Red Hat Product Errata RHSA-2025:1225 - Security Advisory
Issued:
2025-02-12
Updated:
2025-02-12

RHSA-2025:1225 - Security Advisory

Synopsis

Important: Logging for Red Hat OpenShift - 5.8.17

Type/Severity

Security Advisory: Important

Topic

Logging for Red Hat OpenShift - 5.8.17

Description

Logging for Red Hat OpenShift - 5.8.17
cluster-logging-operator-container: Info Leak via Uninitialized Stack Contents [openshift-logging-5.8](CVE-2024-12085)

Solution

For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:

https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html

For Red Hat OpenShift Logging 5.8, see the following instructions to apply this update:

https://docs.openshift.com/container-platform/4.13/logging/cluster-logging-upgrading.html

Affected Products

  • Logging Subsystem for Red Hat OpenShift for ARM 64 5 for RHEL 9 aarch64
  • Logging Subsystem for Red Hat OpenShift 5 for RHEL 9 x86_64
  • Logging Subsystem for Red Hat OpenShift for IBM Power, little endian 5 for RHEL 9 ppc64le
  • Logging Subsystem for Red Hat OpenShift for IBM Z and LinuxONE 5 for RHEL 9 s390x

Fixes

  • LOG-6582 - [release-5.8] Emit stream labels following OTel Semantic Conventions as a forward compatibility measure
  • LOG-6636 - [release-5.8] Update to Loki 3.3.2

aarch64

openshift-logging/cluster-logging-rhel9-operator@sha256:25fcfaaedabdc08e0f83b762e7a64ce7ffe692bdf7fa59e3a715e39aeb28a5e1
openshift-logging/elasticsearch-proxy-rhel9@sha256:42682ace8e6d6040c103d761c9a5a640c99634104ff64d943e179fe9036759d4
openshift-logging/elasticsearch-rhel9-operator@sha256:6a2d8319ebe08d91c62599f6143474b622d040f05f2dba690dcd3ed997a0307f
openshift-logging/elasticsearch6-rhel9@sha256:111c2ce3a570549c3372c57dc550f314af9031d84fce668c1382406905d49725
openshift-logging/eventrouter-rhel9@sha256:35eaf2f960a2da7a255a75819bedf7eb297a12a0558c50a86112038d0dd3c9ce
openshift-logging/fluentd-rhel9@sha256:d0bdeb144c17bb5951c21b4a1f824a707fe25e94dfd778f092c6f49e947a6182
openshift-logging/log-file-metric-exporter-rhel9@sha256:54c6e34ce88a61786ef0167392b0a4be4dd43b78e31166856a328a5c4ad26deb
openshift-logging/logging-curator5-rhel9@sha256:384342c4427b11bf069468a58cb5c44b4f8f3c3d1e2f11cd936466ffd91da7c3
openshift-logging/logging-loki-rhel9@sha256:dca14a2676a1437cfb888d1ba2327240efe0fdcca0935c9b1d729e1b82a67cd2
openshift-logging/logging-view-plugin-rhel9@sha256:12a3334eed8312e8817b8017a9dc9d0b1a1991cc4c5d84d7084103f3571320b6
openshift-logging/loki-rhel9-operator@sha256:849d61bfc9d20476a1bcb46b8403a9348767a268f606d56a134804423c3939da
openshift-logging/lokistack-gateway-rhel9@sha256:f63c2485908b5f3c218afd9750353212ee8841a8d03408758a084189e6bc5d9e
openshift-logging/opa-openshift-rhel9@sha256:598bd63a1d8aee552364f5d29861afa20b996716d789d07a77615b4ce0993599
openshift-logging/vector-rhel9@sha256:ecaea646ed648d89b00208cad413f429f7c73c6b7b7ff0187a3e2c7fc9943196

ppc64le

openshift-logging/cluster-logging-rhel9-operator@sha256:7b595b59306d97ae7a31981f1501b09b192a45b9a238e62891c4afd86f6b8e0a
openshift-logging/elasticsearch-proxy-rhel9@sha256:43cccce76d269a7a7e920fce95db08ec9e469f06f88dcdb893c6c6c60eb37c4d
openshift-logging/elasticsearch-rhel9-operator@sha256:b21809755628012e88a65904534ef1f129e09823d2520dbc2ff4c3a2ad117d63
openshift-logging/elasticsearch6-rhel9@sha256:892f382eddcbefc09c3d255c6c7300b2f6a7273927c23ea96e9cfbdba73d6d82
openshift-logging/eventrouter-rhel9@sha256:4128ee491db22e4088eb5fa43a7d2600ebb2fe6c2695cb8b881539df5c70a931
openshift-logging/fluentd-rhel9@sha256:87e4ad39e6d4eee645caaaa8266c5fc97c4e8308e248536842b05c589eb31ba3
openshift-logging/log-file-metric-exporter-rhel9@sha256:815128bf82747aa9c7fa3d327170f1cac1dd82034999943d799a81aa2feec354
openshift-logging/logging-curator5-rhel9@sha256:f97052978fe6266afc275d4bf75cfda1470b5ab00d75e3d96096abefe0d6c702
openshift-logging/logging-loki-rhel9@sha256:d1d14e142b90d0d8115ec429d597f6f87baac4dc6a1052c8106ed4c42d9d8078
openshift-logging/logging-view-plugin-rhel9@sha256:15fd81f86769e30b42c0f5a02b8fff955fd60e313cc1453eb70802785819bad5
openshift-logging/loki-rhel9-operator@sha256:f293330426be728cb1592cb8bff63a6265d3a6cac561629672dd200a34f6dde2
openshift-logging/lokistack-gateway-rhel9@sha256:7b66c179a26cf273646976d0c75fcfc46cc90a67195c464c246d124fe74d374d
openshift-logging/opa-openshift-rhel9@sha256:9ce6eee2e6c69a47ab18a5e053d006355617b97fa6802487ac1e4ac1c7461f0b
openshift-logging/vector-rhel9@sha256:d6635aa3bab153729e5d41bdc077f0596cae86dcbe50735148956ad82ccd8c36

s390x

openshift-logging/cluster-logging-rhel9-operator@sha256:aa5f41aeffd761f2d2706894585ae13d7be07c60784f86b2c56528ad28598ba8
openshift-logging/elasticsearch-proxy-rhel9@sha256:78a5bdc079ca1f79780c94df811991236d5bdb011a549b246dd2f89bda19b3d1
openshift-logging/elasticsearch-rhel9-operator@sha256:7a0e07cf9678be95c87a4c726eaad28bff720029b9dee0402831c59c6ea4efb1
openshift-logging/elasticsearch6-rhel9@sha256:7ef9fb3e1337c5e143d2ff6a20373c6ff94aa4e9cc625748ce38aa274e736be6
openshift-logging/eventrouter-rhel9@sha256:0ac67161ce4919637cba2694b56ca5d00089b309678a1047e22c05ef9a8cc8b4
openshift-logging/fluentd-rhel9@sha256:6253646d49884891a42e88f426b6d6248fc80ef81787b86d67980b086e54f602
openshift-logging/log-file-metric-exporter-rhel9@sha256:8ee06578837f01afdc61011edb9feba46120271aead9c30856f871aca1281c90
openshift-logging/logging-curator5-rhel9@sha256:99408ac71b6f8c26a9ac4e3ee6c59521365635f549699df4ef57252785b65f7b
openshift-logging/logging-loki-rhel9@sha256:bc27b854825355b5cee7b0900550987fbc637a2a224e060af755e7fe6fd693ad
openshift-logging/logging-view-plugin-rhel9@sha256:9a4c096dfb7d88c02e253ecb861778463ca39191e8b2f8c5afcd67a222a82c38
openshift-logging/loki-rhel9-operator@sha256:ee5bdfc4361523113b772866a7021f5ae9082b3e9ff82b28880b84a255e60bb5
openshift-logging/lokistack-gateway-rhel9@sha256:c28873050301fd17c336fafd65401c894a7d9f25698f7874b659f9a72c298057
openshift-logging/opa-openshift-rhel9@sha256:dcff97dd2656b7e82c1b23f84b6bf16685346e8f7600d32e70696ce4cf9b8975
openshift-logging/vector-rhel9@sha256:2bc46a3bc604803d23134592cd9b64bc5a4421e8ae88453a5b4b65dea0648d55

x86_64

openshift-logging/cluster-logging-operator-bundle@sha256:3cf2582ff1b25552465dff4fe83664c766a5396d8bd966460abaae522dc7c8f5
openshift-logging/cluster-logging-rhel9-operator@sha256:ee89aff1fa83b5998104c1ba150a1d806c1999c54e43fd0958d60fcea6d24250
openshift-logging/elasticsearch-operator-bundle@sha256:aa6a0de64014a53fd80ae8abd42f537222360ac7084b69781f0555a0ed6902ae
openshift-logging/elasticsearch-proxy-rhel9@sha256:0de9a339c1ec7615154dcd15c9178b1ff5e060dd40af3785cc3ad401faf9afea
openshift-logging/elasticsearch-rhel9-operator@sha256:7877325bfec88f9e039c357f7d7640d835f79cdd20bacfc68ceb58e12463b31d
openshift-logging/elasticsearch6-rhel9@sha256:87c88987883ede216c3fabdf580a8bd2b66c22e782d6197f730b56745cfee106
openshift-logging/eventrouter-rhel9@sha256:cb93b7187ecfb64a521939c704613d5db05bb4609582a649e0ee000df1b8bf36
openshift-logging/fluentd-rhel9@sha256:6179df84a1afd1e5c4fd0e82a8c3c1bd7083178e9dc431fe5f00a9a874a43f35
openshift-logging/log-file-metric-exporter-rhel9@sha256:9abb4b4cc8e8fc95da8e1d1a6935cd4dc4c69512627844d4944bcb4703e3bb2c
openshift-logging/logging-curator5-rhel9@sha256:48a95cc97eed045cb6661d4010949ffa1635c903c678292f8c8142adb55a91ae
openshift-logging/logging-loki-rhel9@sha256:0f4a99dfbc5c76ec5a041bb9a538a9ab24917435b8fb3a09ed5da5ebb33c201c
openshift-logging/logging-view-plugin-rhel9@sha256:f74a09015793e2f45d3508095cc6f41bb9e97ee86e355e94c96d849532c37736
openshift-logging/loki-operator-bundle@sha256:94f84fe5613b2f89f57aa2e3fa55c1f49c78fe0d1625e9a6b34847f7d22544bc
openshift-logging/loki-rhel9-operator@sha256:6909eced342c00fda9feee35179480ae52a30588e5b7ecf9b440825be0653321
openshift-logging/lokistack-gateway-rhel9@sha256:60465e529d1416ef0dd0bfe79204a32a3a8074009bbe6b0940da70ecf3bee8ad
openshift-logging/opa-openshift-rhel9@sha256:3580c4ac1e98779f8d47268b09befbf02c05f9d8a1afa4c6a9a7ea055cd4b83d
openshift-logging/vector-rhel9@sha256:7dd223063442cc5c9244678da6288c25fd0dac3a786288c34def7a029e15e012

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.