Red Hat Product Errata RHSA-2025:3500 - Security Advisory
Issued:
2025-04-01
Updated:
2025-04-01

RHSA-2025:3500 - Security Advisory

Synopsis

Important: RHODF-4.17-RHEL-9 security update

Type/Severity

Security Advisory: Important

Topic

Updated images are now available for RHODF-4.17-RHEL-9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift DataFoundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3 compatible API.

Security Fix(es):

  • golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat OpenShift Data Foundation 4 for RHEL 9 x86_64
  • Red Hat OpenShift Data Foundation for IBM Power, little endian 4 for RHEL 9 ppc64le
  • Red Hat OpenShift Data Foundation for IBM Z and LinuxONE 4 for RHEL 9 s390x
  • Red Hat OpenShift Data Foundation for RHEL 9 ARM 4 aarch64

Fixes

  • BZ - 2333122 - CVE-2024-45338 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html
  • DFBUGS-1670 - [Critical] Upgrade ceph version to RHCEPH-7.1z3 at ODF-4.17.6
  • DFBUGS-981 - [2311546] [release-4.17] Object bucket claim creation triggers an admission webhook warning
  • DFBUGS-910 - dataloss due to the concurrent RPC calls (occurrence is very low)
  • DFBUGS-319 - [2321510] [RDR][4.17 clone] Relocate of ceph fs is stuck in WaitForReadiness

aarch64

odf4/cephcsi-rhel9-operator@sha256:59bf592b53efafdc5dbedf6b28ff037cfa4de042afd6b9e9271e6117b539f4a2
odf4/mcg-core-rhel9@sha256:e1afc357b3ca4c8ada9d42a2886097c64a5d4e498d4cc913762de8653608f0e0
odf4/mcg-rhel9-operator@sha256:a9fb83224900a2f71d8968ff1304448fc35008c4d1ba480e142f61fad9eafb17
odf4/ocs-client-rhel9-operator@sha256:98b3861c54df97fa1a9df15f717c5b6608d41d6b2151ba80d57aabc245f1955a
odf4/ocs-rhel9-operator@sha256:280214cb617f217e35da35b62a5ac94f2e3602bc6f91206699fd0211812b8fa8
odf4/odf-cli-rhel9@sha256:4778eb4267c9bc0de3b16460eca81fda4f14e258ff9e549040b00e4e89905a0a
odf4/odf-csi-addons-rhel9-operator@sha256:4b45c8e60604449f6c74150baacb3d11e50b3a10e1e7e5a2ae5568b94e8eddfe
odf4/odf-csi-addons-sidecar-rhel9@sha256:1cad36a0edfa987179c44783a3354efd2f8ef7ed933119de2b16838679f84e94
odf4/odf-multicluster-rhel9-operator@sha256:3c1f1037fa46c3a0846dfeefcbdbf5b468d7d3de4330e3e3afc0564ebf61de82
odf4/odf-must-gather-rhel9@sha256:7d30ac852d491738439e09b3480ea18f093abf9c3a2e4dc9e2f3adb64f308be7
odf4/odf-rhel9-operator@sha256:4ee94cf5ee9d4e7ac73ea85fda01f07b165ab0ce6b46468f47b7d824487f5071
odf4/odr-rhel9-operator@sha256:58556e90e62d85b211d8410cfe94497073e405cfd5269979e73749ceafccda67

