- 发布:
- 2025-10-08
- 已更新:
- 2025-10-08
RHBA-2025:17565 - Bug Fix Advisory
概述
Update JBoss Web Server 6.1 for OpenShift images to fix cups CVE
类型/严重性
Bug Fix Advisory
标题
This erratum covers updates to the current Red Hat JBoss Web Server 6.1 for OpenShift images to fix cups CVE-2025-58060.
描述
Red Hat xPaaS provides images for many of the Red Hat Middleware products that are available for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments.
The current JBoss Web Server 6.1 for OpenShift images have been updated to fix the following cups CVE:
- cups: Authentication Bypass in CUPS Authorization Handling (CVE-2025-58060)
解决方案
To update to the latest JBoss Web Server 6.1.2 for OpenShift image on UBI8, perform the following steps to pull in the content:
1. On your master host(s), ensure that you are logged in to the command line interface as a cluster administrator or user who has project administrator access to the global "openshift" project:
$ oc login -u system:admin
2. Depending on the OpenJDK version, run one of the following commands to update the core JBoss Web Server 6.1 tomcat 10 OpenShift image stream in the "openshift" project:
- For OpenJDK 17:
To update the core JBoss Web Server 6.1 tomcat 10 with OpenJDK 17 OpenShift image, run the following command:
$ oc -n openshift import-image jboss-webserver61-openjdk17-tomcat10-openshift-ubi8:6.1.2
- For OpenJDK 21:
To update the core JBoss Web Server 6.1 tomcat 10 with OpenJDK 21 OpenShift image, run the following command:
$ oc -n openshift import-image jboss-webserver61-openjdk21-tomcat10-openshift-ubi8:6.1.2
受影响的产品
- Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform 4.9 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for Power 4.9 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.9 for RHEL 8 s390x
修复
- BZ - 2392595 - CVE-2025-58060 cups: Authentication Bypass in CUPS Authorization Handling
CVE
aarch64
| jboss-webserver-6/jws61-openjdk17-openshift-rhel8@sha256:b90f992118e00027d996ab1314e37bd239a3a36ed1e82e7c7f5b159fe34c0e42 |
| jboss-webserver-6/jws61-openjdk21-openshift-rhel8@sha256:dec5c30e76a3f700681883eb316e16890d5e094803093f0e3b3b00a0a14322a0 |
ppc64le
| jboss-webserver-6/jws61-openjdk17-openshift-rhel8@sha256:889897656ef2a68305bdf297f392574a888e183d2b481250c6afb03241efb4b0 |
| jboss-webserver-6/jws61-openjdk21-openshift-rhel8@sha256:b17e392afdb7467e6ebe2dbf0dc9b81ad1900cf4567b67c4edc8539e5a689409 |
s390x
| jboss-webserver-6/jws61-openjdk17-openshift-rhel8@sha256:5b4189928a59afe4b4be9d4ffaaa09e6cc197cff8acab4095ddac0db1f288e97 |
| jboss-webserver-6/jws61-openjdk21-openshift-rhel8@sha256:31fbb59b55b037ad3da8fde62019ec6e2f6bd7c7736ab8062c102a98ccad6029 |
x86_64
| jboss-webserver-6/jws61-openjdk17-openshift-rhel8@sha256:078dea4549d4f9f8867174a85b81ff173e85cbc05db39bab52ba9e7941621e0f |
| jboss-webserver-6/jws61-openjdk21-openshift-rhel8@sha256:df50c9edc02b7b086856c51ce6044dbb8a0cc12c7ba0c8a10537985ef73705ba |
Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/。
