Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2024:5199 - Security Advisory
Issued:
2024-08-19
Updated:
2024-08-19

RHSA-2024:5199 - Security Advisory

  • Overview
  • Updated Images

Synopsis

Moderate: OpenShift Container Platform 4.12.63 security and extras update

Type/Severity

Security Advisory: Moderate

Topic

Red Hat OpenShift Container Platform release 4.12.63 is now available with updates to packages and images that fix several bugs.

This release includes a security update for Red Hat OpenShift Container Platform 4.12.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.63. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHSA-2024:5200

Security Fix(es):

  • go-retryablehttp: url might write sensitive information to log file

(CVE-2024-6104)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.12/updating/updating-cluster-cli.html

Solution

For OpenShift Container Platform 4.12 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.12/release_notes/ocp-4-12-release-notes.html

Affected Products

  • Red Hat OpenShift Container Platform 4.12 for RHEL 9 x86_64
  • Red Hat OpenShift Container Platform 4.12 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform for Power 4.12 for RHEL 9 ppc64le
  • Red Hat OpenShift Container Platform for Power 4.12 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.12 for RHEL 9 s390x
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.12 for RHEL 8 s390x
  • Red Hat OpenShift Container Platform for ARM 64 4.12 for RHEL 9 aarch64
  • Red Hat OpenShift Container Platform for ARM 64 4.12 for RHEL 8 aarch64

Fixes

  • BZ - 2294000 - CVE-2024-6104 go-retryablehttp: url might write sensitive information to log file

CVEs

  • CVE-2024-5564
  • CVE-2024-6104
  • CVE-2024-6345
  • CVE-2024-37891
  • CVE-2024-38428

References

  • https://access.redhat.com/security/updates/classification/#moderate

s390x

openshift4/metallb-rhel8@sha256:7223d061d22f302dc85031b68884fefdc5b958570878f57d6c27a6a89fd9d15b
openshift-tech-preview/metallb-rhel8@sha256:7223d061d22f302dc85031b68884fefdc5b958570878f57d6c27a6a89fd9d15b
openshift4/frr-rhel8@sha256:bbb68498bf47794655cec2658a68647a80c591aef72723540803590974195a4a
openshift4/kubernetes-nmstate-rhel8-operator@sha256:7b3174af79cb53361cd66e76e2fff442f47d582aa55252acd119a36b817a7944
openshift4/metallb-rhel8-operator@sha256:c90b6a314f7e325f1ef8c7c14ce1e70f1697246a62d6674bc78404eef8b34fca
openshift4/ose-ansible-operator@sha256:4490100743716d73676e825967063d878a824acee5ad5cb340e677c1d1929b93
openshift4/ose-cluster-capacity@sha256:ddb01be63de7ea06936b72f5592a50b610be89fa895d043fcf79c60d3f9e0068
openshift4/ose-cluster-kube-descheduler-operator@sha256:63d4b27c169da993597f5eaec2950c54c7021708b996cb220a1d91062c1ef354
openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:63d4b27c169da993597f5eaec2950c54c7021708b996cb220a1d91062c1ef354
openshift4/ose-cluster-nfd-operator@sha256:435ec4fb18e43d0209e191660c91aa6eb8dc932fe5a0aea16ebd04c30d8fd9bb
openshift4/ose-clusterresourceoverride-rhel8@sha256:4b301eabc55306f6f8dc3a13facabd8d174ef28b6bf7b7343e3da4977566524f
openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:c605f3094258a25a20e5ee8fdef1ba186d0f164594349248c6f8e7b81666244b
openshift4/ose-contour-rhel8@sha256:fe49f4a0bcceba7ec26c9d1db6df0c937de15ee5aaecadeac3372b1a67bca0fe
openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:632155f339738871b9534559bbd28579aeacb7a1e3b680176494e10c58f15aef
openshift4/ose-descheduler@sha256:7561381b6fea8357a05421087ec0af616d70d85014b7bb4723e4ca15ab032cbc
openshift4/ose-egress-dns-proxy@sha256:129b1327aa5adc059c79a2bbd904bf1dbd23dc4362286e2220b404fbb9748f53
openshift4/ose-egress-http-proxy@sha256:6c7ba44f08a6f149b7ee36ba658c41e5db5a70b02b621c11b8fd3e35aa6fea80
openshift4/ose-egress-router@sha256:99b50c2272e2281c2052e260d8cb297fea7fe6a90267ebc7b53630dda39e601d
openshift4/ose-helm-operator@sha256:56b29bd1bdfd96c70c5b19891f1d9cd2cf37d433a6abc830c2ae26fb726ac31a
openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:51d2f6d3288efadce73de30f4171306d60a4a629e3aa2b414a566f191e93bea2
openshift4/ose-local-storage-diskmaker@sha256:30e8574f195156b144afaf9998bf8a61a3651c2af57b4d37a527fb838553a44a
openshift4/ose-local-storage-mustgather-rhel8@sha256:762561a57724256181a250cd50128c66cb55a5c8419bd0340dc8ec82e1a16ec3
openshift4/ose-local-storage-operator@sha256:37588c4f7c7693de30b8ebf1c8d23b6dfe6e28f209e69681040c12e70e2a2df6
openshift4/ose-node-feature-discovery@sha256:8595d222ac5ce730951c133cec30e92d9c72ca183502b62654b396f7d69af1b3
openshift4/ose-operator-sdk-rhel8@sha256:738f87ec1b2fcea5c889830176b9e494412e83a8ec8f245ebb7f655be297eeb5
openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:4eee067b601303bf9ce2370e8a1d4a8a236a49180f0e5610f4f7a454d76b7e64
openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:e4875d4cd1ba26f409209793bcbe193bd3acb3e6dcb25a87e56b1a7186bc2bc6

