Issued:: 2023-12-06
Updated:: 2023-12-06

RHSA-2023:7670 - Security Advisory

Overview
Updated Images

Synopsis

Moderate: Migration Toolkit for Runtimes bug fix, enhancement and security update

Type/Severity

Security Advisory: Moderate

Topic

Migration Toolkit for Runtimes 1.2.3 release

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Migration Toolkit for Runtimes 1.2.3 Images

Security Fix(es):

jettison: Uncontrolled Recursion in JSONArray (CVE-2023-1436)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Migration Toolkit for Runtimes Advisory Metadata x86_64

Fixes

BZ - 2182788 - CVE-2023-1436 jettison: Uncontrolled Recursion in JSONArray

CVEs

References

https://access.redhat.com/security/updates/classification/#moderate

aarch64

mtr/mtr-operator-bundle@sha256:d2f204445bd7dba20e63e96758be9c5a9730d5728acf2989fd756f729b240f8d

mtr/mtr-rhel8-operator@sha256:d2f3157af54b87429b4379afcf8e9952051115db8285e87cccf211fedb4311f0

mtr/mtr-web-executor-container-rhel8@sha256:bfa77dc03166ff73c23659f171a6c265afb965b6a2202019f60de091c3aa168e

ppc64le

mtr/mtr-operator-bundle@sha256:6f3ccbac7996accf10009502170f90cdf90743e318cc05ddbba309cc50336ded

mtr/mtr-rhel8-operator@sha256:f38ebc54360273a63f8d1d12b2833f90298fbd163139fc83495b27ad12df367e

mtr/mtr-web-container-rhel8@sha256:d720c90a6a7c7fc552837eda008a12c9cb61f301c80dcdcca96ac0c9cc307ff3

mtr/mtr-web-executor-container-rhel8@sha256:a8550bf19bd52596c884667adda6d3f15dac955a1f5bd9c96fc09bed1d7ebd05

s390x

mtr/mtr-operator-bundle@sha256:5293436a5a3ac6d58921f23404f5036bf836d927369a7b7510812b09849c956b

mtr/mtr-rhel8-operator@sha256:81e86f4ad8bb5da8cc4bc5abff46c1ea8c1814d5a5f0a37b335934f614975b0c

mtr/mtr-web-container-rhel8@sha256:2883205c8561656add94eebbcaed5ebd0216715efdf68097633cd18f88e8cc15

mtr/mtr-web-executor-container-rhel8@sha256:0aa28c767f5e250d0b32cd7d8951640df6a8fcafbb483e066430873030396dfa

x86_64

mtr/mtr-operator-bundle@sha256:ea528174239334026f81ccad0492e81fca95353e50a7772e0492159cb900e0e8

mtr/mtr-rhel8-operator@sha256:e2b512a32de0a9ad7e418672cf89895e3e8b0941de5d585656f3fbd63183a408

mtr/mtr-web-container-rhel8@sha256:61540ef88f2bbd67973e3e72eda8f3f0dd679412f97f0193ba76255fa0b733ae

mtr/mtr-web-executor-container-rhel8@sha256:669ec20f29f8fa593188c06fb557b88779807dadd8a343b3d19ef986610eb1ae

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation