Red Hat Product Errata RHSA-2025:1101 - Security Advisory
Issued:
2025-02-05
Updated:
2025-02-05

RHSA-2025:1101 - Security Advisory

Synopsis

Important: Red Hat Ansible Automation Platform Execution Environments Container Release Update

Type/Severity

Security Advisory: Important

Topic

An update is now available for Red Hat Ansible Automation Platform Execution Environments

Description

Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.

Security Fix(es):

  • ee-minimal-container: aiohttp vulnerable to request smuggling due to

incorrect parsing of chunk extensions (CVE-2024-52304)

  • ee-minimal-container: Jinja has a sandbox breakout through malicious

filenames (CVE-2024-56201)

  • ee-minimal-container: Jinja has a sandbox breakout through indirect

reference to format method (CVE-2024-56326)

Solution

Red Hat Ansible Automation Platform Execution Environments

Affected Products

  • Red Hat Ansible Automation Platform Text-Only Advisories for RHEL 8 x86_64

Fixes

  • BZ - 2327130 - CVE-2024-52304 aiohttp: aiohttp vulnerable to request smuggling due to incorrect parsing of chunk extensions
  • BZ - 2333854 - CVE-2024-56201 jinja2: Jinja has a sandbox breakout through malicious filenames
  • BZ - 2333856 - CVE-2024-56326 jinja2: Jinja has a sandbox breakout through indirect reference to format method

aarch64

ansible-automation-platform/ansible-builder-rhel8@sha256:b6edec09ee6ecb323cee3d566bc0cd4473468386a8a1250228bdb8ddcd40f6d6
ansible-automation-platform/ansible-builder-rhel9@sha256:6651ed76bcfda90096fc9a8f7ce772f39794acf2d6afaac35eb2d068bb67fadc
ansible-automation-platform/ee-minimal-rhel8@sha256:07b126b7a7aeaa0ea2b5894989fb57345227624765fc418ee6804b8f3dc26bf7
ansible-automation-platform/ee-minimal-rhel8@sha256:ac8fe647c959b57963b9323b5276adb2229a7e1476a744fe54f9d3f316092354
ansible-automation-platform/ee-minimal-rhel8@sha256:0bdc55a1bfc7c9c51babf72f72a2e71bc9a909e025c00c327d8670528a7fb749
ansible-automation-platform/ee-minimal-rhel8@sha256:ae2d1ef5fd50ffa5706f2a3d4cb5c25d23ab78ff4a1592ddf2a6f1e916c0628b
ansible-automation-platform/ee-minimal-rhel9@sha256:e6a9aa4cd90c5b68eeabe55c6388c3a5d8fc7a3b707e4a2c83ba9f6a7955e07e
ansible-automation-platform/ee-minimal-rhel9@sha256:de457c4d8c170e5929be36a12c1c982cfc01b6fa227ccce58cbd20737ed00fc6
ansible-automation-platform/ee-minimal-rhel9@sha256:2fc218503ceb650581daf6a8dc74075fcae6e871ef993c989c35b2d7c70f9bc9
ansible-automation-platform/ee-minimal-rhel9@sha256:ba93db96512c73025565c52d8ba0e145f42bdb2e516d4138b4a5c1ab864d5fc5

ppc64le

ansible-automation-platform/ansible-builder-rhel8@sha256:a3fbd4b3ef2e38a4c6667165e8f4da0f5b1258d8e7829c074825d503ed9448b5
ansible-automation-platform/ansible-builder-rhel9@sha256:b968f15363317ca9903abf1f8b2b3fe0d09e239df8c36086d7b2b3db4b426903
ansible-automation-platform/ee-minimal-rhel8@sha256:5d8c6dc65d19cb2bd60824e194e51136e6f12060bc8d663ee0ccf5c2b6c06e82
ansible-automation-platform/ee-minimal-rhel8@sha256:3f5ab8458784204ae9513a9d006019c6aaadbc6b2acedb820a16d69bd8dfef57
ansible-automation-platform/ee-minimal-rhel8@sha256:869699086677a1e3ecf02169a29e19cfa7edb79fc508d0bdee675dcda4fb23db
ansible-automation-platform/ee-minimal-rhel8@sha256:906edbfd7f412de84a19b5e024dfc97f19ce502296ca2e18c82ccd65d576d08e
ansible-automation-platform/ee-minimal-rhel9@sha256:ca8b00e87d06f709665de9cec103e5f063075d975f52556ce7be03c4cd77a877
ansible-automation-platform/ee-minimal-rhel9@sha256:c2d36d60d07aa29f88248a36688a69174ab6bb2274b8e2e129f984ad5c6fa2bc
ansible-automation-platform/ee-minimal-rhel9@sha256:573755e9ad4649b064a5664cb35c92f0f329b5bfb37e48249e5760e3e2d405c9
ansible-automation-platform/ee-minimal-rhel9@sha256:cb4bc9d932e847793c42ee7e15694db704c5e614856cf229d66384e089fd1261

