Red Hat Product Errata RHSA-2024:10520 - Security Advisory
Issued:
2024-12-03
Updated:
2024-12-03

RHSA-2024:10520 - Security Advisory

Synopsis

Important: OpenShift Container Platform 4.17.7 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat build of MicroShift release 4.17.7 is now available with
updates to packages and images that fix bugs and add enhancements.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the edge capabilities of Red Hat OpenShift Container Platform. MicroShift is an application that is deployed on top of Red Hat Enterprise Linux devices at the edge, providing an efficient way to operate single-node clusters in these low-resource environments.

This advisory contains the RPM packages for Red Hat build of MicroShift 4.17.7. Read the following advisory for the container images for this release:

https://access.redhat.com/errata/RHSA-2024:10518

All Red Hat build of MicroShift 4.17 users are advised to use these updated packages and images when they are available in the RPM repository.

Security Fix(es):

  • runc: file descriptor leak (CVE-2024-21626)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Solution

For MicroShift 4.17, read the following documentation, which will be updated soon for this release, for important instructions on how to install the latest RPMs and fully apply this asynchronous errata update:

https://access.redhat.com/documentation/en-us/red_hat_build_of_microshift/4.17/html/release_notes/index

Affected Products

  • Red Hat OpenShift Container Platform 4.17 for RHEL 9 x86_64
  • Red Hat OpenShift Container Platform for Power 4.17 for RHEL 9 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.17 for RHEL 9 s390x
  • Red Hat OpenShift Container Platform for ARM 64 4.17 for RHEL 9 aarch64

Fixes

Red Hat OpenShift Container Platform 4.17 for RHEL 9

SRPM
microshift-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.src.rpm SHA-256: 3dad5562ebab021f146e2c13e25beb3c4de8d2c976bdc9aa17923314d85c07c7
x86_64
microshift-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.x86_64.rpm SHA-256: 4b0344ac97433460ad5c6bb92e80a4cc8b6acd05ad751652e28e413b4be58814
microshift-greenboot-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: 1a5ea2bfc17fb0ea56d554caddc3c5e1b086f8bf13f41f06b9df8628ec7de309
microshift-low-latency-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: e538173481daffbce697a17c2f124d1b909ca7c0d3bf04d19bc9c12579d2a638
microshift-multus-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.x86_64.rpm SHA-256: 6f8f0e4ec5925523ce7f378b9fa9ffd49a91ca2f4a2beb384e44ed66d5d0da7c
microshift-multus-release-info-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: a75b5b84a9385b22d814e94355f2055716338cec8c40ded901e6fa3d26d4a8e1
microshift-networking-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.x86_64.rpm SHA-256: c6f846e0454172585925bfb0c68b8ae50f618f96c967e1e23827b6a9d8601f23
microshift-olm-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.x86_64.rpm SHA-256: 99bf6b739967d7d7f2708b329dd67ba52a57661c6ac275cc2181959400bd587a
microshift-olm-release-info-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: c15ee5ecf8cf5825466d6f8e72174ccbcde827d33cf4c2f1756d714c2e2be2dd
microshift-release-info-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: eb2256848dd7abf81aa41458df3afb7dbad299fc2ceebac65a644aea0d75f472
microshift-selinux-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: ca2c95a2d1e837128f1f9172e68b54cb2782d899ccc36521de160166bf30752f

Red Hat OpenShift Container Platform for Power 4.17 for RHEL 9

SRPM
microshift-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.src.rpm SHA-256: 3dad5562ebab021f146e2c13e25beb3c4de8d2c976bdc9aa17923314d85c07c7
ppc64le
microshift-greenboot-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: 1a5ea2bfc17fb0ea56d554caddc3c5e1b086f8bf13f41f06b9df8628ec7de309
microshift-low-latency-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: e538173481daffbce697a17c2f124d1b909ca7c0d3bf04d19bc9c12579d2a638
microshift-release-info-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: eb2256848dd7abf81aa41458df3afb7dbad299fc2ceebac65a644aea0d75f472
microshift-selinux-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: ca2c95a2d1e837128f1f9172e68b54cb2782d899ccc36521de160166bf30752f

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.17 for RHEL 9

SRPM
microshift-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.src.rpm SHA-256: 3dad5562ebab021f146e2c13e25beb3c4de8d2c976bdc9aa17923314d85c07c7
s390x
microshift-greenboot-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: 1a5ea2bfc17fb0ea56d554caddc3c5e1b086f8bf13f41f06b9df8628ec7de309
microshift-low-latency-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: e538173481daffbce697a17c2f124d1b909ca7c0d3bf04d19bc9c12579d2a638
microshift-release-info-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: eb2256848dd7abf81aa41458df3afb7dbad299fc2ceebac65a644aea0d75f472
microshift-selinux-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: ca2c95a2d1e837128f1f9172e68b54cb2782d899ccc36521de160166bf30752f

Red Hat OpenShift Container Platform for ARM 64 4.17 for RHEL 9

SRPM
microshift-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.src.rpm SHA-256: 3dad5562ebab021f146e2c13e25beb3c4de8d2c976bdc9aa17923314d85c07c7
aarch64
microshift-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.aarch64.rpm SHA-256: c8f19dd4c2aec97bac60900538b02ffd1ed476db380080b8a359b6bfa8593209
microshift-greenboot-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: 1a5ea2bfc17fb0ea56d554caddc3c5e1b086f8bf13f41f06b9df8628ec7de309
microshift-low-latency-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: e538173481daffbce697a17c2f124d1b909ca7c0d3bf04d19bc9c12579d2a638
microshift-multus-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.aarch64.rpm SHA-256: b22f4cfbeee5c9c0592dd45b5de1b6aca01759745a454760253fd830b070b226
microshift-multus-release-info-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: a75b5b84a9385b22d814e94355f2055716338cec8c40ded901e6fa3d26d4a8e1
microshift-networking-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.aarch64.rpm SHA-256: bcb79e82f83e03bbcb2eb3b237381285d5c354fc859a9eca9eb5fbefe7a5a263
microshift-olm-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.aarch64.rpm SHA-256: 7956df9ea634927984d277ff7e52a70deca8922e366347b875f4cf6a1e6f1839
microshift-olm-release-info-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: c15ee5ecf8cf5825466d6f8e72174ccbcde827d33cf4c2f1756d714c2e2be2dd
microshift-release-info-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: eb2256848dd7abf81aa41458df3afb7dbad299fc2ceebac65a644aea0d75f472
microshift-selinux-4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9.noarch.rpm SHA-256: ca2c95a2d1e837128f1f9172e68b54cb2782d899ccc36521de160166bf30752f

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.