access.redhat.com
Open in
urlscan Pro
2a02:26f0:1700:11::b856:678b
Public Scan
URL:
https://access.redhat.com/errata/RHSA-2024:0332
Submission: On February 02 via api from BE — Scanned from DE
Submission: On February 02 via api from BE — Scanned from DE
Form analysis
1 forms found in the DOMName: topSearchForm — GET /search/browse/search/
<form class="ng-pristine ng-valid topSearchForm" id="topSearchForm" name="topSearchForm" action="/search/browse/search/" method="get" enctype="application/x-www-form-urlencoded">
<cp-search-autocomplete class="push-bottom" path="/webassets/avalon/j/data.json" pfelement="" type="container"></cp-search-autocomplete>
<div> Or <a href="/support/cases/#/troubleshoot">troubleshoot an issue</a>. </div>
</form>
Text Content
Note: Our personalized web services require that your browser be enabled for JavaScript and cookies Skip to navigation Skip to main content UTILITIES * Subscriptions * Downloads * Containers * Support Cases * Subscriptions * Downloads * Containers * Support Cases * Products & Services PRODUCTS SUPPORT * Production Support * Development Support * Product Life Cycles SERVICES * Consulting * Technical Account Management * Training & Certifications DOCUMENTATION * Red Hat Enterprise Linux * Red Hat JBoss Enterprise Application Platform * Red Hat OpenStack Platform * Red Hat OpenShift Container Platform All Documentation ECOSYSTEM CATALOG * Red Hat Partner Ecosystem * Partner Resources * Tools TOOLS * Troubleshoot a product issue * Packages * Errata CUSTOMER PORTAL LABS * Configuration * Deployment * Security * Troubleshoot All labs RED HAT INSIGHTS Increase visibility into IT operations to detect and resolve technical issues before they impact your business. Learn More Go to Insights * Security RED HAT PRODUCT SECURITY CENTER Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities. Product Security Center SECURITY UPDATES * Security Advisories * Red Hat CVE Database * Security Labs Keep your systems secure with Red Hat's specialized responses to security vulnerabilities. View Responses RESOURCES * Security Blog * Security Measurement * Severity Ratings * Backporting Policies * Product Signing (GPG) Keys * Community CUSTOMER PORTAL COMMUNITY * Discussions * Private Groups Community Activity CUSTOMER EVENTS * Red Hat Convergence * Red Hat Summit STORIES * Red Hat Subscription Value * You Asked. We Acted. * Open Source Communities Or troubleshoot an issue. English SELECT YOUR LANGUAGE * English * Français * 한국어 * 日本語 * 中文 (中国) Infrastructure and Management * Red Hat Enterprise Linux * Red Hat Satellite * Red Hat Subscription Management * Red Hat Insights * Red Hat Ansible Automation Platform Cloud Computing * Red Hat OpenShift * Red Hat OpenStack Platform * Red Hat OpenShift Container Platform * Red Hat OpenShift Data Science * Red Hat OpenShift Dedicated * Red Hat Advanced Cluster Security for Kubernetes * Red Hat Advanced Cluster Management for Kubernetes * Red Hat Quay * OpenShift Dev Spaces * Red Hat OpenShift Service on AWS Storage * Red Hat Gluster Storage * Red Hat Hyperconverged Infrastructure * Red Hat Ceph Storage * Red Hat OpenShift Data Foundation Runtimes * Red Hat Runtimes * Red Hat JBoss Enterprise Application Platform * Red Hat Data Grid * Red Hat JBoss Web Server * Red Hat Single Sign On * Red Hat support for Spring Boot * Red Hat build of Node.js * Red Hat build of Quarkus Integration and Automation * Red Hat Application Foundations * Red Hat Fuse * Red Hat AMQ * Red Hat 3scale API Management All Products All Red Hat Back to menu QUICK LINKS: REDHAT.COM, CUSTOMER PORTAL, RED HAT'S DEVELOPER SITE, RED HAT'S PARTNER SITE. * You are here RED HAT Learn about our open source products, services, and company. * You are here RED HAT CUSTOMER PORTAL Get product support and