- Issued:
- 2022-04-06
- Updated:
- 2022-04-06
RHEA-2022:1262 - Product Enhancement Advisory
Synopsis
RHACS 3.69.1 enhancement update
Type/Severity
Product Enhancement Advisory
Topic
Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug fixes and feature improvements.
Description
New features
1. Scanning of the integrated OpenShift Container Registry
Red Hat Advanced Cluster Security for Kubernetes 3.69 includes a lightweight version of Scanner as part of the secured cluster services on OpenShift Container Platform by default to more effectively scan the OpenShift Container Registry. For other Kubernetes-based environments, this Scanner is optional. If you are using the OpenShift Container Platform and not using the Red Hat Advanced Cluster Security for Kubernetes, Red Hat advises you to update your Helm charts to take advantage of these new capabilities.
2. Improved detection of Spring vulnerabilities
RHACS 3.69.1 includes enhancements in Scanner to identify vulnerabilities in packages that follow the Spring naming conventions. Scanner now detects Spring packages impacted by the newly discovered critical Spring4Shell vulnerabilities CVE-2022-22963 and CVE-2022-22965.
Solution
If you are using the RHACS 3.69.0, you are advised to upgrade to patch release 3.69.1.
Affected Products
- Red Hat Advanced Cluster Security for Kubernetes 3 x86_64
Fixes
- ROX-9836 - Update ACS images for 3.69.1 for expat security update RHSA-2022:0951-04
CVEs
(none)
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.