Red Hat Product Errata RHSA-2024:6708 - Security Advisory
Issued:
2024-09-16
Updated:
2024-09-16

RHSA-2024:6708 - Security Advisory

Synopsis

Moderate: ACS 4.5 enhancement and security update

Type/Severity

Security Advisory: Moderate

Topic

Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes security and bug fixes.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

Description

This release of RHACS 4.5.2 includes the security fix for the following CVE:

  • containers/image: digest type does not guarantee valid type (CVE-2024-3727)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

This release of RHACS fixes the following bugs:

  • Fixed an issue where Sensor was unable to identify OpenShift Container Platform internal registry secrets due to a change in the pull secret annotation.
  • Fixed an issue where policies incorrectly displayed an enforced value of Yes in the Configuration Management -> Application & Infrastructure -> Deployments page due to inconsistent status handling, while showing No in the Violations page.
  • Fixed an issue where vulnerability data differed between the Vulnerability Management Workload CVE pages and the deprecated Vulnerability Management dashboard due to inconsistencies in vulnerability reporting.

Solution

If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.2.

Affected Products

  • Red Hat Advanced Cluster Security for Kubernetes 4 x86_64
  • Red Hat Advanced Cluster Security for Kubernetes for IBM Z and LinuxONE 4 s390x
  • Red Hat Advanced Cluster Security for Kubernetes for IBM Power, little endian 4 ppc64le

Fixes

  • BZ - 2274767 - CVE-2024-3727 containers/image: digest type does not guarantee valid type
  • ROX-26147 - Release RHACS 4.5.2

ppc64le

advanced-cluster-security/rhacs-central-db-rhel8@sha256:6cbd8743614c64e220dd7a843f8878728b4290fa584b2658a0e4fc8051c9de92
advanced-cluster-security/rhacs-collector-rhel8@sha256:df1d4062894fb0c6d214bc2105536fa88f4993f588d56d5f2f5ee84d244a5d76
advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:dac6f3e8dcd7f1636aa2c37ba2f0c7d5c0712ff4de910642d8d999004ff9dba2
advanced-cluster-security/rhacs-main-rhel8@sha256:15ca3da209e504a468f849fff947f960c3917fe015d3ddac8fd3a8aba97e165b
advanced-cluster-security/rhacs-operator-bundle@sha256:875526b23d3ee2e688c39a54b91fbacbe326a41f5a85dcbd2a54f4af53d6df10
advanced-cluster-security/rhacs-rhel8-operator@sha256:4076b87f4c31e8b428de55d0a5c3a0a6ac2b03d0eea932c59470faf582de9cba
advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9b026710fd2c63a42152f1573c28ef0ad1ac0a1fb5997208282776533fb90d90
advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2fb9e6a40df913f9492ef77aa7c2515e6250f3eba93cb4580da426b63777c1ee
advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:10da3d4a97030f91e441968487d940b088780b7d5b00941ef870581e45766379
advanced-cluster-security/rhacs-scanner-rhel8@sha256:fca9aa5d035bd122f2c1e8c4f3d6ef408717276d747232fd15d3bd7a0072d278
advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8c10b0a8e26634145879397f6ad4125754e82b2b2d4bd7b9989e49971b56ae91
advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6e20cc66a31f43356b13c0a4e0f191404a6a51b832266f1b570ee0335d9e0891
advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0af4ae93ac63e019e0e103d7287bf0b47d52f8e87c14bc04cf8f2c1536e432fa

s390x

advanced-cluster-security/rhacs-central-db-rhel8@sha256:f9a33d112599f87304c4304b0aea4ec1f0f368b2e743ab3a9e57f1166c9bbe78
advanced-cluster-security/rhacs-collector-rhel8@sha256:887f3395f8fcfcb1e2591202e6b79ad4fd82e018b8a2184ff81648f7da6b7db4
advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:3494c6f3a30aca0ec658cd7a3087f9b88a75576df5f397d9000a8af6d96c5e15
advanced-cluster-security/rhacs-main-rhel8@sha256:569bb1c8c3a7fde8703f382b0fa92bc9c708a57a4b6d7ace4c0e8241d1412528
advanced-cluster-security/rhacs-operator-bundle@sha256:2c62583bcb17ad8ba22b6547b155f880ce51780782f7a4b3ea8c7e8ac8c2bd33
advanced-cluster-security/rhacs-rhel8-operator@sha256:654b47b6c321a556e41038ebc6a8f5d5ef1aca1ed03e725ae7f0ed41c5fd5ff1
advanced-cluster-security/rhacs-roxctl-rhel8@sha256:52f1711e6c6ca2d7d9d15b4c4d52846ba98813e2d1aaf1be6ad9d9a4650287c8
advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f66ad22a272f69804c3508da4595fe3da7435071990cd396376337532376b09
advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8349705a4ea40ee5c6adb9f003356ade960dbb424115f8791266e596ba8edf5f
advanced-cluster-security/rhacs-scanner-rhel8@sha256:7f8a21b252c7cc6183e704f886d0d6f94dc01cce42afc4ca3cf05b82ab0a2bcd
advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:306075cfcae382ebefb7ca5635ca2553e2f14be3ff006221b686f460721248de
advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9ec338c275b054dc0f7016ead08796f0a086ae8cfb0fcc3b1b4f7d694d525e4c
advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:541930f4a4dd2c8c93124654b9a9f593ae162e5a87c40e8a7355c3c61049e112

x86_64

advanced-cluster-security/rhacs-central-db-rhel8@sha256:9e8d59f866e1c9c144174fd1fe07efd9b82e0e56402a39b105ab70af14efb759
advanced-cluster-security/rhacs-collector-rhel8@sha256:b9f7c336b2a632436dd30230d2e2dfc7f6a4849e17c6af727146c58dcccc6cbe
advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:7b339b4a10b2ec50b5d144bcb2ab76cee1b9b7ec89918a79ce983d142e138352
advanced-cluster-security/rhacs-main-rhel8@sha256:031ca557b16c627a4b0b529bb093d8c4a05c26734338be946b7517b1627ba332
advanced-cluster-security/rhacs-operator-bundle@sha256:d8021e8768281376c5b64be666fef3e2a398928d35e2e4a9b64f22ab3ac6b168
advanced-cluster-security/rhacs-rhel8-operator@sha256:2c4cfb85e07d6cc7359ab459a3457ea0e682c7b78c716e50e4a180b8a8c7664a
advanced-cluster-security/rhacs-roxctl-rhel8@sha256:9723e7068f959783d42ec6e9b2019eefc0c48e4d8b9b55a3a41f1e41fd656bd9
advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:65fc76b887fe1ba9be7bdf37c14e256641078d64e76811534edf8a724537a1e7
advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d6530fce84c8d1f9ee34de95c68a2b3309e033238fdfa162b609c8aca9241eaa
advanced-cluster-security/rhacs-scanner-rhel8@sha256:df1eef01f4d53c84b0998331715fbc2da0abac8c42a1de2949f253b33cbbaf09
advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e2ee3610fe0ff075f0010b2a3928784d9998f89db72ffdc469e62092bb647cef
advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:10596875482a446634b5242a8be89c9b118411ff325a04674c20f11790a85e27
advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:669ffd895205df8b4bb9372f9d6770b7bf65b463e693ca92cc30e9cae33de330

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.