Red Hat Product Errata RHSA-2023:0932 - Security Advisory

Issued:: 2023-03-08
Updated:: 2023-03-08

RHSA-2023:0932 - Security Advisory

Overview
Updated Images

Synopsis

Moderate: Logging Subsystem 5.6.3 - Red Hat OpenShift

Type/Severity

Security Advisory: Moderate

Topic

Logging Subsystem 5.6.3 - Red Hat OpenShift

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Logging Subsystem 5.6.3 - Red Hat OpenShift

Security Fix(es):

express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

Logging Subsystem for Red Hat OpenShift 5 x86_64
Logging Subsystem for Red Hat OpenShift for IBM Power, little endian 5 ppc64le
Logging Subsystem for Red Hat OpenShift for IBM Z and LinuxONE 5 s390x
Logging Subsystem for Red Hat OpenShift for ARM 64 5 aarch64

Fixes

BZ - 2150323 - CVE-2022-24999 express: "qs" prototype poisoning causes the hang of the node process
BZ - 2161274 - CVE-2022-41717 golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests
LOG-3717 - [release-5.6] Store tenant.yaml in secret instead of configmap
LOG-3729 - [release-5.6] /var/log/oauth-server/audit.log not being scraped by log collector

CVEs

References

https://access.redhat.com/security/updates/classification/#moderate

aarch64

openshift-logging/cluster-logging-rhel8-operator@sha256:25e99a1b6236720d27af67885dc9977c5a57ed7223ee26e00f97a6c77697fd38

openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d6352ce2ac7178ca7730294f3dc6a2f6f6f85888e52c3621722c548dea09f9

openshift-logging/elasticsearch-rhel8-operator@sha256:1a4555f082a0d0cb9de7b2f6ceade4201917c68949b96cd34242f60ac6b0e452

openshift-logging/elasticsearch6-rhel8@sha256:c5f20bed7139363cc8c12fb3d38341027d3660ca1d8d1b3a74b6a2eb0d753ba9

openshift-logging/eventrouter-rhel8@sha256:f861fadfefcf3e81597a33e94285603ea45e1956eb558279cee9a128012d0f59

openshift-logging/fluentd-rhel8@sha256:933a3bf79972f2e5c8ba21aac1584778528dc6d090c1269fb9eb7f98bc3748e1

openshift-logging/kibana6-rhel8@sha256:7599a21ef8a5f6867cfc3f9a2a4126847b10060480469a6b91882b97905b0cad

openshift-logging/log-file-metric-exporter-rhel8@sha256:099dcd31bd02a8608bf9aa62343f4bcb728c02c4ba3628e705258b1c2fabe580

openshift-logging/logging-curator5-rhel8@sha256:5746793b1fec9ffe6a077ba726018617e1b4e766f03b4ccef5dd3f505b3dda2f

openshift-logging/logging-loki-rhel8@sha256:fee87f3de6d9bb44b0436f1fe6c706f7bf1ab7685d1ab00333939a8432492b31

openshift-logging/logging-view-plugin-rhel8@sha256:b6bc0ab4ab8f31f81d7c5340918e69cad182b0a5e0669ef45f74f8810b1209f4

openshift-logging/loki-rhel8-operator@sha256:16ddb250e456115e193392a08d322247ff0c8907e36abceab95b06d45b14b932

openshift-logging/lokistack-gateway-rhel8@sha256:967d139924314bd44373058ff26ceda4193223936f2528712d3144aeb4785704

openshift-logging/opa-openshift-rhel8@sha256:a7e6a512ed9cde3ffb8c6214e3c8b697b175d9fe5aaa90ef17fe02cc3144c1a8

openshift-logging/vector-rhel8@sha256:2289ca68a0a07e537defe02132f6c0efa98368f0fc6fa44fcb75793e788a4c62

ppc64le

openshift-logging/cluster-logging-rhel8-operator@sha256:d740ec313b251b04c2fda54b810617d0d61c586598a72a1fff2c39b5ff2b2a23

