Red Hat Product Errata RHSA-2024:2094 - Security Advisory
Issued:
2024-05-01
Updated:
2024-05-01

RHSA-2024:2094 - Security Advisory

Synopsis

Moderate: security update Logging for Red Hat OpenShift - 5.8.6

Type/Severity

Security Advisory: Moderate

Topic

Moderate Logging for Red Hat OpenShift - 5.8.6

Description

Logging for Red Hat OpenShift - 5.8.6

Solution

For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:

https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html

For Red Hat OpenShift Logging 5.8, see the following instructions to apply this update:

https://docs.openshift.com/container-platform/4.13/logging/cluster-logging-upgrading.html

Affected Products

  • Logging Subsystem for Red Hat OpenShift for ARM 64 5 for RHEL 9 aarch64
  • Logging Subsystem for Red Hat OpenShift 5 for RHEL 9 x86_64
  • Logging Subsystem for Red Hat OpenShift for IBM Power, little endian 5 for RHEL 9 ppc64le
  • Logging Subsystem for Red Hat OpenShift for IBM Z and LinuxONE 5 for RHEL 9 s390x

Fixes

  • LOG-5164 - [release-5.8] Elasticsearch Operator ServiceMonitor relies on a BearerTokenFile, in violation with UWM Prometheus specification
  • LOG-5398 - [release-5.8] Falling back to use AWS S3 without any warning when the endpoint is not with https in front
  • LOG-5392 - [release-5.8] Improve validation of provided S3 storage configuration
  • LOG-5402 - [release-5.8] Configure Loki to use virtual-host-style URLs for S3 by default
  • LOG-5278 - Upgrade to Loki v2.9.6

aarch64

openshift-logging/cluster-logging-rhel9-operator@sha256:5c9d3102b85af98e2d8151deac91f847bae3dedd7732e2b38bdd245fa7d9337f
openshift-logging/elasticsearch-proxy-rhel9@sha256:da939e3767a4830e6a9552f0a563c4ea5aa4dd28fb2e19a0f37f5878dce89785
openshift-logging/elasticsearch-rhel9-operator@sha256:6ed6865ece2a53ca24ea9389d0f282b0d5f5653d635b4e356d979d2ebd9a7426
openshift-logging/elasticsearch6-rhel9@sha256:5c06e3d1f8ce8463cb5fda103e52cf189939dcf3ef42a59ff9bc65dfc552afd3
openshift-logging/eventrouter-rhel9@sha256:0a469314bddded3df4b7e686e3c4ad39dd043ae2b56c1fdc7162f1f404336439
openshift-logging/fluentd-rhel9@sha256:e2042d6109b060ebe77fd7b5352293d627e9cef14a996510c8f87d5ca8292743
openshift-logging/log-file-metric-exporter-rhel9@sha256:a30d28293139541892e8871e7f631d799f0ac6fb5924c3d933dffaa64ac83daf
openshift-logging/logging-curator5-rhel9@sha256:d8ff166ac28f3c9e96bc4690567a2deaed4704647e4bc0b611f782dcd827bd2f
openshift-logging/logging-loki-rhel9@sha256:c615a3f8752cd8f58eaaec3459565d0acaf8e122d59ee8ce6f24775a83091f0a
openshift-logging/logging-view-plugin-rhel9@sha256:4f9576d53498a20f355dc5b8a0f05335c62776b296692e7cd6277d4a6c7129f8
openshift-logging/loki-rhel9-operator@sha256:2ff7ade74d7007db36e9c8b02cf7573785fbb42e5632f6115be55b6f428c1417
openshift-logging/lokistack-gateway-rhel9@sha256:440804c5f3bcc678aca82e624f04f7436c283784f4fe50c0e6712c94b916c0f0
openshift-logging/opa-openshift-rhel9@sha256:22f8b7679190a9b26a91265bc87f4e9dd27cbf6009b44ad8daa61fa3906d6a32
openshift-logging/vector-rhel9@sha256:b0218a4d1a4b72622d9c4c82ca3515852dd78bcf488ab901392c7e998014a1f0