x86_64

openshift4/metallb-rhel8@sha256:ad27c0b9b0204a8b9cb83b793833856f579b30d07ecf25b880fb47f05d05c485
openshift-tech-preview/metallb-rhel8@sha256:ad27c0b9b0204a8b9cb83b793833856f579b30d07ecf25b880fb47f05d05c485
openshift4/cloud-event-proxy-rhel8@sha256:fbd89aab3dc3462c1b100677fc5f383eb2970fb45716223d1c48b1409f0a1d45
openshift4/ose-cloud-event-proxy-rhel8@sha256:fbd89aab3dc3462c1b100677fc5f383eb2970fb45716223d1c48b1409f0a1d45
openshift4/ose-cloud-event-proxy@sha256:fbd89aab3dc3462c1b100677fc5f383eb2970fb45716223d1c48b1409f0a1d45
openshift4/frr-rhel8@sha256:d2691d12b3c543aad5a105053e42452d9529e2a7fb92f49522b92af1ced0c09a
openshift4/kubernetes-nmstate-rhel8-operator@sha256:774f8ce1f8ccf207db66a6bd26e1fbf416c8b614a0ace8483674d6698f7f0508
openshift4/metallb-rhel8-operator@sha256:c27f4f863bec1bb34469cbd49bed4dec1591fc6fed51cae2dfbadecf494d0bac
openshift4/ose-ansible-operator@sha256:33eb3e8677b3572ccf3c83a93026cc0d5f562224b2f78e04ad6f85593928c961
openshift4/ose-aws-efs-csi-driver-container-rhel8@sha256:a437eef2136e447df8b1d7faa094352c1e8eeef0651788883482dc0ea60ef105
openshift4/ose-aws-efs-csi-driver-rhel8-operator@sha256:82b2cdc2dafbef35f46c62cec2efdaa3ccb567f6655ef545bcc55d051cbc75d3
openshift4/ose-cluster-capacity@sha256:54de015aac0607951dd04ec830af82c46d5afde9d861bd1182f91c74f79247ac
openshift4/ose-cluster-kube-descheduler-operator@sha256:588297bb92af2580e32454d3efa288a1ac67dd48a6a49338cac1d779f9891f8a
openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:588297bb92af2580e32454d3efa288a1ac67dd48a6a49338cac1d779f9891f8a
openshift4/ose-cluster-nfd-operator@sha256:b84c2075a84ad8a7ea974045bfd7c88b1b4ed7c3a1db5364658f0e1537e97943
openshift4/ose-clusterresourceoverride-rhel8@sha256:60b51fc60f6827bf8ee97d1f01c6a43906fb52036e9007e917131b57cb726662
openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ac427fc5e250621eb40115e353509a680280ef3011b60d7c6c68a35c5678aa0d
openshift4/ose-contour-rhel8@sha256:917f2a4681d643923d2ee9e762b61a29f36fcd400d8e0ee07fede2daf962795a
openshift4/ose-csi-driver-shared-resource-mustgather-rhel8@sha256:56b7e31e04e0bdba2d007f4a25b16bda829460827b287332fa0e4b7915310cd8
openshift4/ose-descheduler@sha256:9cf126be357897601c24a34e91b90922e9326c240423f4662485de511d287387
openshift4/ose-egress-dns-proxy@sha256:ddf096be731d92321acf88391ff52d881835ac3766043eaadbe28820fbfcd12c
openshift4/ose-egress-http-proxy@sha256:1394690174b33ffc4f08e48038450bce3a3a933dfe209ea37d7e1e9f7153b441
