- Issued:
- 2024-11-21
- Updated:
- 2024-11-21
RHSA-2024:10135 - Security Advisory
Synopsis
Low: Updated service-interconnect rhel9 container images for 1.4 LTS
Type/Severity
Security Advisory: Low
Topic
Updated service-interconnect container images are now available for Service Interconnect 1.4 LTS for RHEL 9.
Description
Users of service-interconnect 1.4 LTS rhel9 container images are advised
to upgrade to these updated images, which contain backported patches to correct security issues and fix bugs.
Users of these images are also encouraged to rebuild all container images that depend on these images.
You can find images updated by this advisory the in Red Hat Container Catalog
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Service Interconnect 1.4 for RHEL 9 x86_64
- Red Hat Service Interconnect 1.4 for RHEL 8 x86_64
Fixes
- BZ - 2263240 - CVE-2024-3596 freeradius: forgery attack
- BZ - 2321987 - CVE-2024-50602 libexpat: expat: DoS via XML_ResumeParser
CVEs
x86_64
service-interconnect/skupper-config-sync-rhel9@sha256:51c106e22bc98c6678dafc2f42e387f6e6158e686436e6f89747703dd9c1bbbc |
service-interconnect/skupper-flow-collector-rhel9@sha256:58ec0e5cb8a9544153410867797e40055928dbd589e652e02bf4cddff083f5f6 |
service-interconnect/skupper-operator-bundle@sha256:32c03556f3eb7f87c0624b105e8d9aac7dcfaea71adf16e4e9825586829880c1 |
service-interconnect/skupper-router-rhel9@sha256:958ec2e1c85c49252d7b49a7b0073a0e73dffac31e46bad2b0a788114cb13c74 |
service-interconnect/skupper-service-controller-rhel9@sha256:34ce86c11588f0c7b2ba40ff988a8b6ac7ae6d29182e94d3a65e5756c68578f8 |
service-interconnect/skupper-site-controller-rhel9@sha256:cce081bb2d5ae131770dfd095c2e8ad2fcc616d9b3fc487f9252c8f721f1b2ba |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.