Issued:: 2025-01-28
Updated:: 2025-01-28

RHSA-2025:0753 - Security Advisory

Overview
Updated Images

Synopsis

Important: Red Hat Ansible Automation Platform Execution Environments Container Release Update

Type/Severity

Security Advisory: Important

Topic

An update is now available for Red Hat Ansible Automation Platform Execution Environments

Description

Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.

Security Fix(es):

ee-minimal-container: aiohttp vulnerable to request smuggling due to

incorrect parsing of chunk extensions (CVE-2024-52304)

ee-minimal-container: Jinja has a sandbox breakout through malicious

filenames (CVE-2024-56201)

ee-minimal-container: Jinja has a sandbox breakout through indirect

reference to format method (CVE-2024-56326)

Solution

Red Hat Ansible Automation Platform Execution Environments

Affected Products

Red Hat Ansible Automation Platform Text-Only Advisories for RHEL 8 x86_64

Fixes

BZ - 2327130 - CVE-2024-52304 aiohttp: aiohttp vulnerable to request smuggling due to incorrect parsing of chunk extensions
BZ - 2333854 - CVE-2024-56201 jinja2: Jinja has a sandbox breakout through malicious filenames
BZ - 2333856 - CVE-2024-56326 jinja2: Jinja has a sandbox breakout through indirect reference to format method

CVEs

References

https://access.redhat.com/security/updates/classification/#important

aarch64

ansible-automation-platform/ansible-builder-rhel8@sha256:9e237d9484aafa8663cc8df9b762e4f720a4bd4702035a9a2c7f52761be03c89

ansible-automation-platform/ansible-builder-rhel9@sha256:fc899a2b4bf476f60dd52a7b8e4ff4c60d48795b32bba14adae38205641537fb

ansible-automation-platform/ee-minimal-rhel8@sha256:d8aa73f286779b3b4c49f0ce745f973b09bce51d1338420587515b91deabd5a7

ansible-automation-platform/ee-minimal-rhel8@sha256:2e82c21518bcc5a825c0a84a97eb49745e752073097739f0425d45dbfd432eb1

ansible-automation-platform/ee-minimal-rhel8@sha256:c407acff07bde1e61e0990cac320609fb81f97d96b7d1f7780683129a117ccea

ansible-automation-platform/ee-minimal-rhel8@sha256:945c55597448f92bd7b46df53b3907f2835132b25d1d932edcd7c63f7b6e75d9

ansible-automation-platform/ee-minimal-rhel9@sha256:032b5590181bf1e67df6d12c0af3856a2fc0fd79091f93f80e7b63653a91297c

ppc64le

ansible-automation-platform/ansible-builder-rhel8@sha256:94633e88e68654792939437c4e88124607d0ce78cc29a9b3adc4f6741dd6ad40

ansible-automation-platform/ansible-builder-rhel9@sha256:48248cdd9d621c2bf0467671eab1913738447245473a0a2f528ff4f82a731f5e

ansible-automation-platform/ee-minimal-rhel8@sha256:75357202064ca5c4e815863557cf2140da33bd2a801f442fb399ed3093c5d313

ansible-automation-platform/ee-minimal-rhel8@sha256:a23c98abc33bb233ee267f92ae6b706b03b67e94bd95280395898400fd8ec85f

ansible-automation-platform/ee-minimal-rhel8@sha256:446ece6a25bcd6f2a4c2aba033938591c2617e643c4f3de33c8bdb7b8d0f514a

ansible-automation-platform/ee-minimal-rhel8@sha256:57ed3d64f3acf810747fe88627901aeead08bd3d892b12b7206c14fa024a1930

ansible-automation-platform/ee-minimal-rhel9@sha256:6e295d75c78943c21d120dd1d965b0a14f732a3ec9309c75471cf2bb92410922

s390x

ansible-automation-platform/ansible-builder-rhel8@sha256:f5487d83e07fbfede2d9724cea2fa1947aaf9207f2b80ed2091ea63677a1a37b

ansible-automation-platform/ansible-builder-rhel9@sha256:79806e62bfc3e9b60cd380d70b66ee1fa52f8066f0d21a981361f5ec45ecc036

ansible-automation-platform/ee-minimal-rhel8@sha256:aaa47e2dd1c71c0d36a4331fc0078a5067ef2cd93bda1902d3863a341e2e6074

ansible-automation-platform/ee-minimal-rhel8@sha256:f1e7001759d5f70cd598b59a4a5f2e0786e3dfdd63e1ff70cb382a73b5182dfd

ansible-automation-platform/ee-minimal-rhel8@sha256:ac62c6296c182e61c77f571728c094d35eb11e37bc2133a5984d04c8ffd2830d

ansible-automation-platform/ee-minimal-rhel8@sha256:5d32871a9c5fd57bf54cbadb5ffc882d9c158b40cbd8c3a596e7a0d668643167

ansible-automation-platform/ee-minimal-rhel9@sha256:4db03217fe090a2ad774fab7250a1eadd5a075d01ca731f75074339ec18b4c9c

x86_64

ansible-automation-platform/ansible-builder-rhel8@sha256:6482c85063d9a9b0c004ab820864b8ee4ad539411a4201d7986ec539a9ff4065

ansible-automation-platform/ansible-builder-rhel8@sha256:81429faee24a766d27e9e53e525307f004a0a1e3565c7b343894ebc00c97be6e

ansible-automation-platform/ansible-builder-rhel9@sha256:45b628279885139dd3223b25bf4af3eb2eb04b83781971061a6f1a3f4027bdfc

ansible-automation-platform/ee-29-rhel8@sha256:afc0732dabb2e714ad61602ccc323dfa94fc761527d2209dd35d8acf347e1cdd

ansible-automation-platform/ee-minimal-rhel8@sha256:66a83c19cee27a007f0a1c9e9a82d669ba3f97f0dcce2308a0ce32d3e1cd3a7f

ansible-automation-platform/ee-minimal-rhel8@sha256:0cec10d9a6e61ee12691ad1f441947b2019c29db163c2f3872851ebb6ef32cc2

ansible-automation-platform/ee-minimal-rhel8@sha256:ff3261d84f5062ad13fc080ee9b53991d4e64cec28c2810f78ae5d85fecb80db

ansible-automation-platform/ee-minimal-rhel8@sha256:0cf19f239c3ac9697d64e522ba35b0b509543179f2ba68c363281bcd3d6df8e2

ansible-automation-platform/ee-minimal-rhel8@sha256:1581e584e3ff8fa919eecdcd5c9517426a14061fe268c8ba6c277ac5e4cd6486

ansible-automation-platform/ee-minimal-rhel8@sha256:6f25526b662c522db6b886ce896a4fa1fc3f3cb27c8857a15c26b91a444257b9

ansible-automation-platform/ee-minimal-rhel8@sha256:c1d6fe4ed7afe9d13fa292615585f044e412a81311537ef6c7465f9d2e7e19c6

ansible-automation-platform/ee-minimal-rhel9@sha256:db6a3af8b9768035d9c2733d2a6a2f48ac67ce570e5533f446c6be73a7a6c296

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation