- Issued:
- 2024-12-16
- Updated:
- 2024-12-16
RHSA-2024:11144 - Security Advisory
Synopsis
Important: Red Hat Ansible Automation Platform 2.4 Container Release Update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat Ansible Automation Platform 2.4
Description
Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Security Fix(es):
- django: Potential denial-of-service in django.utils.html.strip_tags() (CVE-2024-53907)
- django: Potential SQL injection in HasKey(lhs, rhs) on Oracle (CVE-2024-53908)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updates and fixes:
- Ansible Lightspeed has been updated to 2.4.20241210
- Automation Controller has been updated to 4.5.15
- The ansible.controller collection has been updated to 4.5.15 (AAP-37293)
Solution
Red Hat Ansible Automation Platform
Affected Products
- Red Hat Ansible Automation Platform 2.4 for RHEL 9 x86_64
- Red Hat Ansible Automation Platform 2.4 for RHEL 9 s390x
- Red Hat Ansible Automation Platform 2.4 for RHEL 9 ppc64le
- Red Hat Ansible Automation Platform 2.4 for RHEL 9 aarch64
- Red Hat Ansible Automation Platform 2.4 for RHEL 8 x86_64
- Red Hat Ansible Automation Platform 2.4 for RHEL 8 s390x
- Red Hat Ansible Automation Platform 2.4 for RHEL 8 ppc64le
- Red Hat Ansible Automation Platform 2.4 for RHEL 8 aarch64
Fixes
- BZ - 2329287 - CVE-2024-53908 django: Potential SQL injection in HasKey(lhs, rhs) on Oracle
- BZ - 2329288 - CVE-2024-53907 django: Potential denial-of-service in django.utils.html.strip_tags()
CVEs
aarch64
| ansible-automation-platform-24/aap-must-gather-rhel8@sha256:0102e055ce1218eee9cea916f15f411e0c34feb8291b44b8b2e7d893c00be2a6 |
| ansible-automation-platform-24/ansible-builder-rhel8@sha256:2a5196497c58f63d7fe5ebbe50932e08c7e7fd70299c666b9e95d4428f5eba99 |
| ansible-automation-platform-24/ansible-builder-rhel9@sha256:89d7602ac5118914ee71f744e9ec8a903ac21b677d5b1d084f1ae617b8d9f69b |
| ansible-automation-platform-24/ansible-python-base-rhel8@sha256:7dc16a8b0e63269e7fa8a2a12067301debf6cc1ac2ff4df12b72205c25c8f08b |
| ansible-automation-platform-24/ansible-python-base-rhel9@sha256:593319a5bf8d1edd9a1907d43f2d65ee43b993d951ace359118238b960651f39 |
| ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:0bd94796bdadd2747f0f603449e87bb221398edd80ccd129a1b8c753535c6c54 |
| ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:f841856e41729b633c4a9236ed764037826e578bd0c258065ffe73c4b1eb633c |
| ansible-automation-platform-24/controller-rhel8@sha256:e8ea9a3a33f2886ff1c0c0f86080e9346bca09a8f3ee1813606d4a7e4a81ebdd |
| ansible-automation-platform-24/controller-rhel8-operator@sha256:ad3d7cb0638db16edb5a6460b2d5bd6250eee9047110f4040298bcf38f59b087 |
| ansible-automation-platform-24/de-minimal-rhel8@sha256:8e9e9f2bc0e73157477ca9992631a36b31d66f17b27e22698bdba14e10669854 |
| ansible-automation-platform-24/de-minimal-rhel9@sha256:5011d83e6d1685e8a343f929e0b4c617f503582b3dcaeeaea80a5d2747ae86db |
| ansible-automation-platform-24/de-supported-rhel8@sha256:e9703b9e9e84d4cd27c68b2c3191474bd5f658da1adbf7a482115ba98108347e |
| ansible-automation-platform-24/de-supported-rhel9@sha256:e8ad23d425ad5df5cb66227f295d0bd30cd029752a55c7636a6b8530a5233dbd |
| ansible-automation-platform-24/eda-controller-rhel8@sha256:df0c16e9211830bc087391c72fdd4fc8323e958459dcd184459e8e3106a18c00 |
| ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:19589e8b4408d1275477133979ee78d92ea9e3b627a65ac044ffba5597eaffcb |
| ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:b3a204f5f0fedd7d886b616f43227901c15f28b7d56a397f476eeda50af4a29a |
| ansible-automation-platform-24/ee-minimal-rhel8@sha256:8980893f45b93b5f04abe3051cf23f2f75e37d22ee5226135f4f2cde1d28e262 |
| ansible-automation-platform-24/ee-minimal-rhel9@sha256:c0001879fa7c39bf062f72e6922771f2fcd9f34d35d9212af13739a5f18b1348 |
| ansible-automation-platform-24/ee-supported-rhel8@sha256:24e55d2383e050ed6f82be1bf0e264a3db1157b65865d47fac625c4bfd0f30be |
| ansible-automation-platform-24/ee-supported-rhel9@sha256:e93a5d27d2dc99c99a9d01cc300b6738793191672f03258df8d327d2cb01a175 |
| ansible-automation-platform-24/hub-rhel8@sha256:3ff6ce7fe89ad1bc2d21eccbf6504a03303f5840d13f20a2fb27b981a4c15d60 |
| ansible-automation-platform-24/hub-rhel8-operator@sha256:ac0ac199817d425b3ee372e5bc09016f3ede019f88d5652305b2b9622ab345aa |
| ansible-automation-platform-24/hub-web-rhel8@sha256:08271b917f734972da8f13609c66605451e3f04223a901f63989b46eb717d637 |
| ansible-automation-platform-24/lightspeed-rhel8@sha256:c4611d6fc4d273531c549c216187190dd05d940092e5ed10e580580d65f5f3ca |
| ansible-automation-platform-24/lightspeed-rhel8-operator@sha256:1943c8ae02847eb7b010a4c404649b57b9755576ce6282b64c14921e58d2546e |
| ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:808ddbcabb93cb7ae15b8e322be3ec453b85547b73e792b553730f3ddc143978 |
| ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:b94a63c2b364c38738fae612e017ff297b4575d1a39790f400375d0b9e7a07a8 |
| ansible-automation-platform/ee-containerized-installer-rhel8@sha256:f774f071140c24656d75b5facdcbb4c25fe6cb0c0dc40861c67c790fd2b086f3 |
| ansible-automation-platform/platform-operator-bundle@sha256:228d3b0f9bef17bbe77ebe91ea8d7d0619a5e5bc578c857d89056ec9ee4ee0dd |
ppc64le
| ansible-automation-platform-24/aap-must-gather-rhel8@sha256:42844c87f55855832c5bdf4677c7028dffae1a0d811be4539ad4b00f90d0d1ac |
| ansible-automation-platform-24/ansible-builder-rhel8@sha256:c68fa85a9da99dd5b314b8d876d666b3dfa59ae3ad10415600e5f58b83bf7f0f |
| ansible-automation-platform-24/ansible-builder-rhel9@sha256:dcb08b4419ff62e3f9e714763fde79e8e33e9f2232cdc48939f15a247eb680cb |
| ansible-automation-platform-24/ansible-python-base-rhel8@sha256:da3bfa216855d03e8804262bf40a7e7fc6bbd28e73927de5a4704caf4560d130 |
| ansible-automation-platform-24/ansible-python-base-rhel9@sha256:457c3853e03f498c7fb9b6eca7a1d38fac2bb44a86c4917bd783e6b531908898 |
| ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:012d09d45262d21d588d3a2c4761ec4839723c6399b0ce7545747133c1ec36b9 |
| ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:5c473c59d49a6148ef3b1978d0b257ac9bdb39adea24f03686cf6bf4c0a01acf |
| ansible-automation-platform-24/controller-rhel8@sha256:e2798453ed315a990acdba56bdd1f781561d45f280ac239d6f106b58c07be43f |
| ansible-automation-platform-24/controller-rhel8-operator@sha256:cf53b50e24d05907b0451c09fa17fe45e482d78294f5bd209bffffd6fb4c04a3 |
| ansible-automation-platform-24/de-minimal-rhel8@sha256:ef5f247302edf6fac9973957cd1cc65c845f8ff7e4bdbd391675ec1d257db351 |
| ansible-automation-platform-24/de-minimal-rhel9@sha256:9033ccb253aea511fdf6ca2b3992f423aba281c9895fdcd2dfd7b2046c180aa1 |
| ansible-automation-platform-24/de-supported-rhel8@sha256:b43c3ea7185a5fdedaba4bdae993e7d815bb262d04f63d5da9549e2091ff90b2 |
| ansible-automation-platform-24/de-supported-rhel9@sha256:24586aee7b24ad3fcc3669a0f72a9c17423b0c9c9d23746c41778f6cbfcea57d |
