Issued:: 2023-08-08
Updated:: 2023-08-08

RHSA-2023:4575 - Security Advisory

Overview
Updated Images

Synopsis

Moderate: VolSync 0.5.4 security fixes and enhancements

Type/Severity

Security Advisory: Moderate

Topic

VolSync v0.5.4 security fixes and enhancements

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE links in the References section.

Description

VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters. After deploying the VolSync operator, it can create and maintain copies of your persistent data.

For more information about VolSync, see:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/add-ons/add-ons-overview#volsync

or the VolSync open source community website at: https://volsync.readthedocs.io/en/stable/.

This advisory contains enhancements and updates to the VolSync container images.

Security fix(es):

CVE-2023-3089 openshift: OCP & FIPS mode

Solution

For details on how to install VolSync, refer to:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/add-ons/add-ons-overview#volsync-rep

Affected Products

Red Hat Advanced Cluster Management for Kubernetes 2 for RHEL 8 x86_64

Fixes

BZ - 2212085 - CVE-2023-3089 openshift: OCP & FIPS mode

CVEs

References

aarch64

rhacm2/volsync-mover-rclone-rhel8@sha256:846c9b0c2ff7874955990e30d31cc02f2f336fc898d77b08d82975bbcc14ad83

rhacm2/volsync-mover-restic-rhel8@sha256:291843e69cc434cce8e16fe8b5bc72e85831a5dac71fa98cc9682124d5af6d23

rhacm2/volsync-mover-rsync-rhel8@sha256:79fa4c401c0dc6b96b5db614b2a9e0d9d10367e75815078df84ea3395b4328e5

rhacm2/volsync-mover-syncthing-rhel8@sha256:9933b217e14b2e013894934c00fc769c6a31f1124322c61e562cd5f63fe09fab

rhacm2/volsync-rhel8@sha256:d04b6b54cc6bc4565e43c981d492064cb9adc8f5b02142efa789971bea5d419f

ppc64le

rhacm2/volsync-mover-rclone-rhel8@sha256:91d2e1a30b56de167e4b605f15d955e2acaf303caf8f9b165b67511215c175a5

rhacm2/volsync-mover-restic-rhel8@sha256:1bd5cb3d95126749a6294c8183a0d2013a3a536f982c08a90186c9a1a33e4883

rhacm2/volsync-mover-rsync-rhel8@sha256:db1cbfa00bdb26e840dde5cafcf4397cbfc80d58fdd539e5e6a3678c65c88538

rhacm2/volsync-mover-syncthing-rhel8@sha256:92078f90ee6927b239a8529293c1509e066df9cae0c410443fc0bd5915f6cc32

rhacm2/volsync-rhel8@sha256:72e2b6560c3c46a2b1be3ef76bcdf6986915b7ed35360ff95ffc1cafb37c8f7a

s390x

rhacm2/volsync-mover-rclone-rhel8@sha256:8070156dcf441afc41858298a39510cbc0050588ae780471c765b7bf86f6e16c

rhacm2/volsync-mover-restic-rhel8@sha256:593cf3f43c5b7159d283467805c814bffd6b2e60a0255d8565fa47518b790b0b

rhacm2/volsync-mover-rsync-rhel8@sha256:f2a7cd752d63ec9b76510676e774a53a4ec3fdc91a6ca189ac662be6c491b900

rhacm2/volsync-mover-syncthing-rhel8@sha256:0c1e0a11860b5b3a300578a2925e9874f7fb9a0722c281e0217bbab0eff44835

rhacm2/volsync-rhel8@sha256:72d5996a3c75d1bd675d3d81881080e442816355df3c73701c83e0e7281c00bc

x86_64

rhacm2/volsync-mover-rclone-rhel8@sha256:03629faf26c230675b98147e987e87319e44169ff402285ea6b7dcffd018bf15

rhacm2/volsync-mover-restic-rhel8@sha256:ebf791eb34e40a5b809c4d6ffef29abe4c89554932c37554b6cebf0514937587

rhacm2/volsync-mover-rsync-rhel8@sha256:db90decadd9c3424d6e77c9f286f4a34ccdf9d2a43ccb0a093dd01c1b9cd9a5a

rhacm2/volsync-mover-syncthing-rhel8@sha256:f8bcecb95fd331407c4a2086f44d58d99199ed48696909996be6ca46b32c6a3c

rhacm2/volsync-operator-bundle@sha256:e4593a5c7c97d6650496e9aa69045e11a97263bc7d00ddb0017019924c8430a6

rhacm2/volsync-rhel8@sha256:44c841b206b54ec58325c3c884840ecabb8f9ae6474d815e1740ceeb4d9653bb

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation