Issued:: 2023-08-08
Updated:: 2023-08-08

RHSA-2023:4576 - Security Advisory

Overview
Updated Images

Synopsis

Moderate: VolSync 0.6.3 security fixes and enhancements

Type/Severity

Security Advisory: Moderate

Topic

VolSync v0.6.3 security fixes and enhancements

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.

Description

VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters. After deploying the VolSync operator, it can create and maintain copies of your persistent data.

For more information about VolSync, see:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/add-ons/add-ons-overview#volsync

or the VolSync open source community website at: https://volsync.readthedocs.io/en/stable/.

This advisory contains enhancements and updates to the VolSync container images.

Security fix(es): * CVE-2023-3089 openshift: OCP & FIPS mode

Solution

For details on how to install VolSync, refer to:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/add-ons/add-ons-overview#volsync-rep

Affected Products

Red Hat Advanced Cluster Management for Kubernetes 2 for RHEL 8 x86_64

Fixes

BZ - 2212085 - CVE-2023-3089 openshift: OCP & FIPS mode

CVEs

References

aarch64

rhacm2/volsync-mover-rclone-rhel8@sha256:895a02cca9a99937f7e276351a815e8f0a61c18de14707ad3e926b07d9f64f1f

rhacm2/volsync-mover-restic-rhel8@sha256:ebb7132e28d0a3c4c1cc69dfb0490a511d5282a861f9606a8c62faeb72dbe36a

rhacm2/volsync-mover-rsync-rhel8@sha256:0b771dff4ddcee1740f9b32b69ee2e843c820e0f80cc5989fcea592a20860e1b

rhacm2/volsync-mover-syncthing-rhel8@sha256:9e5beda3e3851b21816c381ec5fb3dad6490c43df0cf368c684db5ef01ec6b04

rhacm2/volsync-rhel8@sha256:b4dfe52da1805f9f4be0f5e4e3d0a7fce6f7bb02e3a40c437ca570ff24dd7fc9

ppc64le

rhacm2/volsync-mover-rclone-rhel8@sha256:3fb826fbc87b364a528b15f52d40edf3c11ce4e3cdb77a190c2d91e0154d7fd2

rhacm2/volsync-mover-restic-rhel8@sha256:28009c1cfda8753a37f1a7e577da04558082955eba57c1bf47fe6339dfd66bc5

rhacm2/volsync-mover-rsync-rhel8@sha256:b2ed41cb787f9b972bb7bd7620e746044fb16042c3b0a388f8c0e24c34e59999

rhacm2/volsync-mover-syncthing-rhel8@sha256:5eee034b0680da0d8516d6f12d804bcf339f60def908e2d04dc31eaf651e59d6

rhacm2/volsync-rhel8@sha256:c283c6d43e60103b9fc7825375fa8d43b1f203bdc7f04733cb1b0d443ad990cd

s390x

rhacm2/volsync-mover-rclone-rhel8@sha256:c361b7ead48fa27aaa5e03b57a9ec0c63fb0fc500002317b09b2a9349e45c668

rhacm2/volsync-mover-restic-rhel8@sha256:955f52f16e152678f814fd2964b978e6b0ca1244364519a33796e0451ce14b5f

rhacm2/volsync-mover-rsync-rhel8@sha256:4fdba262355251d9fb8fac828caf869510165c783dc316303b06ed5e5e97e944

rhacm2/volsync-mover-syncthing-rhel8@sha256:87df2059ccf71f127558ec62a8b8482171d6726c5badfa3bb069ecbf86611452

rhacm2/volsync-rhel8@sha256:e7ccf2e3e609e1a9cd31a9dbbd5c007364148eaa16ad902993f71e0b287ef45f

x86_64

rhacm2/volsync-mover-rclone-rhel8@sha256:16c1e0933e61bdecd88671cec83f3c879c36c96400c39a5247848ce8b872297d

rhacm2/volsync-mover-restic-rhel8@sha256:c55c5c5fe15e30173c07a51601a12879734d9c83f00919675209959c121c0ea7

rhacm2/volsync-mover-rsync-rhel8@sha256:8a4e1a7d55df564b7811edd4a8162cb995b7d78f004bfd60c0524e439d0cb890

rhacm2/volsync-mover-syncthing-rhel8@sha256:15e4db5dd5358fdd4a3926dc7166c86460104b1b2cbae700432644512dbb5423

rhacm2/volsync-operator-bundle@sha256:3327c7b4c4366e37ac4aa29d0603c37fd1f8162eb151f48fcbb59f631432c233

rhacm2/volsync-rhel8@sha256:712b9fe490b595a9fcbddf7dcf736bf03695c6f8cea21e216a226413cce77d24

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation