access.redhat.com
Open in
urlscan Pro
2a02:26f0:1700:11::b856:678b
Public Scan
URL:
https://access.redhat.com/errata/RHSA-2024:0332
Submission: On February 02 via api from BE — Scanned from DE
Submission: On February 02 via api from BE — Scanned from DE
Form analysis 1 forms found in the DOM
Name: topSearchForm — GET /search/browse/search/
<form class="ng-pristine ng-valid topSearchForm" id="topSearchForm" name="topSearchForm" action="/search/browse/search/" method="get" enctype="application/x-www-form-urlencoded">
<cp-search-autocomplete class="push-bottom" path="/webassets/avalon/j/data.json" pfelement="" type="container"></cp-search-autocomplete>
<div> Or <a href="/support/cases/#/troubleshoot">troubleshoot an issue</a>. </div>
</form>Text Content
Note: Our personalized web services require that your browser be enabled for
JavaScript and cookies
Skip to navigation Skip to main content
UTILITIES
* Subscriptions
* Downloads
* Containers
* Support Cases
* Subscriptions
* Downloads
* Containers
* Support Cases
* Products & Services
PRODUCTS
SUPPORT
* Production Support
* Development Support
* Product Life Cycles
SERVICES
* Consulting
* Technical Account Management
* Training & Certifications
DOCUMENTATION
* Red Hat Enterprise Linux
* Red Hat JBoss Enterprise Application Platform
* Red Hat OpenStack Platform
* Red Hat OpenShift Container Platform
All Documentation
ECOSYSTEM CATALOG
* Red Hat Partner Ecosystem
* Partner Resources
* Tools
TOOLS
* Troubleshoot a product issue
* Packages
* Errata
CUSTOMER PORTAL LABS
* Configuration
* Deployment
* Security
* Troubleshoot
All labs
RED HAT INSIGHTS
Increase visibility into IT operations to detect and resolve technical issues
before they impact your business.
Learn More
Go to Insights
* Security
RED HAT PRODUCT SECURITY CENTER
Engage with our Red Hat Product Security team, access security updates, and
ensure your environments are not exposed to any known security
vulnerabilities.
Product Security Center
SECURITY UPDATES
* Security Advisories
* Red Hat CVE Database
* Security Labs
Keep your systems secure with Red Hat's specialized responses to security
vulnerabilities.
View Responses
RESOURCES
* Security Blog
* Security Measurement
* Severity Ratings
* Backporting Policies
* Product Signing (GPG) Keys
* Community
CUSTOMER PORTAL COMMUNITY
* Discussions
* Private Groups
Community Activity
CUSTOMER EVENTS
* Red Hat Convergence
* Red Hat Summit
STORIES
* Red Hat Subscription Value
* You Asked. We Acted.
* Open Source Communities
Or troubleshoot an issue.
English
SELECT YOUR LANGUAGE
* English
* Français
* 한국어
* 日本語
* 中文 (中国)
Infrastructure and Management
* Red Hat Enterprise Linux
* Red Hat Satellite
* Red Hat Subscription Management
* Red Hat Insights
* Red Hat Ansible Automation Platform
Cloud Computing
* Red Hat OpenShift
* Red Hat OpenStack Platform
* Red Hat OpenShift Container Platform
* Red Hat OpenShift Data Science
* Red Hat OpenShift Dedicated
* Red Hat Advanced Cluster Security for Kubernetes
* Red Hat Advanced Cluster Management for Kubernetes
* Red Hat Quay
* OpenShift Dev Spaces
* Red Hat OpenShift Service on AWS
Storage
* Red Hat Gluster Storage
* Red Hat Hyperconverged Infrastructure
* Red Hat Ceph Storage
* Red Hat OpenShift Data Foundation
Runtimes
* Red Hat Runtimes
* Red Hat JBoss Enterprise Application Platform
* Red Hat Data Grid
* Red Hat JBoss Web Server
* Red Hat Single Sign On
* Red Hat support for Spring Boot
* Red Hat build of Node.js
* Red Hat build of Quarkus
Integration and Automation
* Red Hat Application Foundations
* Red Hat Fuse
* Red Hat AMQ
* Red Hat 3scale API Management
All Products
All Red Hat
Back to menu
QUICK LINKS: REDHAT.COM, CUSTOMER PORTAL, RED HAT'S DEVELOPER SITE, RED HAT'S
PARTNER SITE.
* You are here
RED HAT
Learn about our open source products, services, and company.
* You are here
RED HAT CUSTOMER PORTAL
Get product support and knowledge from the open source experts.
* You are here
RED HAT DEVELOPER
Read developer tutorials and download Red Hat software for cloud application
development.
* You are here
RED HAT PARTNER CONNECT
Get training, subscriptions, certifications, and more for partners to build,
sell, and support customer solutions.
PRODUCTS & TOOLS
* ANSIBLE.COM
Learn about and try our IT automation product.
* RED HAT ECOSYSTEM CATALOG
Find hardware, software, and cloud providers―and download container
images―certified to perform with Red Hat technologies.
TRY, BUY, & SELL
* RED HAT HYBRID CLOUD CONSOLE
Access technical how-tos, tutorials, and learning paths focused on Red Hat’s
hybrid cloud managed services.
* RED HAT STORE
Buy select Red Hat products and services online.
* RED HAT MARKETPLACE
Try, buy, sell, and manage certified enterprise software for container-based
environments.
EVENTS
* RED HAT SUMMIT AND ANSIBLEFEST
Register for and learn about our annual open source IT industry event.
Red Hat Product Errata RHSA-2024:0332 - Security Advisory
Issued: 2024-01-22 Updated: 2024-01-22
RHSA-2024:0332 - SECURITY ADVISORY
* Overview
* Updated Images
SYNOPSIS
Important: ACS 4.1 enhancement update
TYPE/SEVERITY
Security Advisory: Important
TOPIC
Updated images are now available for Red Hat Advanced Cluster Security 4.1.6.
The updated images includes security fixes.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
DESCRIPTION
This release of RHACS 4.1 fixes PostgreSQL vulnerabilities in the central,
central-db, and scanner-db containers.
SOLUTION
If you are using an earlier version of RHACS 4.1, you are advised to upgrade to
patch release 4.1.6.
AFFECTED PRODUCTS
* Red Hat Advanced Cluster Security for Kubernetes 4 x86_64
* Red Hat Advanced Cluster Security for Kubernetes for IBM Z and LinuxONE 4
s390x
* Red Hat Advanced Cluster Security for Kubernetes for IBM Power, little endian
4 ppc64le
FIXES
* BZ - 2228111 - CVE-2023-39417 postgresql: extension script @substitutions@
within quoting allow SQL injection
* BZ - 2247168 - CVE-2023-5868 postgresql: Memory disclosure in aggregate
function calls
* BZ - 2247169 - CVE-2023-5869 postgresql: Buffer overrun from integer overflow
in array modification
* BZ - 2247170 - CVE-2023-5870 postgresql: Role pg_signal_backend can signal
certain superuser processes.
* ROX-21832 - Release RHACS 4.1.6
CVES
* CVE-2007-4559
* CVE-2020-22217
* CVE-2022-3094
* CVE-2022-41862
* CVE-2022-48337
* CVE-2022-48339
* CVE-2022-48468
* CVE-2022-48560
* CVE-2022-48564
* CVE-2023-3446
* CVE-2023-3817
* CVE-2023-4016
* CVE-2023-4641
* CVE-2023-5678
* CVE-2023-5868
* CVE-2023-5869
* CVE-2023-5870
* CVE-2023-5981
* CVE-2023-22745
* CVE-2023-31130
* CVE-2023-31486
* CVE-2023-39417
* CVE-2023-39615
* CVE-2023-43804
* CVE-2023-45803
REFERENCES
* https://access.redhat.com/security/updates/classification/#important
* https://docs.openshift.com/acs/4.1/release_notes/41-release-notes.html
PPC64LE
advanced-cluster-security/rhacs-central-db-rhel8@sha256:a07c2547b5038a5220e1ec79f308f4fb118e571dc69fac4050d45f3ffbd89963
advanced-cluster-security/rhacs-collector-rhel8@sha256:9d8e8931d2e8d310009be2e23e63d583ea1cd0af9a054cb6e9d831261a066cc0
advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cbca849213c4b284a8a3002ccbc57f6f48eeb7b7a407620a718e35a153610aa7
advanced-cluster-security/rhacs-main-rhel8@sha256:33d4fd6baccfa514005fd5f2c31fd35f531376a08cc403dc919eb77f0ef82eac
advanced-cluster-security/rhacs-operator-bundle@sha256:7c378e4f875480a561273a4d9d8474892c292a83fdbb853ffe400cf8da29178e
advanced-cluster-security/rhacs-rhel8-operator@sha256:1925ed2953e9c5fec9aa8b455e01caca2ffcfbed9f34c3c76f081b4e74717e22
advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b4e23fdd46f56b644aa22d2bf18346552b78a8ca1d3c0270273c6240bbcadf3
advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b3cbfd45a5604173847ab82b03fc55024d0ea26fb8ad19a415de8a1f9ad6557c
advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8cca092474de0ffb6273e2f19e0e63f79e1513de043bf62afea32c838390facf
advanced-cluster-security/rhacs-scanner-rhel8@sha256:604219a74ba59dd37bd54280f9a5eb98a5363539325c728be7f82f716458c9c4
advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:5af5de310b348fd20b01dff37ad38d4b6ffdad075cb0cbf0cb75c9215846f5d9
S390X
advanced-cluster-security/rhacs-central-db-rhel8@sha256:baabcef3dae19d831bc7ce48b088bb3b7d5c293a7b9eb0166cf707f5e56eaecf
advanced-cluster-security/rhacs-collector-rhel8@sha256:0eabf7fef32d48523d5ecd7d19c76071b50fe0a1b2a3e0a3367bebbab5d0d1df
advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:33d3f3498d0a1104f07e766b8713a49687b25fabdd309d41d4dbefa187fe11f8
advanced-cluster-security/rhacs-main-rhel8@sha256:21bc62fc2a99d707329a3868b196d5630b219d1636bdd7355e416b9c82d1244d
advanced-cluster-security/rhacs-operator-bundle@sha256:47f9e289774c512d112b9fa0e1e957eba62b09955a81e94f50252d1be6a754c5
advanced-cluster-security/rhacs-rhel8-operator@sha256:aacc0f4845391e979d7bb6f9654b24a55675a2cf70c350d3f0743e987b3019af
advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257ffe0ca5b4ae31458f10d22100225d40f68bff09862a0b1d9431ab1387a4a1
advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8ca74b4f25e89f3539553e5f532a7d5cc143bce759a52a1cdc52939cd319d2b9
advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:485b6501211422873da51c563fe04c959812ed5102cf54ddead08a6a08690729
advanced-cluster-security/rhacs-scanner-rhel8@sha256:9f4550e44ce4029ce5dba7c6fedd7ff5ee618c8b46a92101d63667f710657e79
advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:998ec7b98563dca7109b20c519653ec8e1772d451dce11ca91ca5aef12659e7c
X86_64
advanced-cluster-security/rhacs-central-db-rhel8@sha256:654d89ecefd0aa9c938c1bcccb860c0fd52d8dc0cca5aa642cd43650fd135240
advanced-cluster-security/rhacs-collector-rhel8@sha256:e1aa435f4b8ab7af94ee8d7f8024ec10f213345da46977a0db357cf44b597d0d
advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:30af6f4e554b6efb379d2551af0b8031eafd353b484d0c922c6b018932c49456
advanced-cluster-security/rhacs-main-rhel8@sha256:a4298e0029f0fb26c13776e2084898bc2f6027adb13e3647bb597d317db0eb9d
advanced-cluster-security/rhacs-operator-bundle@sha256:b26133843687cc50e2c52d6067d8b3369b5cb28dfbfd15dd4b6062096673195a
advanced-cluster-security/rhacs-rhel8-operator@sha256:0aa307408db60e2b0d20aa0b4423812f5bb799de03a65dd1f850b2a989f7fabf
advanced-cluster-security/rhacs-roxctl-rhel8@sha256:05095d9b07b672f4ed91dde7fa7d4756f74dba6161d7d3f3e82670e5876fac91
advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cb8ed4575919e58e9cac1cfed85676861eb83caf07c4905fc0aca58993c2aaa4
advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3d8a099fad25c2071a004bcc0e9d817447e95b9a20740e2f22621d1b81bc61cf
advanced-cluster-security/rhacs-scanner-rhel8@sha256:3eb5e006da5ec86346472cfb5cdcc7046c8887ce2f640a2252d5b3b1c554fd7c
advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:70e968ac6f2a6cf8ebf6bdc6ec5096115b16d0be18dcf76152cc75fa4466b6e8
The Red Hat security contact is secalert@redhat.com. More contact details at
https://access.redhat.com/security/team/contact/.
Red Hat
QUICK LINKS
* Downloads
* Subscriptions
* Support Cases
* Customer Service
* Product Documentation
HELP
* Contact Us
* Customer Portal FAQ
* Log-in Assistance
SITE INFO
* Trust Red Hat
* Browser Support Policy
* Accessibility
* Awards and Recognition
* Colophon
RELATED SITES
* redhat.com
* developers.redhat.com
* connect.redhat.com
* cloud.redhat.com
ABOUT
* Red Hat Subscription Value
* About Red Hat
* Red Hat Jobs
All systems operational
2023
* Privacy Statement
* Terms of Use
* All Policies and Guidelines
* Cookie-präferenzen
We've updated our Privacy Statement effective September 15, 2023.
Red Hat Summit
Twitter