| ansible-automation-platform-24/eda-controller-rhel8@sha256:337c8e7ccc50267d8c6e5a3e8c33bda9b31d1b045feb5e48ffbbd9fea8f71bf7 |
| ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:2ce93adf960acfb16ccf74040f28b1632b3eced2dc882a04a85a2e4373cc0956 |
| ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:fbf31347e1ecde823d672a60d511948f8ba7397d058feb48a1850dd1a3c7f434 |
| ansible-automation-platform-24/ee-minimal-rhel8@sha256:04b89ac2483b1aa07f07ece662c01435323d8b08bb9b3cfe817d7498fb34b2a9 |
| ansible-automation-platform-24/ee-minimal-rhel9@sha256:b7915c86e578e165f4901817a4f7115fbf06af4f95f510d67f2575d4cb8dfddf |
| ansible-automation-platform-24/ee-supported-rhel8@sha256:88c311c0366beae8a95662a5f6b099e8ab879f0aa06f5695876b89cc65943662 |
| ansible-automation-platform-24/ee-supported-rhel9@sha256:c2dd3e1f2cf54b533d7697f2e9f8fdb189c3097b3d63d4bbb94f1c6e7bce17c1 |
| ansible-automation-platform-24/hub-rhel8@sha256:e681718e1887d6c38de177461c1e02a4fac34cbca9a0fab1434eb20d56920e2b |
| ansible-automation-platform-24/hub-rhel8-operator@sha256:b077d84ee2559d304931231f9cb536d156595b6a4ce618a2fa476e49cb70fbdb |
| ansible-automation-platform-24/hub-web-rhel8@sha256:f98ed4fa3cea7064e54e12c61e1fb975e080a90cdc76fda53386a2f6bb66c9b3 |
| ansible-automation-platform-24/lightspeed-rhel8@sha256:6c1bc69e18f1a0bd24a0d34c842fabc021a42127ae234c905ae6851dea946e32 |
| ansible-automation-platform-24/lightspeed-rhel8-operator@sha256:e904a07cca84338c16368be5572a5955135c0f8e203cda8dfcb7439b8e539edd |
| ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:20ee3c84df9998224c139b6967847f87d1b9041d70835073ed02afc316362f72 |
| ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:4447bd351061aad8a2dbad4730a6aebf2e4e8550dbca5eead87eca9d5ec32046 |
| ansible-automation-platform/platform-operator-bundle@sha256:b6840eefbf12903de23d3c18b03c947c8420a2a68dbdfd223d2d4656108c549c |
s390x
| ansible-automation-platform-24/aap-must-gather-rhel8@sha256:66dee3f64d97eedc72c65937662ea390e322f48417d38bf7edfd0732847e5c11 |
| ansible-automation-platform-24/ansible-builder-rhel8@sha256:527faf46f93da5a7c8b5b895ed3456169957314e89eb5560419510d7355fc544 |
| ansible-automation-platform-24/ansible-builder-rhel9@sha256:816a30c2e05ff1c5e4d4fa2a97f54e724620bedb11ed8311a08c9c3f0268f5a7 |
| ansible-automation-platform-24/ansible-python-base-rhel8@sha256:0ddbd90e839d279223a519ecb82cc77e2badf9551007e147073853c652d0fe7f |
| ansible-automation-platform-24/ansible-python-base-rhel9@sha256:18efdcb955685f9cca6968c8618c557424268b6e00275241a1ef328c01c9cafd |
| ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:5ec562d60b6f52936be5d5e778c53f5d600c01773477a4579ffbea617f6d61de |
| ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:3448aef0bd8b7b95a7c054e185c5ec8dfec999ccee5f3df8591b0c6205f25e53 |
| ansible-automation-platform-24/controller-rhel8@sha256:568f2eebcff54305a48a50d18ae29392c0d1cd06dc44844a1a609b09d09fa23d |
| ansible-automation-platform-24/controller-rhel8-operator@sha256:5e9a69e91695155c814b1b7681c03ecffca4e26ed7c816812f0214ed13d3899f |
| ansible-automation-platform-24/de-minimal-rhel8@sha256:9ea01bb531c010b7a520cd95af862c3d6972dca9f1720c699d1d537cad30b780 |
| ansible-automation-platform-24/de-minimal-rhel9@sha256:abcb175c9e189dc0a8ac06873bb045220ca13db0d97614aae5d5c57abf9e6ba1 |
| ansible-automation-platform-24/de-supported-rhel8@sha256:42dbb2ec425337cb48f471829d5114961013d6252a661b748f2a00c09381633a |
