Issued:: 2024-08-01
Updated:: 2024-08-01

RHSA-2024:4973 - Security Advisory

Overview
Updated Images

Synopsis

Important: Errata Advisory for Red Hat OpenShift GitOps v1.12.5 security update

Type/Severity

Security Advisory: Important

Topic

An update is now available for Red Hat OpenShift GitOps v1.12.5. Red Hat
Product Security has rated this update as having a security impact of Important.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Errata Advisory for Red Hat OpenShift GitOps v1.12.5.

Security Fix(es):

openshift-gitops-argocd-container: Unauthenticated Denial of Service

Vulnerability via /api/webhook Endpoint in Argo CD [gitops-1.12](CVE-2024-40634)

openshift-gitops-container: Argo CD web terminal session doesn't expire [gitops-1.12](CVE-2023-40025)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat OpenShift GitOps 1.12 for RHEL 9 x86_64
Red Hat OpenShift GitOps 1.12 for RHEL 8 x86_64
Red Hat OpenShift GitOps for IBM Power, little endian 1.12 ppc64le
Red Hat OpenShift GitOps for IBM Z and LinuxONE 1.12 s390x
Red Hat OpenShift GitOps for ARM 64 1.12 for RHEL 9 aarch64
Red Hat OpenShift GitOps for ARM 64 1.12 for RHEL 8 aarch64

Fixes

(none)

References

https://access.redhat.com/security/updates/classification/#important

aarch64

openshift-gitops-1/argo-rollouts-rhel8@sha256:bdfbf535f858e2c2e1abb74c2d513bf5f970d105f7d7b9678adb4702934056db

openshift-gitops-1/argocd-rhel8@sha256:e4859aef6c26fbadaa45f4e37813977208f490f6f1c047621591ad6be30577b3

openshift-gitops-1/argocd-rhel9@sha256:233b230e32fb38dfddc32ef3046568d80816031c9a6fcff8393448ba452d4f50

openshift-gitops-1/console-plugin-rhel8@sha256:5fe4ade2ee712defbdd1e0b64af88b62ed7c9bd95ee896e1a9de5ac528320e19

openshift-gitops-1/dex-rhel8@sha256:d002617194b11ad14c836a5367ca0198be802c40d8e86b54f188f80fbdf70ff1

openshift-gitops-1/gitops-rhel8@sha256:eb2ad7951c4e0125fb803d681f42f6e8a4d0ce03e1be9567f3aeb9d131c3ed5b

openshift-gitops-1/gitops-rhel8-operator@sha256:81bc146c5dfbacde091a03ed12d04b61bc33258d44203798e332efb0ee5c27f9

openshift-gitops-1/kam-delivery-rhel8@sha256:1e17fb78bcf6d4799b02e514527010cf267502d982c2f6e7ce92309e9d0cf550

openshift-gitops-1/must-gather-rhel8@sha256:423090fd4a5d3f096c61c0445c005da53095dff0154b9ad680c3749b7ef6e4dd

ppc64le

openshift-gitops-1/argo-rollouts-rhel8@sha256:cb95a31e6445ba30f6189fd8ff2ef6f75b37d7d5835ca168b0a4ea6f03678b1f

openshift-gitops-1/argocd-rhel8@sha256:b2596687f550a204e1c0994583406f857faa1917a1e41561d6b154071c3ed63e

openshift-gitops-1/console-plugin-rhel8@sha256:ba1ed27f053c5cbb54febfa8b03a038250c557586c501e09abe6906592cdcd19

openshift-gitops-1/dex-rhel8@sha256:67837763574902fd1c6ac1bff6bd7efe6e1fab7049389ae69bc21f50d810397c

openshift-gitops-1/gitops-rhel8@sha256:75cbc8b5e4b25ded63ad9dfec0e1acaca8f0779c85c8e28b489ba2292d176c2b

openshift-gitops-1/gitops-rhel8-operator@sha256:edfa5765e92902d63473e1921d4814a007db7bf7242a11b929b1550954ea1dde

openshift-gitops-1/kam-delivery-rhel8@sha256:fd3214d586fd54846577a57285378b87cade3575911d6040701aee903a53800a

openshift-gitops-1/must-gather-rhel8@sha256:103da26a12b0f6408da3a16b93a4051ae3c2bd68c5c23398ab09d6a3bc33cb3b

s390x

openshift-gitops-1/argo-rollouts-rhel8@sha256:5a9383d8434b4e435d87fa2cecef424f99474bd9a0cb4ea7f7ec503e5dcf0678

openshift-gitops-1/argocd-rhel8@sha256:50d0f3f3f9fa326e666bd3d10925cf8b833db3d6d2dd74ddb892df038538505d

openshift-gitops-1/console-plugin-rhel8@sha256:c26725f56d3fe072550431d490cd4faefc7bed9dc624d5f6c240044e736accc5

openshift-gitops-1/dex-rhel8@sha256:af0b83accf4344127f61b381dd4f520cda86ade8ee983f1c1ebf11a439f021a7

openshift-gitops-1/gitops-rhel8@sha256:a0684ea750c0aef0ee43e8802a41464d2d6a59a33e698e871b544e7052a6ebc8

openshift-gitops-1/gitops-rhel8-operator@sha256:f979017b7f16d95047c74a087eac689f339cb0a6ad8fa740c138151162a83e29

openshift-gitops-1/kam-delivery-rhel8@sha256:178d6bd716c9054f92c9f3889b9f005ca5fd9934b39834e7e13bb34600b24b6b

openshift-gitops-1/must-gather-rhel8@sha256:888cc5b63ecee0f30e1ae45faf5ccb2d17c73c902a918b9c2e5abe85f8579f46

x86_64

openshift-gitops-1/argo-rollouts-rhel8@sha256:18b430d162405a964f846242be0c3b7014be4c33689a3a8743b44238c9d7fb75

openshift-gitops-1/argocd-rhel8@sha256:3bd5a449c9f9d8f36dcb190c5cf245c7700993a81cf44a65ef3bc3e23bbf1661

openshift-gitops-1/argocd-rhel9@sha256:c5cbc537b3079fc08d118434ac23e262d9e679adf4143d2be05009831bfa3e6f

openshift-gitops-1/console-plugin-rhel8@sha256:e3979829c8f831fac5a8f7e22e620b8d79cb223dc973a4d9d1fe3b6245bf6ab4

openshift-gitops-1/dex-rhel8@sha256:dbcaa78bc38f4f413eb826f39473c775ec47e64dd17a8779f2c74bf1e65631b5

openshift-gitops-1/gitops-operator-bundle@sha256:47798cd9f0498560eab4efede77f144b937b07ddb77e3831b654f51d1a5b04b6

openshift-gitops-1/gitops-rhel8@sha256:5f9ae6792724ac2e40928d65981d33d54cb29e0d03a4c76eb18deabdf76601bc

openshift-gitops-1/gitops-rhel8-operator@sha256:9164b66f491acb3f5ad79a44b1a0d342644bc3c860e98fd2034aa7676b897024

openshift-gitops-1/kam-delivery-rhel8@sha256:9f4d4a389a54f9c58527e7b5177b11b2f2829ef59a56fae3a4f70192a4823b32

openshift-gitops-1/must-gather-rhel8@sha256:02ebf2575bd5991d75d02355967659c71e52f1e7e86bf92e05e614280712552a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation