Red Hat Product Errata RHBA-2024:9861 - Bug Fix Advisory
Issued:
2024-11-18
Updated:
2024-11-18

RHBA-2024:9861 - Bug Fix Advisory

Synopsis

updated RHEL-9 based Middleware Containers container images

Type/Severity

Bug Fix Advisory

Topic

Updated RHEL-9 based Middleware Containers container images are now available

Description

The RHEL-9 based Middleware Containers container images have been updated to address the following security advisory: RHSA-2024:9541 (see References)

Users of RHEL-9 based Middleware Containers container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in Red Hat Container Catalog (see References).

Solution

The RHEL-9 based Middleware Containers container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).

Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.

Affected Products

  • Red Hat JBoss Middleware 1 x86_64

Fixes

  • BZ - 2321987 - CVE-2024-50602 libexpat: expat: DoS via XML_ResumeParser

aarch64

ubi9/openjdk-11@sha256:6410bfbbdb54944f1487e033d6f381fe9ecb20f6f80fa6326ff936a72ee66f79
ubi9/openjdk-11-runtime@sha256:fe15d09a1bfb59b5e6ec019aa087dfd861f0dc49c3134138039d592ab73ecab8
ubi9/openjdk-17@sha256:8e5523cd0a503abbbea51129d261a456900c70a0c8fac53601fbd3a82020c06e
ubi9/openjdk-17-runtime@sha256:f7e0ac934269a92de6cd9a03af51bb0d24b34f65571e4a7c029db2a06c22424b
ubi9/openjdk-21@sha256:609ee116e953c2e3f14181d124bf008bbc0e7e7d573141c3c7c923bc9e16a77f
ubi9/openjdk-21-runtime@sha256:119e6f1c214f8672fd675ccea639c917504789c07cf2acad7f802002cae6fc97

ppc64le

ubi9/openjdk-11@sha256:494a0395eee65ab305d414d4f94229ff41e77d377d95761a5727156e899277e7
ubi9/openjdk-11-runtime@sha256:52df98a80eede85ec3a7cdf5a42f1632d9c7443a4df4450512b45e515555c39b
ubi9/openjdk-17@sha256:75e0575e84eff7bb95dc7462183ae1b6ac031a4e1d284b5374ec1c759e81d258
ubi9/openjdk-17-runtime@sha256:3bf8b926d40e30b357a5077a71d6491336feda7450adfad8452b9fd274e47aaa
ubi9/openjdk-21@sha256:30e7d26fd7cb2fae5edfa8c83ace028d73c0546ab44457cfb4e2861fedf26703
ubi9/openjdk-21-runtime@sha256:a251d047f43abc5676eba49d1c6a4d033b133fd68d70cb99c4de31e0622ac34d

s390x

ubi9/openjdk-11@sha256:b87763897830792aa5732726c00602c47721c3480c0cc20ba429898d00de7294
ubi9/openjdk-11-runtime@sha256:1b41411d33245edfcea2e833b0e2dd2be9d1cdb902eb5cb41ebd38d124293f4c
ubi9/openjdk-17@sha256:42c8e93b805c281f2eaf79f052fcc1bfcd65b83c8a4e0537655b62998ddd9e5c
ubi9/openjdk-17-runtime@sha256:3bdebbf0fbf5c9faf4786d0568468e3050eccece445cd82cd138a6bbfffc8d3a
ubi9/openjdk-21@sha256:7929c030bd23c67073430c267910fc177282ea2d5fe22ff3709c0c533cc875e5
ubi9/openjdk-21-runtime@sha256:a17a3ef9ec72b9c18a97580c59786613294c017e14cc94082899716fa5364959

x86_64

ubi9/openjdk-11@sha256:5c8bf2c34369f51143bea80a006ef19d7c7c1cb23ebe631ca86712d2124b49d9
ubi9/openjdk-11-runtime@sha256:f642f028f0e3d2c9e888c5972b7632fcf56022ffa41ed6ee97baec77bb677855
ubi9/openjdk-17@sha256:58d898c5f047a43d4fe184963e1459c37837b236c9057a9755359aeac130ca16
ubi9/openjdk-17-runtime@sha256:83bf4bc22ed2948796c1d39833c96c089b4e7d5702f87d83fa5e5529b6d37e52
ubi9/openjdk-21@sha256:005677721c0ae5b8b6f4b36b028341bb9f1a0a512ad8596e247710609b7f6aba
ubi9/openjdk-21-runtime@sha256:aae73fbd455f3e918720d0d11263e15e3a2d307334736a1ec4ffe205fbe9efe7

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.