| ansible-automation-platform-24/de-supported-rhel9@sha256:4788d95bc7e24ae77a7e85b93379d1879f8130e9efe78c22b544d207be063d0d |
| ansible-automation-platform-24/eda-controller-rhel8@sha256:87ebe6915345cf5a02d5615e7275b9570e2865c73cd9025769b2c5aac5a2aaf2 |
| ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:e7e2a31557884abe273588aafaf252a72f06f2f837e5c84af2d8a53ace5e5c96 |
| ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:69e55708d5ef11b1162b58fcf24fd1167fc9d6ebd712e6481bbec14de1ef3898 |
| ansible-automation-platform-24/ee-minimal-rhel8@sha256:4f4709da909c26a79055be6560f8f5213351fc9dde37952b4438b6a7f931ffe1 |
| ansible-automation-platform-24/ee-minimal-rhel9@sha256:3730e7e244ba8aeb3e77db6973ca974919ce9cf291f00b93719dc93c0a7578d6 |
| ansible-automation-platform-24/ee-supported-rhel8@sha256:033502a51c4cd33c4f0e86929d3711b48716e9a20ce1981c4f5a77a5781d99de |
| ansible-automation-platform-24/ee-supported-rhel9@sha256:270cfcc048baff6532f3598a093e8df4e2cbe0896ba749a0d0abaa8876e323c8 |
| ansible-automation-platform-24/hub-rhel8@sha256:454329b6e3df1048597f207dfcac2ed059ee381b4323f115a4dca2499d4d73f9 |
| ansible-automation-platform-24/hub-rhel8-operator@sha256:aa4191f7afca826a5c5e98cb4bc3dd24fda555e3528ac32e7e1e3de26903927c |
| ansible-automation-platform-24/hub-web-rhel8@sha256:b21a8c7ba76595a22c71da274e0cebcf18d16d511a3239562421cac5c99e96af |
| ansible-automation-platform-24/lightspeed-rhel8@sha256:31ebbad26f4a5a96806647a1cef6252e78c137083ef0719b710fcf567fdd9ca3 |
| ansible-automation-platform-24/lightspeed-rhel8-operator@sha256:1baf3589d374145970c7639cf46bc7d899887e73928ade925da6e09111f25d8d |
| ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:7ef1c5322dbae8e9d5bfa815f34fe00de07aa719301f84231cbcb3520d5751e9 |
| ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:ec5af84ddaa710d728d95c82a4baf0a9b1cd765dd8a23ddf7d01cc7954367b16 |
| ansible-automation-platform/platform-operator-bundle@sha256:e864d4dcbbaf91452fb82e4abead86058c25a8155e7cfcf758611e624f372c57 |
x86_64
| ansible-automation-platform-24/aap-cloud-billing-rhel8@sha256:1676b5fc51c806047ac3be39a878e5ce2b61654b40c0caba67942ac5001b019d |
| ansible-automation-platform-24/aap-cloud-billing-rhel8-operator@sha256:c393119138a55f9fc021cc871853250dccaac1f5ebfe17ea25490a83e677e598 |
| ansible-automation-platform-24/aap-cloud-metrics-collector-rhel8@sha256:51056b354a5c4f828085bc94f99377445d1820958b1af311912d009925d14138 |
| ansible-automation-platform-24/aap-cloud-ui-rhel8@sha256:7a519ba56fc0172fcee2ce92908b3393488250082d51e45e6f790f36226842d6 |
| ansible-automation-platform-24/aap-cloud-ui-rhel8-operator@sha256:0e7368f0ee868958f46371504c6d41f943120546ab5d79ddcc490f438924e3ad |
| ansible-automation-platform-24/aap-must-gather-rhel8@sha256:2ed000027f180c8d8cf62a02eff12d480d5962e79865094c2d556c633cb885de |
| ansible-automation-platform-24/ansible-builder-rhel8@sha256:82fe92b86e73009ead7ab30fc06c704377f0bc02fcf63cd784dd814446cefa31 |
| ansible-automation-platform-24/ansible-builder-rhel9@sha256:7d119fcf3b44a5724d71a05ee2628b2bc8e18f5deb9bfb605cf05627868c886c |
| ansible-automation-platform-24/ansible-python-base-rhel8@sha256:2a16dd7343439f4952890d6a5ad01b248d2782ecce03171e2d4f1d06c80d4674 |
| ansible-automation-platform-24/ansible-python-base-rhel9@sha256:043c04d30fcc9855bdd01ec561578218124ccac96ae989667c3df7ed76303659 |
| ansible-automation-platform-24/ansible-python-toolkit-rhel8@sha256:2ce87ebb8606f62d930675a9b412409640db391437f43fce5fd368fbbdec42de |
| ansible-automation-platform-24/ansible-python-toolkit-rhel9@sha256:9129d1759cd1bd37961f2c663f668744a2f96a55446ede9b6f585bf156351ef2 |
| ansible-automation-platform-24/controller-rhel8@sha256:725d6fef58d75526c8b19945f4710215237f3a458f7645d29a66493d259b2c49 |
| ansible-automation-platform-24/controller-rhel8-operator@sha256:696af2974cd0a7d203833ae2e9f933c72f41c043fcdeef48ef118e1c22ccc365 |
| ansible-automation-platform-24/de-minimal-rhel8@sha256:c5d7d2b8f9a67dc81930a83d13e3d222acca1577adea39a202eb3875af31c296 |
| ansible-automation-platform-24/de-minimal-rhel9@sha256:91e8da65fdfe6edc2615c58cda0ca96087c45d82ab6fec6fe8904a4c5c61f027 |
| ansible-automation-platform-24/de-supported-rhel8@sha256:eab6809c767bbb8991bb1201fcfa6c160ce4087d12fc073caae04748ec6d41de |
| ansible-automation-platform-24/de-supported-rhel9@sha256:a11ad9ec90087a26f8309f1685e88236ba304df623f1aabab14b6cc394702d07 |
| ansible-automation-platform-24/eda-controller-rhel8@sha256:3a56e79bb963cc409eb5a34e1e6e00bcaf13556e5e79ba6a255d0cec260282a6 |
| ansible-automation-platform-24/eda-controller-rhel8-operator@sha256:991596b333e7705bf5bb75787718232bcf344829f74378136f5c021177197cf4 |
| ansible-automation-platform-24/eda-controller-ui-rhel8@sha256:863e2953b1409d2bb11968d93d00ea0f05c6cae9a424e8f82070b58de8a52252 |
| ansible-automation-platform-24/ee-29-rhel8@sha256:0f50de5b216a6123cbaa9f5ebbd5604a646c07f5f20012931ae2d40423fc8a03 |
| ansible-automation-platform-24/ee-cloud-services-rhel8@sha256:5e4b8feeedc5a1b9479fbd409a25d0eebe3995087b6161d56fc306542d53829d |
| ansible-automation-platform-24/ee-minimal-rhel8@sha256:9b89c9fcb1c853ffd035fc3df8def5010fdad15295be4771163c9f35bd369b1b |
| ansible-automation-platform-24/ee-minimal-rhel9@sha256:1b6eb56162131ee6289b3bb1c9db1cf967f781afdb47e10c21e4af772a630d83 |
| ansible-automation-platform-24/ee-supported-rhel8@sha256:25e0518f1c330bcde1c2c9c09a25c7ca9396fcb6fc08cda4dd52cc68de369b08 |
| ansible-automation-platform-24/ee-supported-rhel9@sha256:b69399ab1b34377c275d7ed529f7f78d5d521db3af4753261f122c433dac070a |
| ansible-automation-platform-24/hub-rhel8@sha256:b2d43cbaeaa3c6102f4785177e0efd168d2d468483332e31668a408689f2caa7 |
| ansible-automation-platform-24/hub-rhel8-operator@sha256:0abec239e604f08fa269404703bf0a53456cb32ca26abb0e6d19c2383f8d9381 |
| ansible-automation-platform-24/hub-web-rhel8@sha256:754db3d433f78053ab6d154dc8e3c1296c68b37fd74a088ac7b262456142c166 |
| ansible-automation-platform-24/lightspeed-rhel8@sha256:760fb7ed16bb830f2549d87eec46d95c61a6cbf868f92d8ad0de4f3713b8fa35 |
| ansible-automation-platform-24/lightspeed-rhel8-operator@sha256:7b49aee70915dd95cdf7ceba2eaac3ea9b071f0fc821ca672c3d038035da6850 |
| ansible-automation-platform-24/platform-resource-rhel8-operator@sha256:8377bc0448800a74358da6f74b3d46f114caceebbd12bf03d0fc0e65903f588c |
| ansible-automation-platform-24/platform-resource-runner-rhel8@sha256:a3ad6b6b7173fc14f44cc7a036b3dc1c8309260604ce381865fbcc6626bebc5d |
| ansible-automation-platform/cloud-addons-operator-bundle@sha256:fefeb5b316fb9cbe0f65ab873df393b9213c34e0dc764f7f67e26d012dad176d |
| ansible-automation-platform/ee-containerized-installer-rhel8@sha256:e2c9a8fd8e0fa40a7d83fb4abb08e689a8440f032efcb798c8435af3d3c6bc2f |
| ansible-automation-platform/platform-operator-bundle@sha256:674cdb2a5d0801441dd73a0b8484195e834c3cfba8d1160e8b24b6f456a0ecd5 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