openshift4/ose-egress-router@sha256:7581049fc6cadf418aaf74609a940b545887bca6099e244b4f04d069a9c27460
openshift4/ose-gcp-filestore-csi-driver-rhel8@sha256:10883a0c90db6a5b67b74fb5fc17adfb5b9a1d8c0220f6ee20aa5529a44ef7c7
openshift4/ose-gcp-filestore-csi-driver-rhel8-operator@sha256:e15e38405a0b9219dd3e960a57a51c04b2f2de396d94551ecec964db1f67d2c1
openshift4/ose-helm-operator@sha256:fc2cecd1c00cb9ce1f9d5ba27fe69f4e92a665766700b4dfb84cbb58250d740c
openshift4/ose-kubernetes-nmstate-handler-rhel8@sha256:36a3bda77a2951988a681947ccfbe10d39a7c001a57618ba9c9d7e7332a7bbde
openshift4/ose-local-storage-diskmaker@sha256:b9d73737d2b3374c0ff768d29b0411de7eb1af5ec8fd3220476692ef00b9c976
openshift4/ose-local-storage-mustgather-rhel8@sha256:55d6fff605fb983a0f649f660ce031d05ce0565d7841b001048169184e14d81d
openshift4/ose-local-storage-operator@sha256:31682a3390e45bd8b47cecc3390ad1f89f47889d50077289235c8d8c15dccc62
openshift4/ose-node-feature-discovery@sha256:52a522612b79a9152573057a6edbbaa0e2b349a2febf99deeb4d13b9eb4d77c6
openshift4/ose-operator-sdk-rhel8@sha256:53b93a8b2926f8cd28776ff6fc2816cfb3e382b5d3ec1abf776e58151e02bc6c
openshift4/ose-ptp@sha256:afcfc39a2827754cf08abb9a935853ed43649b52f68453072845140fb56f7cb2
openshift4/ose-ptp-operator@sha256:38831fb9c65ca035f4ae77d6562c341703ef33e65309320800f04004d27578b8
openshift4/ose-sriov-cni@sha256:63da240029ce33670b1a081196eb91abba4a14236d82b1be779e8b77da21b3a7
openshift4/ose-sriov-dp-admission-controller@sha256:9e42377a7ca9dfb85beb3d8e0027b5775fc1bcd0ad0854e3981aa718e28cbec9
openshift4/ose-sriov-infiniband-cni@sha256:e09a35c48bd4c35f402fa9aa2b5b7dd95c12a633dfdc780e1207fddc0ea67041
openshift4/ose-sriov-network-config-daemon@sha256:7e8a8d4416af66c2304a235b2a1159d626d2c45f8addad812a167498448c6f1b
openshift4/ose-sriov-network-device-plugin@sha256:0c4530f2081a6f9fb7b3870cdc61740a4d4ae21f3221f3c3cc5e346a5a8a0c77
openshift4/ose-sriov-network-operator@sha256:b24e87a444186bb3e838eda0d58d0e5a5be759f0abf5ffb4d6658e25796af77e
openshift4/ose-sriov-network-webhook@sha256:e8a76a992f16b9cce001b6535f307e89c63b79b9673213648cadf012c6796289
openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:44ff91e83a520f796e62e59e37d06a369e2592c859e7d3470a1f56c85b008c94
openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:ef52a54301053ce671f73cbf05661b11704b8a48057f23c22d9f415df2d2113f
openshift4/ptp-must-gather-rhel8@sha256:75a33df6116f1e20cf7f8ac8d414212c61d5b723a29818c275c026081f6625bf

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility