- Issued:
- 2024-01-22
- Updated:
- 2024-01-22
RHSA-2024:0332 - Security Advisory
Synopsis
Important: ACS 4.1 enhancement update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security 4.1.6. The updated images includes security fixes.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This release of RHACS 4.1 fixes PostgreSQL vulnerabilities in the central, central-db, and scanner-db containers.
Solution
If you are using an earlier version of RHACS 4.1, you are advised to upgrade to patch release 4.1.6.
Affected Products
- Red Hat Advanced Cluster Security for Kubernetes 4 x86_64
- Red Hat Advanced Cluster Security for Kubernetes for IBM Z and LinuxONE 4 s390x
- Red Hat Advanced Cluster Security for Kubernetes for IBM Power, little endian 4 ppc64le
Fixes
- BZ - 2228111 - CVE-2023-39417 postgresql: extension script @substitutions@ within quoting allow SQL injection
- BZ - 2247168 - CVE-2023-5868 postgresql: Memory disclosure in aggregate function calls
- BZ - 2247169 - CVE-2023-5869 postgresql: Buffer overrun from integer overflow in array modification
- BZ - 2247170 - CVE-2023-5870 postgresql: Role pg_signal_backend can signal certain superuser processes.
- ROX-21832 - Release RHACS 4.1.6
CVEs
- CVE-2007-4559
- CVE-2020-22217
- CVE-2022-3094
- CVE-2022-41862
- CVE-2022-48337
- CVE-2022-48339
- CVE-2022-48468
- CVE-2022-48560
- CVE-2022-48564
- CVE-2023-3446
- CVE-2023-3817
- CVE-2023-4016
- CVE-2023-4641
- CVE-2023-5678
- CVE-2023-5868
- CVE-2023-5869
- CVE-2023-5870
- CVE-2023-5981
- CVE-2023-22745
- CVE-2023-31130
- CVE-2023-31486
- CVE-2023-39417
- CVE-2023-39615
- CVE-2023-43804
- CVE-2023-45803
ppc64le
advanced-cluster-security/rhacs-central-db-rhel8@sha256:a07c2547b5038a5220e1ec79f308f4fb118e571dc69fac4050d45f3ffbd89963 |
advanced-cluster-security/rhacs-collector-rhel8@sha256:9d8e8931d2e8d310009be2e23e63d583ea1cd0af9a054cb6e9d831261a066cc0 |
advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cbca849213c4b284a8a3002ccbc57f6f48eeb7b7a407620a718e35a153610aa7 |
advanced-cluster-security/rhacs-main-rhel8@sha256:33d4fd6baccfa514005fd5f2c31fd35f531376a08cc403dc919eb77f0ef82eac |
advanced-cluster-security/rhacs-operator-bundle@sha256:7c378e4f875480a561273a4d9d8474892c292a83fdbb853ffe400cf8da29178e |
advanced-cluster-security/rhacs-rhel8-operator@sha256:1925ed2953e9c5fec9aa8b455e01caca2ffcfbed9f34c3c76f081b4e74717e22 |
advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b4e23fdd46f56b644aa22d2bf18346552b78a8ca1d3c0270273c6240bbcadf3 |
advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b3cbfd45a5604173847ab82b03fc55024d0ea26fb8ad19a415de8a1f9ad6557c |
advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8cca092474de0ffb6273e2f19e0e63f79e1513de043bf62afea32c838390facf |
advanced-cluster-security/rhacs-scanner-rhel8@sha256:604219a74ba59dd37bd54280f9a5eb98a5363539325c728be7f82f716458c9c4 |
advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5af5de310b348fd20b01dff37ad38d4b6ffdad075cb0cbf0cb75c9215846f5d9 |
s390x
advanced-cluster-security/rhacs-central-db-rhel8@sha256:baabcef3dae19d831bc7ce48b088bb3b7d5c293a7b9eb0166cf707f5e56eaecf |
advanced-cluster-security/rhacs-collector-rhel8@sha256:0eabf7fef32d48523d5ecd7d19c76071b50fe0a1b2a3e0a3367bebbab5d0d1df |
advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:33d3f3498d0a1104f07e766b8713a49687b25fabdd309d41d4dbefa187fe11f8 |
advanced-cluster-security/rhacs-main-rhel8@sha256:21bc62fc2a99d707329a3868b196d5630b219d1636bdd7355e416b9c82d1244d |
advanced-cluster-security/rhacs-operator-bundle@sha256:47f9e289774c512d112b9fa0e1e957eba62b09955a81e94f50252d1be6a754c5 |
advanced-cluster-security/rhacs-rhel8-operator@sha256:aacc0f4845391e979d7bb6f9654b24a55675a2cf70c350d3f0743e987b3019af |
advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257ffe0ca5b4ae31458f10d22100225d40f68bff09862a0b1d9431ab1387a4a1 |
advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8ca74b4f25e89f3539553e5f532a7d5cc143bce759a52a1cdc52939cd319d2b9 |
advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:485b6501211422873da51c563fe04c959812ed5102cf54ddead08a6a08690729 |
advanced-cluster-security/rhacs-scanner-rhel8@sha256:9f4550e44ce4029ce5dba7c6fedd7ff5ee618c8b46a92101d63667f710657e79 |
advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:998ec7b98563dca7109b20c519653ec8e1772d451dce11ca91ca5aef12659e7c |
x86_64
advanced-cluster-security/rhacs-central-db-rhel8@sha256:654d89ecefd0aa9c938c1bcccb860c0fd52d8dc0cca5aa642cd43650fd135240 |
advanced-cluster-security/rhacs-collector-rhel8@sha256:e1aa435f4b8ab7af94ee8d7f8024ec10f213345da46977a0db357cf44b597d0d |
advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:30af6f4e554b6efb379d2551af0b8031eafd353b484d0c922c6b018932c49456 |
advanced-cluster-security/rhacs-main-rhel8@sha256:a4298e0029f0fb26c13776e2084898bc2f6027adb13e3647bb597d317db0eb9d |
advanced-cluster-security/rhacs-operator-bundle@sha256:b26133843687cc50e2c52d6067d8b3369b5cb28dfbfd15dd4b6062096673195a |
advanced-cluster-security/rhacs-rhel8-operator@sha256:0aa307408db60e2b0d20aa0b4423812f5bb799de03a65dd1f850b2a989f7fabf |
advanced-cluster-security/rhacs-roxctl-rhel8@sha256:05095d9b07b672f4ed91dde7fa7d4756f74dba6161d7d3f3e82670e5876fac91 |
advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cb8ed4575919e58e9cac1cfed85676861eb83caf07c4905fc0aca58993c2aaa4 |
advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3d8a099fad25c2071a004bcc0e9d817447e95b9a20740e2f22621d1b81bc61cf |
advanced-cluster-security/rhacs-scanner-rhel8@sha256:3eb5e006da5ec86346472cfb5cdcc7046c8887ce2f640a2252d5b3b1c554fd7c |
advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:70e968ac6f2a6cf8ebf6bdc6ec5096115b16d0be18dcf76152cc75fa4466b6e8 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.