s390x

ansible-automation-platform/ansible-builder-rhel8@sha256:66b7cbf91db0428fbc412fda36816bc8ded2acfa5a2bb430da0bc2a33269f69b
ansible-automation-platform/ansible-builder-rhel9@sha256:9d3e3d98bec6bb7fe4bc2608d62cc6cbc7954dd758023475d39674f33b2d57ec
ansible-automation-platform/ee-minimal-rhel8@sha256:234e92da55feb451e6ba12864b7d4f498ef5754eb79da0516096b487e830d2d0
ansible-automation-platform/ee-minimal-rhel8@sha256:9e68c4aa8c1a1cf9ac289467f949055b4f8853aa1989f6955cb638b555b7c7c1
ansible-automation-platform/ee-minimal-rhel8@sha256:25d122c84894a69ebe9c1105e9276014e0e83db321883d390b5f58f9e7c1d223
ansible-automation-platform/ee-minimal-rhel8@sha256:b06b880e910f5a6648d5cb28af5c97b2181e6c0f32dc99d3740358dc01ad16a2
ansible-automation-platform/ee-minimal-rhel9@sha256:9c7b81503df8669dd55c7c8d479db2de2dc990841b4f4eb02f44175d5cff0453
ansible-automation-platform/ee-minimal-rhel9@sha256:3038110578728786daa1598d8034e4b1178eb9e3bab7bd5786c9767308a60b5b
ansible-automation-platform/ee-minimal-rhel9@sha256:7f378ae770a0b2005a77998721e7774eaef4bd706bf0eeffd615a392eeb8609f
ansible-automation-platform/ee-minimal-rhel9@sha256:880e8eaf9d869bf349481be0b62b9be51046bb0e62ed49a37f67bb96969fba6f

x86_64

ansible-automation-platform/ansible-builder-rhel8@sha256:f7cdc66d822e3705cd4e877bd67b5d870560d89dc18a8fb487ea05ecc6b47852
ansible-automation-platform/ansible-builder-rhel8@sha256:79eb2ec9754de91f42d33d3cbb073c8fc506c9a007c5d7e5b85261f75ab67da7
ansible-automation-platform/ansible-builder-rhel9@sha256:c87a4652a10658bfc976dc6133917e3c2631dda0bff405242da9369ac826efc2
ansible-automation-platform/ee-29-rhel8@sha256:ccac23c975c65f04ff5f8535988bd09a3309dcf4e70eaaa200e6ad5c1792bf81
ansible-automation-platform/ee-minimal-rhel8@sha256:8e6b8501c799cf5122a064e34437f2a34b1be743c16294bb8a2902d36f1a67f4
ansible-automation-platform/ee-minimal-rhel8@sha256:9188601682d277118612309666393838d8b6b1e12ca0d81344324ec416800f7d
ansible-automation-platform/ee-minimal-rhel8@sha256:213acda21cd0b7f0a93d1e553a9e06daea72f097150cd915d43c74b50e901177
ansible-automation-platform/ee-minimal-rhel8@sha256:4ce80fd9b8c37acb6b5f0c5f7e43ec9ff3ed1d284c8d523311b7b9d227470738
ansible-automation-platform/ee-minimal-rhel8@sha256:3cf21f8f1903b82793d7b652631fcfd07724fe2ef80a02e15ad8df9c68fa444f
ansible-automation-platform/ee-minimal-rhel8@sha256:0bad1243aa3173df68f5378aa852eb78d172e3a86f10a70b6220f06d2f3b83aa
ansible-automation-platform/ee-minimal-rhel8@sha256:3428aa14d66cbd537fa75ab7fef17e05bbf356ed7daaff98822e213a0a10c741
ansible-automation-platform/ee-minimal-rhel9@sha256:a2d818af0bdc5d3d2e8b626a6d730b248fe5d40db08c199c8299a6139a37eafc
ansible-automation-platform/ee-minimal-rhel9@sha256:2f5032f15a5ba4a1fbac49d310eaaf4a4b7fef2c1c6c43bb70fe7c47dcbf7fec
ansible-automation-platform/ee-minimal-rhel9@sha256:e930b8e316c0764f37dc4525629667b9cc310ae957431dccc0c42bf12f192b39
ansible-automation-platform/ee-minimal-rhel9@sha256:44d4fde69b966bbeea84e34763fca9e7700c5c403c39298fc4154af8e0ee9c08

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.