openshift-logging/elasticsearch-proxy-rhel8@sha256:00995f237bb8d4ec4fbb7643225a6ba191894f98a269daffba942e5aa1226f73

openshift-logging/elasticsearch-rhel8-operator@sha256:5f02319bf9745be1aacfee77cdefc47ff54e7567e89dba56c07b1e17e4447e8e

openshift-logging/elasticsearch6-rhel8@sha256:c03b5d752fd169db97532eac64c10871b865fc351536f2b4c471165534c2bf59

openshift-logging/eventrouter-rhel8@sha256:2da4527aa8d97669d602c7cf94373e16ee0dc2851e2303de49a919c3a85e1f41

openshift-logging/fluentd-rhel8@sha256:f6b065eded5ec8c80c22a49ca37453dca681f74f8851490a178d813c77f27d62

openshift-logging/kibana6-rhel8@sha256:d038bb1cb036a12405fd72590ad862a639189117d5876a82c866839907e35f73

openshift-logging/log-file-metric-exporter-rhel8@sha256:90e25734d33a06ef98524c90109eec153ccc6b3ac8f7b7c34214280058bb4c76

openshift-logging/logging-curator5-rhel8@sha256:64bea63dcaac7b40510055f4162b435a3f8088fa1a5fa47028cae7ee04cf4e37

openshift-logging/logging-loki-rhel8@sha256:d6c72b1be0243d91713ad5066a74722172d408cd94256bd61f613c9f61cb9030

openshift-logging/logging-view-plugin-rhel8@sha256:0cd5fe2598a0ea587e07d006ee4e8367e146cbc5ac2409e62b51d0d2eabcd9e7

openshift-logging/loki-rhel8-operator@sha256:098747d5fb20f9d871a62f04714a1a2d85561d9f09dd4e0c6733cf9062df80e1

openshift-logging/lokistack-gateway-rhel8@sha256:c20dd71f574381c20abd76ab30c43bf92af0560bedb51fd7c3a6585f047d30ff

openshift-logging/opa-openshift-rhel8@sha256:077381bfe6d494aacedfe9ea21398ef4a6f0c3c9e77f7aac84070450bc361de7

openshift-logging/vector-rhel8@sha256:f3ac64bb95781e0c4bb712accd6ce0949c6dbf653f177571a42f85841bc28ffb

s390x

openshift-logging/cluster-logging-rhel8-operator@sha256:0e167d232bdccdf71846b69631314df97660da3e3581a9a50d78a85925b47883

openshift-logging/elasticsearch-proxy-rhel8@sha256:0ef99a61c41e5ba3f013ee8c3cbe3c9455f9089140f0685af4e551fc411dc1d4

openshift-logging/elasticsearch-rhel8-operator@sha256:f6395b5342fccec8414c71e49a7b8b3a0cdc6238abce4bcef97268f1fdf510ed

openshift-logging/elasticsearch6-rhel8@sha256:f90bbb41cab58931aab34890b507d5fa2c2ae08b6320d4b35bd367f5dabd8f50

openshift-logging/eventrouter-rhel8@sha256:50aae19f0750c0f35a905d81a758ff2c9dac6e410a3c6c0b76f9ef8ca112a64f

openshift-logging/fluentd-rhel8@sha256:eb1994e66ed00564f8dfddcb7b6b3276ef4eaa798099c61b7eea6c803e329e35

openshift-logging/kibana6-rhel8@sha256:600e20533b2bb2f67277a19c1fc3a0732da6f01afd01e1b552535669ff88c262

openshift-logging/log-file-metric-exporter-rhel8@sha256:ee32b20430cd06c9bcd9349e3f1e8282e9e9a616fb398604b3717f73e6aaab91

openshift-logging/logging-curator5-rhel8@sha256:d0ad7c6e936658598cef688422e3315e85c8627c49f8449ef48fe1b1602cfa29