ppc64le

odf4/cephcsi-operator-bundle@sha256:576f28c9638f00f39d664301d96462601d5d17a1e288d4b606c8d662bc440753
odf4/cephcsi-rhel9@sha256:ad7b98f476a6fd8d89fcada9f368170aff1d211632af78be7daa63400435a913
odf4/cephcsi-rhel9-operator@sha256:b3229b38502b13863e43c46ededec4fd651a3530ff645afe2588176f0d1348f7
odf4/mcg-core-rhel9@sha256:6709b4595c2ca391378a8eff9d2b8d86475cf886c27d0ad12c5aa448203dd49f
odf4/mcg-operator-bundle@sha256:ec4b600c35f4d299733f0fea636424f34c7a4538ade6d38f9fb53be048a9d261
odf4/mcg-rhel9-operator@sha256:b66b767663b821dbff9cb43a4099482556b8d5cbc66d5c2959697c9b3caf0034
odf4/ocs-client-console-rhel9@sha256:846b4f6065937b93beba0900488f9692ad87bc8bc3419514d8565bb25760ff9e
odf4/ocs-client-operator-bundle@sha256:4b27ec9797836d789c1cf94a7e88b50b61604611b08eeb6bb0d8e6981463aaa6
odf4/ocs-client-rhel9-operator@sha256:83ff074d8c07017826fd332423ddd4d7893ddb64b0db6fc3e5994af11ec362d2
odf4/ocs-metrics-exporter-rhel9@sha256:bae59c8cababf340258b8b675d920de77fd7d5787b4b91277f653254cbee9861
odf4/ocs-operator-bundle@sha256:737b733433b50195a2b488325242311f300713ed785b4c152332a97af54b0966
odf4/ocs-rhel9-operator@sha256:425e79644175eb15f83982417dbc53b13883a217022d4a9a04ca17cff5cc6f73
odf4/odf-cli-rhel9@sha256:050e0f2d20690c2a10f61c367652289395bf44b8de0bf9b304fb538e8ddd5ba8
odf4/odf-console-rhel9@sha256:a7b7c1091d641ceae8f03233ec51b2d4ea149792ff7850bc5a0bed6280b3d3de
odf4/odf-cosi-sidecar-rhel9@sha256:c70eb5b401fb8cf7cbbbb41f183027be6ca97a806481067103557a5fcad1de14
odf4/odf-csi-addons-operator-bundle@sha256:16d9ce4c9806f06bae0b55c712d95d690a18ca9ae861b73e3690cac600967e98
odf4/odf-csi-addons-rhel9-operator@sha256:e9bea6672693d064ef865d4eaaacfcd5a8ef792ba2f3f36ae358995dcce281e5
odf4/odf-csi-addons-sidecar-rhel9@sha256:eb2797c3d0366304caaf99bbf37122f225ff589e69713a766409800eb735da4a
odf4/odf-multicluster-console-rhel9@sha256:52369ab175c6776a642224675eb4f21fcadc233528aadf324e713d76526dc0e0
odf4/odf-multicluster-operator-bundle@sha256:35a72ddb58c1cc102bc0fb93d11882e83aa391a3987029f3b07f0c89e6f6c016
odf4/odf-multicluster-rhel9-operator@sha256:1ee982829bd22343ed58067526297979c1aefc1bb3e6d8a33d573241f754f68a
odf4/odf-must-gather-rhel9@sha256:68f31b7965a66577d4484e58958a00c4f6f69c73c29ad1807d714eafc1c17a07
odf4/odf-operator-bundle@sha256:8e7e16acc43e32a656750ce1e91cb9d1cbee827573bda726a31200d70fff3d5a
odf4/odf-prometheus-operator-bundle@sha256:b242be5f5d66e30089d038f5c236b5b1f8ae15925db9b108abd5d4651f5e981f
odf4/odf-rhel9-operator@sha256:dfa4317f423206b5ba89d1f8d1e108b4163b818414cd4af47b3e689ae5c8e87c
odf4/odr-cluster-operator-bundle@sha256:1b9b58c6bf71a39c75901b09ffb9a31c21456b2dd310f2dd35c3ed0041e96384
odf4/odr-hub-operator-bundle@sha256:7f9c1fa47739a7f397ba8d8524e023f8a66ab446c8b4f160726ebc7c6b589c16
odf4/odr-recipe-operator-bundle@sha256:0c7e13348770572d3737eb8045933a8ce358966c1598e0a41b50631b6332a6f7
odf4/odr-rhel9-operator@sha256:de563b32b7c20314a99e44a85e036884ad579b71f66e4beca89988fffe7f4ab6
odf4/rook-ceph-operator-bundle@sha256:e12ab810e2383f952b5317f0bfe16baa8736e9b1c6c26573352550c934b8e1f6
odf4/rook-ceph-rhel9-operator@sha256:aafa9bbd59727e6593c6522e1b6a53d35ff44bd80f4837ab22a3f40904249f7b

s390x

odf4/cephcsi-operator-bundle@sha256:b3b09619c0ffdd27075c0127e0e17e0f358a67ea8820e27925747da71c1c30e5
odf4/cephcsi-rhel9@sha256:693657a7827d74ae8c0d270b269dede3c5f91e4b6b7521b6ec4e26b841ecda25
odf4/cephcsi-rhel9-operator@sha256:266591c571adb2c8ef62b3e47988533d635ad9aa642781455524410f7c7221ea
odf4/mcg-core-rhel9@sha256:5772eea82b20bacc81da0531239927bde720f338c19bb5430eee7527d7d7b191
odf4/mcg-operator-bundle@sha256:d49e1d8b7ddaf0f6168966635c46c6797683aa2ee695bd481c924e3c2a55141f
odf4/mcg-rhel9-operator@sha256:158e10c527c54e5372752a3fdf97ba0362af04996e5b24b538d295bd1efbbd2f
odf4/ocs-client-console-rhel9@sha256:96fb1b5997e08fb6c8531d8a1d1ccb1ddb640701ecab86c4a582672a2aafd8c2
odf4/ocs-client-operator-bundle@sha256:f76d5822501de4895c092e82ee8869edb48695d2583118296fb16fea62f5f120
odf4/ocs-client-rhel9-operator@sha256:f55c4b5b8232bf964ea94ceeea7fd6935025530582931d6b2751a28abc145eae
odf4/ocs-metrics-exporter-rhel9@sha256:eebd7024bb98308262f5e10c5b479a005af8b41aa0e1e52fd80421ce578ba862
odf4/ocs-operator-bundle@sha256:f8d44006d6ba9cc03f369b55d65922d21062fdc886a0ec45e5c4066e249affe4
odf4/ocs-rhel9-operator@sha256:ba6ce5bc4a51ad0662b66a19b7baece2beff6a6a3a37a17fcee5d4c25191bd59
odf4/odf-cli-rhel9@sha256:afa180b0de79509f795b19282536ad87751eec1cbae2f1a897e2bb5632b5a917
odf4/odf-console-rhel9@sha256:ff2d2d94d954ccbfc051247d8ed2c060dfd395b421a5fcd1da31c2bd4dc29d8b
odf4/odf-cosi-sidecar-rhel9@sha256:883fa40b1605c897a3d06822663ed8f14ea8fa078c114d99e41447857c7db919
odf4/odf-csi-addons-operator-bundle@sha256:3ebb8ef1441dcf1d1c0a65311f26575a05eefe599e5339324fad2009db060406
odf4/odf-csi-addons-rhel9-operator@sha256:933c9ca1ac5fa25d45bb519c44ab4830739f5822ad3136e4f8fbdf8484566423
odf4/odf-csi-addons-sidecar-rhel9@sha256:a5d0c18c9af49ec036b10b3c5f74aee018e5104ce83bfdda42fac315ef492642
odf4/odf-multicluster-console-rhel9@sha256:9e12f4588faf2bd93bc2b25815a318770d8fafbdddb5d2d43e71e4b75610cb94
odf4/odf-multicluster-operator-bundle@sha256:d81efbf15f4e5a7b9f828e4628099535a3d6e1f836520d79ba4759ae72d1a269
odf4/odf-multicluster-rhel9-operator@sha256:bf70cf7ee50fe6d336160240abf24a7da99c4a4d9a731100c3bf39f85fb15c4f
odf4/odf-must-gather-rhel9@sha256:aed2fb7d743758677584df771751bad1d586eac50595bc96a8463dae7e7caed2
odf4/odf-operator-bundle@sha256:14516c830d0abad30598bbb0268e865057672dcc22e85cfa7f7b28d73e06dc54
odf4/odf-prometheus-operator-bundle@sha256:43671627156b45f44ad8a1416f1337f2971f51f08f9d9a52e95cb07c0ef2392e
odf4/odf-rhel9-operator@sha256:d516efc653232a34a79b22cb04902ca2582c9782f137569efb3570e33b17aaf3
odf4/odr-cluster-operator-bundle@sha256:eae3e0f32787993f73e1825e01db411608b8855922ee2a00acc70f377e872170
odf4/odr-hub-operator-bundle@sha256:57844c5d07c49c33ba9071f0b90748771c8d62b73f0cc37ce44bdadae214ea0f
odf4/odr-recipe-operator-bundle@sha256:d0f85b64303b0f9e892520be07b2d5e211fa806602e4ba7e1fbaa9edfa488a36
odf4/odr-rhel9-operator@sha256:ded381a718b98ea7a4abb7e75db96e98b84b73eb7529359ece7fa61ea0ab8eab
odf4/rook-ceph-operator-bundle@sha256:df17a31226a5a883e07be468ac20fb153a334f5d8b2718c17d7cf448b28fbd47
odf4/rook-ceph-rhel9-operator@sha256:914f27949481999de5aa5b9c5face266828cd501246243181da786a87afcbdee

x86_64

odf4/cephcsi-operator-bundle@sha256:3338eb8159127a7dead6006255ed0ae073a110a402ed498e2e8cc9493c0b4d8e
odf4/cephcsi-rhel9@sha256:9e303d40097486dc50d743323ba6a8de7e3e2e5a8d8bc607728fed47220530a4
odf4/cephcsi-rhel9-operator@sha256:21600fa74a0b9a12d469d1cdaddd804b4b73d6afdb9106eeb4f34596bb2d1258
odf4/mcg-core-rhel9@sha256:30f2376f37765eb5b3beb424018d217f65475a8fecad4dd525ba2970ec6332b5
odf4/mcg-operator-bundle@sha256:b399bbdde09923dd23bfc65d088894a79610e53d895c1de2d26e91850b2735f4
odf4/mcg-rhel9-operator@sha256:a8037be2de7db50028ce66df96573d6d5347a68c4211656d82e50a3344343aab
odf4/ocs-client-console-rhel9@sha256:0cf22d86b267794025ba19591a306c81e0fdb2cf3dca05b9dcea3ecdf34f261d
odf4/ocs-client-operator-bundle@sha256:8fca3b0219de02595ada4a1ff022c5cd8a78a13f585fe59cf6cd34ef360b3a73
odf4/ocs-client-rhel9-operator@sha256:5755f2253c923b09e64a1fb6482fc17b611913db3cc5adb895b8e1f1db8e3d85
odf4/ocs-metrics-exporter-rhel9@sha256:963317814b12fc9024857eabc03252fcd5219fc94daf9727c0d15543c61cc57e
odf4/ocs-operator-bundle@sha256:2ea120791aa41e227e048c9acf90e393ebe3b5ee040b37a77410d1bb344b2e40
odf4/ocs-rhel9-operator@sha256:af34f03adc5c18cb2a6fbc099239cbe962db9573902b45a7188d74369738ea87
odf4/odf-cli-rhel9@sha256:dc1e0173b629ff8695aa694845d53399143d90fef25aad72b24ab4185d8d7f95
odf4/odf-console-rhel9@sha256:eb9ba1f0ed9f26c423ee06de5001e49d6d331a085a8edf8a82318b816a8d38fc
odf4/odf-cosi-sidecar-rhel9@sha256:55cd05deff37a44ba1d07c4fb36fa4e4ec2b4e89c4eb98d5ff3e0172f21521b2
odf4/odf-csi-addons-operator-bundle@sha256:ec3a6e74ca2f0fbc8d7ed2344a2bb0c409a7a5adf0d7cf7388251f89174b7339
odf4/odf-csi-addons-rhel9-operator@sha256:cd948f94ceabaf729040a60ecf6603da00de782249c79691f6562cbb2b19d404
odf4/odf-csi-addons-sidecar-rhel9@sha256:9a50d51c19235bc004c592f53891aa7895f0d79692309ce21a681e48f5844480
odf4/odf-multicluster-console-rhel9@sha256:ea469bde819cd85a738bc338508eb7c49bd3c5c1e913f5e99836a30432ae15f1
odf4/odf-multicluster-operator-bundle@sha256:4dc4e7ca38c7dce1404bc4ac833fed1c2901cb73a7bf8e2eaecc3af6a235746a
odf4/odf-multicluster-rhel9-operator@sha256:59b6aadac2ac4afdf697c3bfda9d220572fdf2ec2cff887f0350f0a589180141
odf4/odf-must-gather-rhel9@sha256:4cab9c3030988130f02052704003ab0be7f279e5cc316512fce5094591700947
odf4/odf-operator-bundle@sha256:1206983cd08b8996ad169724bbf6e76ae7c493e31ecf089204a1b7730f4ba2ea
odf4/odf-prometheus-operator-bundle@sha256:fe3072cb4c35027b0077e373cbfe1e7f75072dc804dc56e7c4da7a327e039a6b
odf4/odf-rhel9-operator@sha256:6e7bd199fdbc5a5cb522dcdaece770a3e193f95c4e98b61998348a0b1eb7eabf
odf4/odr-cluster-operator-bundle@sha256:8ba1bc142f839128a93cb596e60cb7241eddbf159b90cc795889272020073dad
odf4/odr-hub-operator-bundle@sha256:4f5dc03c98b9a6d6bdb84e0e041f8a189040033b379ef6e6615c5156505b9d10
odf4/odr-recipe-operator-bundle@sha256:0350bfbd7e4eaee91c043edbc2ea1d49aae2f0eba1dff6f3ae84c874a0aa1082
odf4/odr-rhel9-operator@sha256:a9ce6ff0ef32d029f026757522afe224774058252e36e978f27b12d9e2940585
odf4/rook-ceph-operator-bundle@sha256:c66ffb2fa00181c983e4ff78bcad4ec5a4d766ed801ed323bdd7e5748d22fa97
odf4/rook-ceph-rhel9-operator@sha256:8e758d1c053be265048bd7945975c07e63f5b430152f69a3726c9c2edd1e4488

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.