红帽产品勘误 RHSA-2024:6054 - Security Advisory
发布:
2024-08-29
已更新:
2024-08-29

RHSA-2024:6054 - Security Advisory

概述

Important: ACS 4.4 enhancement and security update

类型/严重性

Security Advisory: Important

标题

Updated images are now available for Red Hat Advanced Cluster Security
(RHACS). The updated image includes security and bug fixes.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

描述

This release of RHACS 4.4.5 includes security fixes for CVE-2024-37298,
CVE-2024-3727 and CVE-2024-6104. If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.5.

Security issues fixed:

  • gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization (CVE-2024-37298)
  • containers/image: digest type does not guarantee valid type (CVE-2024-3727)
  • go-retryablehttp: url might write sensitive information to log file (CVE-2024-6104)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

If you are using an earlier version of
RHACS 4.4, you are advised to upgrade to this patch release 4.4.5.

受影响的产品

  • Red Hat Advanced Cluster Security for Kubernetes 4 x86_64
  • Red Hat Advanced Cluster Security for Kubernetes for IBM Z and LinuxONE 4 s390x
  • Red Hat Advanced Cluster Security for Kubernetes for IBM Power, little endian 4 ppc64le

修复

  • BZ - 2274767 - CVE-2024-3727 containers/image: digest type does not guarantee valid type
  • BZ - 2294000 - CVE-2024-6104 go-retryablehttp: url might write sensitive information to log file
  • BZ - 2295010 - CVE-2024-37298 gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization
  • ROX-25956 - Release RHACS 4.4.5

ppc64le

advanced-cluster-security/rhacs-central-db-rhel8@sha256:daa7ddb8a3dc233385926119ca78ffc342d2e6c588960d1814e1639af956b0f3
advanced-cluster-security/rhacs-collector-rhel8@sha256:78298521c612192e0177d6cc044a865e97230e962f434d811962064f2db1d5ac
advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:304406009c9800285cfcc74861de6b3cc230d09438f37426e39d911a69368e34
advanced-cluster-security/rhacs-main-rhel8@sha256:9a11dad9b17cc9c4f13ab85d920ac3b0796221457ca4894fc6578f92b022880e
advanced-cluster-security/rhacs-operator-bundle@sha256:37070fe46f9168b80d72070443fcdc344db8141d599926f65bf5c2b96bcd89a7
advanced-cluster-security/rhacs-rhel8-operator@sha256:e83e6c58071dd1fbba15944e2d25ecac07dd623d58e2b31cc72a0555aa69e584
advanced-cluster-security/rhacs-roxctl-rhel8@sha256:8dd008c09f18916952ef7eafe1382cc151139762aff6cffd86b688e132a0e5f3
advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:78012a83f84238eb3d492faf5abee4a9d87ddc0c84f1618b8785f82e5f766211
advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e0617ff16dc01afccf934a956c4dd3c7fab847d92e520b0d9358bd7bc3fa1582
advanced-cluster-security/rhacs-scanner-rhel8@sha256:16deab5ea78fbe3d6f4684ef8b4d071dd2408ba46da9f6fc79a9c0af1da16165
advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3d6a461c5fe55fd478dc08f5a95c8cd813c5dc56ddbbc40c033697a1b628ca67
advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6f78b7cbdee3e6c08c6ebcdf67dc2c49dd93bba1fa0bcbc42154bbd6bd6b60f3
advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:57c71609e72f30089a8f43c1f9b6bab44dc67c28ece0db52460d9f527abac19a

s390x

advanced-cluster-security/rhacs-central-db-rhel8@sha256:072eeeb7f1dd12e6f0275948d3b38b52f667e45d1304e6fd2dd28c816571d824
advanced-cluster-security/rhacs-collector-rhel8@sha256:8901cfa7be1f709f0bf209c396ad32e2c13c3d112bd05a8d4784535e405e95a4
advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a13aab1f8c4294f490284b5f0c73fc77b1ee08b65a3d1cae23aacb5db1687926
advanced-cluster-security/rhacs-main-rhel8@sha256:3bdf2ba4bbf3a2373a882cdb85a790b9df2ba359010c8467c4e4e2874996ff4d
advanced-cluster-security/rhacs-operator-bundle@sha256:e9cc56d2c29af677277791fdfae7796cc5f43e92772bde4adf1f168ef4aaec80
advanced-cluster-security/rhacs-rhel8-operator@sha256:0b590586a0bfc3d6399505dfb5ca1367c232d0b13245fd3ab9b0e5ac24a0b5a2
advanced-cluster-security/rhacs-roxctl-rhel8@sha256:da206789e59d581483ffbe8e1c63519019f504c792b5ad2d5e9299d12785c675
advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a19cb92c646d2dc709c18e3da494def64786102ef5a038c766c28a5556d1b154
advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:57b3670126a5a55b51fdc13ffd1deaceb13e508ff474bac3d7495ea614bf64ad
advanced-cluster-security/rhacs-scanner-rhel8@sha256:54c43eb7e2952e6fe64071077a4a22965af01a2e0d4da7ee9249d3c7e31df5a4
advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e93ec7ad08b50b54b61ccd9c69205f7b04692cb3a5c452782b92dce42f9ae4e3
advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:38ad20bdebc1776686b4bd308c4f4da9b978dac5f679ac594fd88d36dfb019d1
advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dfccbd75027774554b10786ec939458a92c725cdf8226eda1660b6ff137d8e51

x86_64

advanced-cluster-security/rhacs-central-db-rhel8@sha256:d6b9f90cada9f236011bb349e850e80e3fef55f56f434c12c00122b73e42db6f
advanced-cluster-security/rhacs-collector-rhel8@sha256:1f03a7f23c4ffb6adb440d475075a8b11211ddd8acda772d02a904547cb5148c
advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:10e904f11041dd4947254df586f74f03a66d16818c4f073b8cc8d2336175f6a4
advanced-cluster-security/rhacs-main-rhel8@sha256:3877057e49d5da93372d239055b6506b23ef430da60d0eca371c4c5a619b1ae6
advanced-cluster-security/rhacs-operator-bundle@sha256:176837c3041894c294b64da0181b8ad3bc53b3538d5ba70868979c57c7ec1644
advanced-cluster-security/rhacs-rhel8-operator@sha256:0e6a36cbd8ab3d06bc71cf60091aa83a3efd83e7784221aaddaf8b1a0accd018
advanced-cluster-security/rhacs-roxctl-rhel8@sha256:32364fedba6ad4660e117eae90433b2ab8f6a16afb51ebfe718c356a531d71bd
advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:317838698e27cb366ca736975f0cb0bf927533b5526caabe5a9e443d28a70487
advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1f624ee17785e5f2221e917459f31c81ef23421bf9374cedf9020f139e67854a
advanced-cluster-security/rhacs-scanner-rhel8@sha256:d09e9eeec5cdcbc7db49814caf033868cbc91273459debfcac94f58151573762
advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3894202682fafa2a5bcc7fccd267396f6fa2c4f068f31c2cf99579a1308cde5e
advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:37f65ec7e152446ef02de2934532db772f534647e91d3909197aeaffe808693e
advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f9909a0d6d6063f36dd7dd62ed3e5ba5dab6f1f754e627e2dc0726bb124bc1f8

Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/