openshift-logging/logging-loki-rhel8@sha256:63c6ea77362370dd1a60c8d654a96bcbf488f5681445a3fc3f9dbe95d2924a5c

openshift-logging/logging-view-plugin-rhel8@sha256:4c4b0f10ea3d7eff3f2f6ee81963be829be283ba82e164c553d14f81905156cb

openshift-logging/loki-rhel8-operator@sha256:03f1cf4cb1eea8dd60eec55b92cefcd3fe9d2194eec1145d693daff66092dee5

openshift-logging/lokistack-gateway-rhel8@sha256:e089e8dd44785e6b54296f26c2ea3740841d0b024fc38283c372e3237734f07e

openshift-logging/opa-openshift-rhel8@sha256:9d4b4276b923b60782d03d04d65bd290e5f92f201e6c4d9baad08e9eb32561e1

openshift-logging/vector-rhel8@sha256:bb1285348400b3284ac6fa3e98664dfa7303ccc369afe7930c238be3880a87c6

x86_64

openshift-logging/cluster-logging-operator-bundle@sha256:c45854097cbbc184830cc41e57518afd1d93b909c5a6bf62d17cd922460f05a2

openshift-logging/cluster-logging-rhel8-operator@sha256:911b3a6a531023ec51a42aad73cb56c5710344568226eada7b7332f51bca4167

openshift-logging/elasticsearch-operator-bundle@sha256:071423618c82b05abb31a7697b1b0f53cf1f6174a4adcc673fd7e080a2353c2e

openshift-logging/elasticsearch-proxy-rhel8@sha256:a799a967668e9f45f31be3ee65f2ae6e61fe6dc0b583606f9c57b54c460bb1b6

openshift-logging/elasticsearch-rhel8-operator@sha256:5a654a50c82878518a0ff57cb63b0a7edb4c3019d25dd54bc99cc1c9b842722a

openshift-logging/elasticsearch6-rhel8@sha256:d9a3af8383fde0e7e08c8cd6a6679507d621900fc693bd5ed432234fb9184ef2

openshift-logging/eventrouter-rhel8@sha256:e59f049fac9cdbcdb695efc84d014fee9ed6d13c64ec2e8818fd619aa14dbe1d

openshift-logging/fluentd-rhel8@sha256:5c97c94c0904b478fe8b13a5d8127c053859046105a0baf4807700c2234998d9

openshift-logging/kibana6-rhel8@sha256:344d9cd561f7c62c6de21d2bac7662827edd530239e5607fa1eb6d1f8ceefdea

openshift-logging/log-file-metric-exporter-rhel8@sha256:ced75e473f009c273c7ba9a38bc4a6d6b92eb5e9f561ea1de7abb81ffa207a91

openshift-logging/logging-curator5-rhel8@sha256:92fb27a1aa2b1be0cc5549bc97242f7f05d090e8ba6308f49eb399b742eed3fc

openshift-logging/logging-loki-rhel8@sha256:82c7bf1ee3dc2be95909defbf53292155980d420baf513595739a9391b6c4e19

openshift-logging/logging-view-plugin-rhel8@sha256:592a51ddcf3546502cc21b82be6e3011c20c59ea3740431018b30907ee11e4ac

openshift-logging/loki-operator-bundle@sha256:2e1df5346272bcfa8b8d0280df69fa648a0d16516d0b2addb3a12ec14906f4d0

openshift-logging/loki-rhel8-operator@sha256:6fe90266c58241180f8548354586b2647146568579687935acc8dd240611872d

openshift-logging/lokistack-gateway-rhel8@sha256:8118e813acde448251ee6a0e66d36e028f996f2e86f5ad6ba1a2699b04a94be0

openshift-logging/opa-openshift-rhel8@sha256:c01bcc09942867514495c777becea8a8eef83ec80eee838922406cb156977400

openshift-logging/vector-rhel8@sha256:bb7dcd344560e3b4c4dad7cc64aa42a8d4388fc5b24cf48fca40543cecbd4dc0

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation