Red Hat Product Errata RHSA-2023:4286 - Security Advisory
Issued:
2023-07-26
Updated:
2023-07-26

RHSA-2023:4286 - Security Advisory

Synopsis

Moderate: Red Hat OpenShift Dev Spaces Security Update

Type/Severity

Security Advisory: Moderate

Topic

Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a
browser-based IDE built for teams and organizations. Dev Spaces runs in
OpenShift and is well-suited for container-based development.

The 3.7.1 release is based on Eclipse Che 7.67.

Dev Spaces releases support the latest two OpenShift 4 EUS releases. Users are
expected to update to newer OpenShift releases in order to continue to get Dev
Spaces updates.

https://access.redhat.com/support/policy/updates/openshift#crw

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

Description

Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a
browser-based IDE built for teams and organizations. Dev Spaces runs in
OpenShift and is well-suited for container-based development.

Security Fix(es):

  • openshift: OCP & FIPS mode (CVE-2023-3089)

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat OpenShift Dev Spaces 3 x86_64

Fixes

ppc64le

devspaces/code-rhel8@sha256:0e822d17b707ef886af905c3b97aed3a17fdf08188dc30959eed707ea6b358fc
devspaces/configbump-rhel8@sha256:25ceae02956f7e7de97bd817eefec37cd6df30a263e4602280c067e2086ba8f5
devspaces/dashboard-rhel8@sha256:c5dcf6f81281374c3f47b009d69d35bbc1beb3bd5a90c8760ad94d1edb6abd2e
devspaces/devfileregistry-rhel8@sha256:da4e46a962d27c259707b6bba3c1e3f85e333ed59f06f7eced7b489e7b774414
devspaces/devspaces-operator-bundle@sha256:8ebe60e2636b19c1598616d30b30e0dd1f4ab663199365db15da7bf356f810cd
devspaces/devspaces-rhel8-operator@sha256:6e0e88d668c2821ffe4019e8314496627ee196dc9c44215387402937c7d29ad3
devspaces/imagepuller-rhel8@sha256:04faf9ac48635e2d1b4540eef89f2a282a4387829e04b183b07993c57daec9d3
devspaces/machineexec-rhel8@sha256:a95f54d8c3b4b90bd5d37dbd610858903084a3a365d03009dc123bcd6649e940
devspaces/pluginregistry-rhel8@sha256:fe731aaffdcd6dcc5e7036c63ea90b8eff6ef01ad8f71a5ed374a4564a0f503e
devspaces/server-rhel8@sha256:01954f90a06c26c0d7ce2b474ec4b43f53e55bc9355ede82d2f28a1919ea6479
devspaces/traefik-rhel8@sha256:286124dd62de8d2c0b6a1843ded58de1c909d741b10b0d458bcfdb446e5e3663
devspaces/udi-rhel8@sha256:83836137b058877269191b8f11513ed107337a0cc536d9cfc9b2cdedd5b56c62

s390x

devspaces/code-rhel8@sha256:3a7ee3a00a50d94e846a5b719dc22c2d0b0e4e24af374d6d325d6dc8f3dfdf4b
devspaces/configbump-rhel8@sha256:6c791ce107d2f203813ec13fe2076a9b69d0f7d5ebb6cc94a2917617ccc55de6
devspaces/dashboard-rhel8@sha256:ac0345407aecec1e9b975ae60abe4b9d96710b0424cb72b15351342b28aa6452
devspaces/devfileregistry-rhel8@sha256:70d2144d4bfb13c7f45b118f3e12ce7b15417bbb0b44a8b0e4514cc579832fae
devspaces/devspaces-operator-bundle@sha256:ada5251ed751ded4ae5987f288ec684568d3748686251137ab79072714d7920d
devspaces/devspaces-rhel8-operator@sha256:234d1869a0c5c07ea11a764fd25d96d94e77232a3f1ab115d0c24be7303f04df
devspaces/imagepuller-rhel8@sha256:45ee54b8ef9b2972f326203cff486bddb8e1d031a2c2d441cda13a34efe0e7ff
devspaces/machineexec-rhel8@sha256:dfda6f1f3567b5e0695e45dd14546d0b1793f787917451849b9ae4cb23fd505c
devspaces/pluginregistry-rhel8@sha256:86f818b14b160d794ec9badfe6933e9c3c1913cb142b13f87fd485195a1d76de
devspaces/server-rhel8@sha256:1b8a7f50324e69b0d6722c76da68e2eaf0d383944ce208c44faa1d4f6f705f6a
devspaces/traefik-rhel8@sha256:6ffefd4a6bb12821bbe3e8de5de72d9047af320dd804ec2e20e894574d41d989
devspaces/udi-rhel8@sha256:61c2ab9ca4f0d3938360e786cf6a3703329083a1a319a43494a0bd1151c19169

x86_64

devspaces/code-rhel8@sha256:8849bde2b348abea2b1a5e54ad6c3a513a6c64e2a262d1feb6efdd4fb01cb30e
devspaces/configbump-rhel8@sha256:224b11651854cc26aaa8adf0ad29ee68ae898d43d487c0271fdc659056921368
devspaces/dashboard-rhel8@sha256:dd9adebc17d9859800c159fe1df2c857c8a4b8f9f62375dd082cbd65db982eaf
devspaces/devfileregistry-rhel8@sha256:e645c89cc68ec6dd6542f9f4c671ffc76898730e0fb8cafd685e8fc250a4703a
devspaces/devspaces-operator-bundle@sha256:28537a07e1b20827957ca419bf3db808b50850ff326d01a334b22e629e6deaa3
devspaces/devspaces-rhel8-operator@sha256:14f47664a5ab64ba0dee2ea59c205ac3313b53b4c3108fd08c50a004fe0ba437
devspaces/idea-rhel8@sha256:1065dde582e2bc90bbe03f716d512094436a1266c1335bb6dca3fc554727f6ae
devspaces/imagepuller-rhel8@sha256:9c376d02b172359bda98a4f2cf6312e681021d19d27870078a64dc4b54a7ca62
devspaces/machineexec-rhel8@sha256:f6ee9725f393ea5aa4a33340a6c7ba101bccab6c3707e1eca4b058dae4fe2c72
devspaces/pluginregistry-rhel8@sha256:b226599e4ea65768a97f93107258c15a3def4ca7131e1e8ee5cf8006c770f71e
devspaces/server-rhel8@sha256:807a4dc2fe89a8cffbb44d33e0c9f983de56b8684a4972be038c1a8501b3a650
devspaces/traefik-rhel8@sha256:bd7c20229a54461fee519fafb0724e23576125a4faf0dc145aa9ad1002ea4030
devspaces/udi-rhel8@sha256:9a34c8281173fdc8d01f62f4665ce21ddf82b386167333b1ce32941d913c2594

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.