ppc64le

openshift-logging/cluster-logging-rhel9-operator@sha256:77b893f09078e9c5c2b8522a12fbbd954bde9fb7baaef556f02e01ba1b880935
openshift-logging/elasticsearch-proxy-rhel9@sha256:7744caeeda9acb7ad9656e0aed23d38d23101251639883726382d87d04e520b1
openshift-logging/elasticsearch-rhel9-operator@sha256:c72a7a38b007a321ea19b9aa18bd30b3e746b5bac4e0013e4bd1edc3f01e5b3c
openshift-logging/elasticsearch6-rhel9@sha256:a56f7a31e4beec80940ce58477ee03d0acc97eb924930ced3831febf7b342812
openshift-logging/eventrouter-rhel9@sha256:cb47d5023a3752f94bbeaaf7a153b98c955ee7762ec5acbcda40635524c91c6c
openshift-logging/fluentd-rhel9@sha256:8e63d64e2afcf8691c1a77c364ededa57e4769f633d51958995c0e6427b264fa
openshift-logging/log-file-metric-exporter-rhel9@sha256:5a520e94f3b447c2c7b05ed4cd15e7fa64564133973131218c9406f5733e4ca7
openshift-logging/logging-curator5-rhel9@sha256:36d0bf05c25e63fb825012f523f9756219c8e76565352862e6cd87659d3aa945
openshift-logging/logging-loki-rhel9@sha256:ae53173c993873cd57cf12d8ada2475e21a44f8c28a5c1165de1954a22dab722
openshift-logging/logging-view-plugin-rhel9@sha256:df4943fa8dae6c8ad4c6b3efddd7f4b0e6555703810f1a3fa7641d9e765b5125
openshift-logging/loki-rhel9-operator@sha256:f3b2240b889cfc03816ed3bbd0b908d9700bebac9a8b68e9b092c72963a921ae
openshift-logging/lokistack-gateway-rhel9@sha256:f139dd5d55de55b628b68ad48ef2ca510d85810a00eb8343483a54f9c8b7c44e
openshift-logging/opa-openshift-rhel9@sha256:102ca86098e7bad5b842961907328a7ffe6e087f031d9d27c5542d4ca5098269
openshift-logging/vector-rhel9@sha256:5fb1d2d210ea492885885a863653049dae8ab8b6fecd24dd81a3fd6ff975e479

s390x

openshift-logging/cluster-logging-rhel9-operator@sha256:f0cc599e5f50d8b04c03cf0dc0ce7a348c5b2b44ecdce12b4517f06d27fafc65
openshift-logging/elasticsearch-proxy-rhel9@sha256:d9df76db2855ff0ee7c3c9a0e938b8979b3b09a5adf38d6b4cf50079303fac6e
openshift-logging/elasticsearch-rhel9-operator@sha256:a8ffedee4a3e56014514b05034485c4e67b8dd819a4252d393e2a48d580c832d
openshift-logging/elasticsearch6-rhel9@sha256:3f4ea6c7d4ddf93325a7464fc36098ae88c583cc909dfe5ab97f63b1d2aa0f6a
openshift-logging/eventrouter-rhel9@sha256:a1178e24b5106fa48f0f8b0ea5d18e859ebe87118feb04667cd6d85f37f72c98
openshift-logging/fluentd-rhel9@sha256:4f27498a88603d313b9f238d0736ce1683dbf5bd64c426526f28512ec5e8582f
openshift-logging/log-file-metric-exporter-rhel9@sha256:3284deb724dc856f40a72643f1e535e47ef32cc3ca5cf5c6469ce0de4a8a3015
openshift-logging/logging-curator5-rhel9@sha256:83ac807ec481fec330d31a46241405ccbf1fef771980f3039e30a38fcc3fb8a1
openshift-logging/logging-loki-rhel9@sha256:f59dc8640582e58f6b09132e23ab9d1d59b115ed13223e25c366c53d07b29c4d
openshift-logging/logging-view-plugin-rhel9@sha256:379d2634151717d612c5c69ce484126362a00fafec9da5f7538d93d6ff54f9a4
openshift-logging/loki-rhel9-operator@sha256:68464c088b9aca3572e4ab222e257e8265fbeaf70f113266bf774c3af577be66
openshift-logging/lokistack-gateway-rhel9@sha256:9a84ed1c8fbc4e80a109f58c7e09a9c31ed6219f793b9cf760dc7e19a2e0e5b0
openshift-logging/opa-openshift-rhel9@sha256:944c01b4b0f3db293fda1efd1380f6243c5feaee698fa86b659e43ae6b11cc25
openshift-logging/vector-rhel9@sha256:7106b56c76321111aa0b050db4bb9c80f892765f3c19422eb409970f7349ea6c

