4103247451a99758c74626e995d3e566414ec4c703c7954de0807f5b9e7d589
rhosp-rhel9/openstack-neutron-sriov-agent@sha256:82fc3614e2de3e4d799767ffc9577625584a3593ad9a5265323485990d1af1da
rhosp-rhel9/openstack-nova-api@sha256:3536af9d97a0a4688069d318566023ace73933f15e038b08600a279a3e8f9bc4
rhosp-rhel9/openstack-nova-base@sha256:e9c156b543650e3d378666ae8260041bec9ac2d657c65a4c0f7ca03948fe7a8d
rhosp-rhel9/openstack-nova-compute@sha256:b0251d3af194bd5af4f92e6d7fab98e5b262cf95309b4c680d3de5a804491dde
rhosp-rhel9/openstack-nova-compute-ironic@sha256:93ee7332c2bab22cc17e07f4a5a31fba32622a45d0e792085cc2ea6f32063ee0
rhosp-rhel9/openstack-nova-conductor@sha256:1810b76e4dd5ea3baa2d3d88c9ebc348ecc34c264e30c3f6564a4a6f04be4287
rhosp-rhel9/openstack-nova-libvirt@sha256:2915bd972de6efe63cb1bedf83735fb4fe9b39e8c6d2bfa574338f9550d40cdf
rhosp-rhel9/openstack-nova-novncproxy@sha256:5a877ddc2e733cf4080cff1115d3ef6ffc61b4719b059de550ee29b6e98aaafd
rhosp-rhel9/openstack-nova-scheduler@sha256:23562b340d6b0c69891c4d2860371795f14d7d48b1a930039e5585efda3341d3
rhosp-rhel9/openstack-novajoin-base@sha256:bee69ff1b04dbab5c261f2d2c889f6e4825096634bdcd9bb2f9a47fe96a842c0
rhosp-rhel9/openstack-novajoin-notifier@sha256:6e1ac8d05413094f83742612b924a7fe19fbbae1ebb09a59f0360bb1b43d3be7
rhosp-rhel9/openstack-novajoin-server@sha256:4ed203156395dc84567ef111beb4302a2daf7a532f9b20e408ded0ee819951c9
rhosp-rhel9/openstack-octavia-api@sha256:e7781318c2809a9b9bb0a1c6848a16696cc076d0c4cc13fa76ac2a9a1b0cae5a
rhosp-rhel9/openstack-octavia-base@sha256:ac8453e87f4631924e97dfefe60e0dd9db0a86c0f117355800dadaf2daa39c0b
rhosp-rhel9/openstack-octavia-health-manager@sha256:8123f3b46a0c284ea80c0f630f714f9f49b16f5840e884d81cc860d8ae7b1ba5
rhosp-rhel9/openstack-octavia-housekeeping@sha256:4d2f5fa72332433bb977342fcdd5204ba01202b46459cfedae32d82e453aac69
rhosp-rhel9/openstack-octavia-worker@sha256:a079e89f9372b6e0eecee34edc0ae85e66e25a00a432c6b77f26cf670b665720
rhosp-rhel9/openstack-ovn-base@sha256:2698269d952a359bc5605a4a72744d06c7e49a4ccc42a472f92e18b597c55749
rhosp-rhel9/openstack-ovn-bgp-agent@sha256:eb75810cff667b1eb459e87ad0fbab13d96bb1a9b1d284d04412817c5cf553eb
rhosp-rhel9/openstack-ovn-controller@sha256:a75d97884c3a5a12805956b5216885a46712e91a1b9ca3c89167e6eda8f9ddcf
rhosp-rhel9/openstack-ovn-nb-db-server@sha256:b8309ce19bd628383fe9a63badb777abb666e14e734698d2e449fc94a00f5b79
rhosp-rhel9/openstack-ovn-northd@sha256:a85686d477c710f7383e43fe03e9a8398d648f4b8ff803d3ecdf78e63307bcbf
rhosp-rhel9/openstack-ovn-sb-db-server@sha256:6fe9699e372bc2804a37ef781a001bcd2b69f0890f56556e90c7c0fcb117804e
rhosp-rhel9/openstack-placement-api@sha256:d46d97cadca4f086fcafd64ff07ceb1e1e1dbe4807bccbfb6febea3b1e9bbbbc
rhosp-rhel9/openstack-qdrouterd@sha256:59a8ae92ee9d86b415ef6b3fdc4190259298c51a836bc3ef4c4bbf20975aee5f
rhosp-rhel9/openstack-rabbitmq@sha256:ddc6e7ecbefa95f80d0e4ffd40dbcd1708d4b734b07d72044f7106c11fb02c77
rhosp-rhel9/openstack-redis@sha256:44eb4d1a7026bd49bd4efca61d489d1deaf42aefabcd69dc1b5fb17a23f268bd
rhosp-rhel9/openstack-rsyslog@sha256:1b85612bcc9df79efcc41a811ff30af56e2a98ad4144fccc8340814603daeb2c
rhosp-rhel9/openstack-swift-account@sha256:50c569724ee47734c9de1849dd9bf66fd67a6567114db0f8781769b9055d8020
rhosp-rhel9/openstack-swift-base@sha256:86096aa5d7f38e0b4831b9ebb2b53ddfb2fc313b252453f496fba443122fa61c
rhosp-rhel9/openstack-swift-container@sha256:b4122c15def345e0ad43e4bef278ba19c2de1add436eff3b675a6500d1de935d
rhosp-rhel9/openstack-swift-object@sha256:ca45b1fb35fb8d3895546d5f0cdfb5340a3885af738a6aa1d567521a815fc594
rhosp-rhel9/openstack-swift-proxy-server@sha256:ae47bd0e7b51d898b4d7bd6e83e7db9d9ceb705255a3476f7f560fcd5f6ef29b
rhosp-rhel9/openstack-tempest@sha256:c70c24ec00a088eee40f757f55fc76c064a9497d517db657d26a2342d857c2ae
rhosp-rhel9/openstack-tripleoclient@sha256:f47e747f10d4247b9a4a27f3855d13dc82a57f19ada01b387080235dc541ed28
rhosp-rhel9/openstack-unbound@sha256:493446b6b3c2397bcbb8dfceb9a20c9856d82440fb36f68f212ed801f2cf9251

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.