knowledge from the open source experts. * You are here RED HAT DEVELOPER Read developer tutorials and download Red Hat software for cloud application development. * You are here RED HAT PARTNER CONNECT Get training, subscriptions, certifications, and more for partners to build, sell, and support customer solutions. PRODUCTS & TOOLS * ANSIBLE.COM Learn about and try our IT automation product. * RED HAT ECOSYSTEM CATALOG Find hardware, software, and cloud providers―and download container images―certified to perform with Red Hat technologies. TRY, BUY, & SELL * RED HAT HYBRID CLOUD CONSOLE Access technical how-tos, tutorials, and learning paths focused on Red Hat’s hybrid cloud managed services. * RED HAT STORE Buy select Red Hat products and services online. * RED HAT MARKETPLACE Try, buy, sell, and manage certified enterprise software for container-based environments. EVENTS * RED HAT SUMMIT AND ANSIBLEFEST Register for and learn about our annual open source IT industry event. Red Hat Product Errata RHSA-2024:0332 - Security Advisory Issued: 2024-01-22 Updated: 2024-01-22 RHSA-2024:0332 - SECURITY ADVISORY * Overview * Updated Images SYNOPSIS Important: ACS 4.1 enhancement update TYPE/SEVERITY Security Advisory: Important TOPIC Updated images are now available for Red Hat Advanced Cluster Security 4.1.6. The updated images includes security fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. DESCRIPTION This release of RHACS 4.1 fixes PostgreSQL vulnerabilities in the central, central-db, and scanner-db containers. SOLUTION If you are using an earlier version of RHACS 4.1, you are advised to upgrade to patch release 4.1.6. AFFECTED PRODUCTS * Red Hat Advanced Cluster Security for Kubernetes 4 x86_64 * Red Hat Advanced Cluster Security for Kubernetes for IBM Z and LinuxONE 4 s390x * Red Hat Advanced Cluster Security for Kubernetes for IBM Power, little endian 4 ppc64le FIXES * BZ - 2228111 - CVE-2023-39417 postgresql: extension script @substitutions@ within quoting allow SQL injection * BZ - 2247168 - CVE-2023-5868 postgresql: Memory disclosure in aggregate function calls * BZ - 2247169 - CVE-2023-5869 postgresql: Buffer overrun from integer overflow in array modification * BZ - 2247170 - CVE-2023-5870 postgresql: Role pg_signal_backend can signal certain superuser processes. * ROX-21832 - Release RHACS 4.1.6 CVES * CVE-2007-4559 * CVE-2020-22217 * CVE-2022-3094 * CVE-2022-41862 * CVE-2022-48337 * CVE-2022-48339 * CVE-2022-48468 * CVE-2022-48560 * CVE-2022-48564 * CVE-2023-3446 * CVE-2023-3817 * CVE-2023-4016 * CVE-2023-4641 * CVE-2023-5678 * CVE-2023-5868 * CVE-2023-5869 * CVE-2023-5870 * CVE-2023-5981 * CVE-2023-22745 * CVE-2023-31130 * CVE-2023-31486 * CVE-2023-39417 * CVE-2023-39615 * CVE-2023-43804 * CVE-2023-45803 REFERENCES * https://access.redhat.com/security/updates/classification/#important * https://docs.openshift.com/acs/4.1/release_notes/41-release-notes.html PPC64LE advanced-cluster-security/rhacs-central-db-rhel8@sha256:a07c2547b5038a5220e1ec79f308f4fb118e571dc69fac4050d45f3ffbd89963 advanced-cluster-security/rhacs-collector-rhel8@sha256:9d8e8931d2e8d310009be2e23e63d583ea1cd0af9a054cb6e9d831261a066cc0 advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cbca849213c4b284a8a3002ccbc57f6f48eeb7b7a407620a718e35a153610aa7 advanced-cluster-security/rhacs-main-rhel8@sha256:33d4fd6baccfa514005fd5f2c31fd35f531376a08cc403dc919eb77f0ef82eac advanced-cluster-security/rhacs-operator-bundle@sha256:7c378e4f875480a561273a4d9d8474892c292a83fdbb853ffe400cf8da29178e advanced-cluster-security/rhacs-rhel8-operator@sha256:1925ed2953e9c5fec9aa8b455e01caca2ffcfbed9f34c3c76f081b4e74717e22 advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b4e23fdd46f56b644aa22d2bf18346552b78a8ca1d3c0270273c6240bbcadf3 advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b3cbfd45a5604173847ab82b03fc55024d0ea26fb8ad19a415de8a1f9ad6557c advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8cca092474de0ffb6273e2f19e0e63f79e1513de043bf62afea32c838390facf advanced-cluster-security/rhacs-scanner-rhel8@sha256:604219a74ba59dd37bd54280f9a5eb98a5363539325c728be7f82f716458c9c4 advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5af5de310b348fd20b01dff37ad38d4b6ffdad075cb0cbf0cb75c9215846f5d9 S390X advanced-cluster-security/rhacs-central-db-rhel8@sha256:baabcef3dae19d831bc7ce48b088bb3b7d5c293a7b9eb0166cf707f5e56eaecf advanced-cluster-security/rhacs-collector-rhel8@sha256:0eabf7fef32d48523d5ecd7d19c76071b50fe0a1b2a3e0a3367bebbab5d0d1df advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:33d3f3498d0a1104f07e766b8713a49687b25fabdd309d41d4dbefa187fe11f8 advanced-cluster-security/rhacs-main-rhel8@sha256:21bc62fc2a99d707329a3868b196d5630b219d1636bdd7355e416b9c82d1244d advanced-cluster-security/rhacs-operator-bundle@sha256:47f9e289774c512d112b9fa0e1e957eba62b09955a81e94f50252d1be6a754c5 advanced-cluster-security/rhacs-rhel8-operator@sha256:aacc0f4845391e979d7bb6f9654b24a55675a2cf70c350d3f0743e987b3019af advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257ffe0ca5b4ae31458f10d22100225d40f68bff09862a0b1d9431ab1387a4a1 advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8ca74b4f25e89f3539553e5f532a7d5cc143bce759a52a1cdc52939cd319d2b9 advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:485b6501211422873da51c563fe04c959812ed5102cf54ddead08a6a08690729 advanced-cluster-security/rhacs-scanner-rhel8@sha256:9f4550e44ce4029ce5dba7c6fedd7ff5ee618c8b46a92101d63667f710657e79 advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:998ec7b98563dca7109b20c519653ec8e1772d451dce11ca91ca5aef12659e7c X86_64 advanced-cluster-security/rhacs-central-db-rhel8@sha256:654d89ecefd0aa9c938c1bcccb860c0fd52d8dc0cca5aa642cd43650fd135240 advanced-cluster-security/rhacs-collector-rhel8@sha256:e1aa435f4b8ab7af94ee8d7f8024ec10f213345da46977a0db357cf44b597d0d advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:30af6f4e554b6efb379d2551af0b8031eafd353b484d0c922c6b018932c49456 advanced-cluster-security/rhacs-main-rhel8@sha256:a4298e0029f0fb26c13776e2084898bc2f6027adb13e3647bb597d317db0eb9d advanced-cluster-security/rhacs-operator-bundle@sha256:b26133843687cc50e2c52d6067d8b3369b5cb28dfbfd15dd4b6062096673195a advanced-cluster-security/rhacs-rhel8-operator@sha256:0aa307408db60e2b0d20aa0b4423812f5bb799de03a65dd1f850b2a989f7fabf advanced-cluster-security/rhacs-roxctl-rhel8@sha256:05095d9b07b672f4ed91dde7fa7d4756f74dba6161d7d3f3e82670e5876fac91 advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cb8ed4575919e58e9cac1cfed85676861eb83caf07c4905fc0aca58993c2aaa4 advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3d8a099fad25c2071a004bcc0e9d817447e95b9a20740e2f22621d1b81bc61cf advanced-cluster-security/rhacs-scanner-rhel8@sha256:3eb5e006da5ec86346472cfb5cdcc7046c8887ce2f640a2252d5b3b1c554fd7c advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:70e968ac6f2a6cf8ebf6bdc6ec5096115b16d0be18dcf76152cc75fa4466b6e8 The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/. Red Hat QUICK LINKS * Downloads * Subscriptions * Support Cases * Customer Service * Product Documentation HELP * Contact Us * Customer Portal FAQ * Log-in Assistance SITE INFO * Trust Red Hat * Browser Support Policy * Accessibility * Awards and Recognition * Colophon RELATED SITES * redhat.com * developers.redhat.com * connect.redhat.com * cloud.redhat.com ABOUT * Red Hat Subscription Value * About Red Hat * Red Hat Jobs All systems operational 2023 * Privacy Statement * Terms of Use * All Policies and Guidelines * Cookie-präferenzen We've updated our Privacy Statement effective September 15, 2023. Red Hat Summit Twitter