x86_64

openshift-logging/cluster-logging-operator-bundle@sha256:b8f7447cea88a30d89bc8ade1f5ff5141f622be6a243cb5528a7375a211691fb
openshift-logging/cluster-logging-rhel9-operator@sha256:29e258c3adcf75769a677a6b2b9686e41805d92eb28e13588037daf6b419c13d
openshift-logging/elasticsearch-operator-bundle@sha256:2f1f1bc490563ad977eb7401ffa466c013568cac2b35550973c6abe5975afd5e
openshift-logging/elasticsearch-proxy-rhel9@sha256:d27f9b4a659dffe0084179c8f92b398c337a9e841e650363f085a1ddb2dcd203
openshift-logging/elasticsearch-rhel9-operator@sha256:ec3ce9aef0917ed4e1a691655191edafd0f974acfe5d0ab86d7d2b8f177b9dba
openshift-logging/elasticsearch6-rhel9@sha256:dd19b9602d8a8d53baab2af94ea35d577b0459676af8231078f88ba464034e3c
openshift-logging/eventrouter-rhel9@sha256:81bac8525a2ed6566724c0cd80c9afa101aa257c57860e31bae3d644b5b5557d
openshift-logging/fluentd-rhel9@sha256:ff1fa24f96891ed3c741268103279113b2fa08abfac0498f2cb20e36fd2440cf
openshift-logging/log-file-metric-exporter-rhel9@sha256:e9b4660f1d13505e0a81d75b4774f50033eaa68de9a08bb00a5cd8adad43b495
openshift-logging/logging-curator5-rhel9@sha256:4e3ff8194f241111629e5ac327b02912d0a311cb8ef0852a996bb963da57aeb7
openshift-logging/logging-loki-rhel9@sha256:72da31979288ddcfdb509a91daf7ac065281d3b6a825378d1ec3861ec093bef4
openshift-logging/logging-view-plugin-rhel9@sha256:9fcd2a6f8b17cce445fa1504d50d62b10ea18c25f3a6f804cc173ff806497e25
openshift-logging/loki-operator-bundle@sha256:c8be461d4ce8388b4fa5bd3beccbf70b88a7b51446cf80e14a574cd663638b24
openshift-logging/loki-rhel9-operator@sha256:4151aa4e86dff1edb506f242bda4e0c0ae9f4f8514d83f81cabb68339b2d6d2f
openshift-logging/lokistack-gateway-rhel9@sha256:a447372d5ec8dd64b48fdeb2ef509b34dda37ff66dd531ec40e29e49cc1be1fc
openshift-logging/opa-openshift-rhel9@sha256:e7dc760a96c75ccfb731ea608eb77d298c627cd5db8e8c70099a30a49de021c6
openshift-logging/vector-rhel9@sha256:e7727b31a4224f2ecf58e620a8187b6b64c1883d0424db2a835334bff4d310b6

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.