Issued:: 2025-08-21
Updated:: 2025-08-21

RHBA-2025:14364 - Bug Fix Advisory

Overview
Updated Images

Synopsis

updated RHEL-8 based Middleware Containers container images

Type/Severity

Bug Fix Advisory

Topic

Updated RHEL-8 based Middleware Containers container images are now available

Description

The RHEL-8 based Middleware Containers container images have been updated to address the following security advisory: RHSA-2025:14135 (see References)

Users of RHEL-8 based Middleware Containers container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.

You can find images updated by this advisory in Red Hat Container Catalog (see References).

Solution

The RHEL-8 based Middleware Containers container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).

Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.

Affected Products

Red Hat OpenShift Container Platform 4.12 for RHEL 8 x86_64
Red Hat OpenShift Container Platform 4.11 for RHEL 8 x86_64
Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
Red Hat OpenShift Container Platform for ARM 64 4.10 aarch64

Fixes

BZ - 2370861 - CVE-2025-5914 libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c

CVEs

CVE-2025-5914

References

aarch64

ubi8/openjdk-17@sha256:9f57204202a1ea75363da60db0bbb140e55b2b350368a8f6c6eab3c3e7662ca5

ubi8/openjdk-17-runtime@sha256:9da032a5f5ca41255c067e1fce22acc18d7dc1b44ba6eb177324b543cbfaaca2

ubi8/openjdk-21@sha256:eff2b2a49b36f64d3f6c0c0e39ba0d50879bae9aa5ac39f30f969898547109f8

ubi8/openjdk-21-runtime@sha256:0fcf1af43a9a59e9c14958ce68240aa33efb7e183b20ca564aff97f3bc0856bc

ubi8/openjdk-8@sha256:b052d254dc183bdc58ba05d19eb6714a4dfa5e11d15780db61282438a21a412c

ubi8/openjdk-8-runtime@sha256:a8599fc1855ca1ca4bfab70b926b92ec6aee917d258f6fe6c27d2eebaed2fc93

ppc64le

ubi8/openjdk-17@sha256:220fddf441bc8c083ddfb1b24191b6ae048c71a9b9d3245cebe822791ef169cd

ubi8/openjdk-17-runtime@sha256:529bf20511b89b33064d873535ef163a239b4e4513362074b74b654cb0b1ddda

ubi8/openjdk-21@sha256:a1a6a11525965136e306aa76fce0bfcc787dc82d33cc5520575e1a527186b50e

ubi8/openjdk-21-runtime@sha256:4ca29af1b82ef3479dd5d602bc4c0646eca011065f5ef5fdb1f9a70ad8b7baae

ubi8/openjdk-8@sha256:980db9bf6bd322573bae677641d721307f1978cb7002db5e4e5e82cf345d9da8

ubi8/openjdk-8-runtime@sha256:56c2cfc5e265146bfa992adcc9e2edb704a0b0c789d0a7b75af453f6642c11a9

s390x

ubi8/openjdk-17@sha256:a6c9ca874a8859b29ffc8e0be0f3a83206219a0a34317e76d545a56ac5cdbcae

ubi8/openjdk-17-runtime@sha256:c90e4ef26033856a3a05484ff64c8cfcb6eb5fe3a18f5ee13a3f6bec6062abe7

ubi8/openjdk-21@sha256:b9180ccaf7552cf870e5fac25751f2c5b028932500f8aaaaf486fea303a00496

ubi8/openjdk-21-runtime@sha256:8c8e7088e9876185e672c1da7d414d7a4ca15ae04983741de431e263712dea32

ubi8/openjdk-8@sha256:6e15196d1416d9d795da52cf496130a5864618d89aa90a19c674e23a07ec847d

ubi8/openjdk-8-runtime@sha256:b9e61adda8de505344a26bb268b938868697aeeece8e22eb1bd12a6de5fd537f

x86_64

ubi8/openjdk-17@sha256:b3139cd26faab928dffa4167fb2734ffbadaedf89e1efb1bdbb786949fe44532

ubi8/openjdk-17-runtime@sha256:7ebcc0cc1040dfc36aeaa46873e2cd4c5675e8c7c110075dcdfb43f8fdff9979

ubi8/openjdk-21@sha256:eb594617407569549fcc20859dfec9570425c838f8a1b4d19d172bf496a28769

ubi8/openjdk-21-runtime@sha256:342cd7706057b6a4c028a08f172791a71416364612872d8434a87ed28b7cd7a9

ubi8/openjdk-8@sha256:d78ddf8e105f7cab64c4f1d5bfe0379b38129c99562a927d9deef0c9dba1460d

ubi8/openjdk-8-runtime@sha256:2a7fe7a4688c9b9f1a45f09b73fe8132ec998110b4eea5b814faaba43466a57b

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation