Issued:: 2024-04-02
Updated:: 2024-04-02

RHSA-2024:1561 - Security Advisory

Overview
Updated Packages

Synopsis

Important: Red Hat build of MicroShift 4.15.6 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat build of MicroShift release 4.15.6 is now available with updates to packages and images that fix several bugs.

This release includes a security update for Red Hat build of MicroShift 4.15.6.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the edge capabilities of Red Hat OpenShift. MicroShift is an application that is deployed on top of Red Hat Enterprise Linux devices at the edge, providing an efficient way to operate single-node clusters in these low-resource environments.

This advisory contains the RPM packages for Red Hat build of MicroShift 4.15.6. Read the following advisory for the container images for this
release:

https://access.redhat.com/errata/RHSA-2024:1559

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All of the bug fixes may not be documented in this advisory. Read the following release notes documentation for details about these changes:

https://access.redhat.com/documentation/en-us/red_hat_build_of_microshift/4.15/html/release_notes/index

All Red Hat build of MicroShift 4.15 users are advised to use these updated packages and images when they are available in the RPM repository.

Solution

For MicroShift 4.15, read the following documentation, which will be updated shortly for this release, for important instructions on how to install the latest RPMs and fully apply this asynchronous errata update:

https://access.redhat.com/documentation/en-us/red_hat_build_of_microshift/4.15/html/release_notes/index

Affected Products

Red Hat OpenShift Container Platform 4.15 for RHEL 9 x86_64
Red Hat OpenShift Container Platform for Power 4.15 for RHEL 9 ppc64le
Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.15 for RHEL 9 s390x
Red Hat OpenShift Container Platform for ARM 64 4.15 for RHEL 9 aarch64

Fixes

BZ - 2262921 - CVE-2024-1394 golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads

CVEs

CVE-2024-1394

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenShift Container Platform 4.15 for RHEL 9

SRPM
microshift-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.src.rpm	SHA-256: e6e02bab4561c215c6bfda9246613def1c71b7f75761ac74107337d2935ceed2
x86_64
microshift-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.x86_64.rpm	SHA-256: 7054a14df01ed683b3e97187e33dfa06980a3df780c3c670af822fea7eb6969c
microshift-greenboot-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: 512f20dadaf4821e189fff7e5dd7315610ddd9b6de9615e57bb656fab36c910a
microshift-networking-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.x86_64.rpm	SHA-256: 14439f0c678373218f15354b66dacca94001bef4fe05ab1ebe04ab17957d8548
microshift-olm-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.x86_64.rpm	SHA-256: 3aa61da3801f3ec5fb75716852c8efad356549df27af09edb1eccf5405407408
microshift-olm-release-info-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: f3e5360c372ec263509ef419c81ae27968d39f89e92f8644c8c414547de6e749
microshift-release-info-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: 1eb3a823683db3c7aa24dafd1558208107f7131cb44b6ae67cfd5adfcb1ca6b5
microshift-selinux-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: 65be709bb765fb51e2d4a3044bea6e37a98321ffea0575d459141435b8956b6c

Red Hat OpenShift Container Platform for Power 4.15 for RHEL 9

SRPM
microshift-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.src.rpm	SHA-256: e6e02bab4561c215c6bfda9246613def1c71b7f75761ac74107337d2935ceed2
ppc64le
microshift-greenboot-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: 512f20dadaf4821e189fff7e5dd7315610ddd9b6de9615e57bb656fab36c910a
microshift-olm-release-info-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: f3e5360c372ec263509ef419c81ae27968d39f89e92f8644c8c414547de6e749
microshift-release-info-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: 1eb3a823683db3c7aa24dafd1558208107f7131cb44b6ae67cfd5adfcb1ca6b5
microshift-selinux-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: 65be709bb765fb51e2d4a3044bea6e37a98321ffea0575d459141435b8956b6c

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.15 for RHEL 9

SRPM
microshift-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.src.rpm	SHA-256: e6e02bab4561c215c6bfda9246613def1c71b7f75761ac74107337d2935ceed2
s390x
microshift-greenboot-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: 512f20dadaf4821e189fff7e5dd7315610ddd9b6de9615e57bb656fab36c910a
microshift-olm-release-info-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: f3e5360c372ec263509ef419c81ae27968d39f89e92f8644c8c414547de6e749
microshift-release-info-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: 1eb3a823683db3c7aa24dafd1558208107f7131cb44b6ae67cfd5adfcb1ca6b5
microshift-selinux-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: 65be709bb765fb51e2d4a3044bea6e37a98321ffea0575d459141435b8956b6c

Red Hat OpenShift Container Platform for ARM 64 4.15 for RHEL 9

SRPM
microshift-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.src.rpm	SHA-256: e6e02bab4561c215c6bfda9246613def1c71b7f75761ac74107337d2935ceed2
aarch64
microshift-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.aarch64.rpm	SHA-256: 48510a20a6582cd958951f2153f99cca19ab9ec4703c8e9f3fbf578bc30d0601
microshift-greenboot-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: 512f20dadaf4821e189fff7e5dd7315610ddd9b6de9615e57bb656fab36c910a
microshift-networking-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.aarch64.rpm	SHA-256: 09487972b63908eacdaca1751487ee43dfd23fca317bed24aa4870f9b4cb7574
microshift-olm-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.aarch64.rpm	SHA-256: f2bd549575c2954e3de2a76b0add705cc5bad2c3e4b7749657ccc1a83841c9bf
microshift-olm-release-info-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: f3e5360c372ec263509ef419c81ae27968d39f89e92f8644c8c414547de6e749
microshift-release-info-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: 1eb3a823683db3c7aa24dafd1558208107f7131cb44b6ae67cfd5adfcb1ca6b5
microshift-selinux-4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9.noarch.rpm	SHA-256: 65be709bb765fb51e2d4a3044bea6e37a98321ffea0575d459141435b8956b6c

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation