RedHat: RHSA-2019-4341:01 Moderate: Red Hat Quay v3.2.0 security and bug

    Date 19 Dec 2019
    402
    Posted By LinuxSecurity Advisories
    An update is now available for Red Hat Quay 3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256
    
    =====================================================================
                       Red Hat Security Advisory
    
    Synopsis:          Moderate: Red Hat Quay v3.2.0 security and bug fix update
    Advisory ID:       RHSA-2019:4341-01
    Product:           Red Hat Quay
    Advisory URL:      https://access.redhat.com/errata/RHSA-2019:4341
    Issue date:        2019-12-19
    CVE Names:         CVE-2019-10205 
    =====================================================================
    
    1. Summary:
    
    An update is now available for Red Hat Quay 3.
    
    Red Hat Product Security has rated this update as having a security impact
    of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
    gives a detailed severity rating, is available for each vulnerability from
    the CVE link(s) in the References section.
    
    2. Description:
    
    Quay 3.2.0 release, including:
    
    Security Fix(es):
    
    * quay: Red Hat Quay stores robot account tokens in plain text
    (CVE-2019-10205)
    
    For more details about the security issue(s), including the impact, a CVSS
    score, acknowledgments, and other related information, refer to the CVE
    page(s) listed in the References section.
    
    Bug Fix(es):
    
    * Quay 3.2.0 errata (BZ#1780711)
    
    3. Solution:
    
    Please download the release images via:
    
    quay.io/redhat/quay:v3.2.0
    quay.io/redhat/clair-jwt:v3.2.0
    quay.io/redhat/quay-builder:v3.2.0
    
    4. Bugs fixed (https://bugzilla.redhat.com/):
    
    1732190 - CVE-2019-10205 quay: Red Hat Quay stores robot account tokens in plain text
    1780711 - Quay 3.2.0 errata
    
    5. References:
    
    https://access.redhat.com/security/cve/CVE-2019-10205
    https://access.redhat.com/security/updates/classification/#moderate
    
    6. Contact:
    
    The Red Hat security contact is . More contact
    details at https://access.redhat.com/security/team/contact/
    
    Copyright 2019 Red Hat, Inc.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1
    
    iQIVAwUBXfu1yNzjgjWX9erEAQh5Nw/9Ef54l4FeUnqTh3nXi6aDvq9GoNHYc+St
    cmdEpRNJx8MCtblpFfkxAlbyuJ3Y+J8rGWGbPnjPATqLiAabRJwsbunqh4WsiM9Q
    fWhh/F1R9w0dnW/eWQp7OqS/o/0XULnXAhA+7tkqtpvoBN8p0SfdZNzqQYm8jesT
    7aXEwRvRIueFmZto8G3EvifcDAI8+e01EhSTWJEFhKvJXbrxM3j3nvbZe16kjznX
    YBaagQ2VzPL3kb/yMm3E7lPUPFhhaX0QmBNXLuzk7pswdIx7FZ+vU18a7Iht9TfC
    +mF4lDZOSTnQmEgSb8CSj4FRfqECeFheiuruU5pzXdgzfqWIas58DR337tmw2m5o
    jcBOXCknMR+GxPXa8mMbqFLwZZaf+wdwwvXS5U5VT8nl8bMnc21zfs3J6EGMKM71
    MjowgsAeewnctQbLZY2qzGv1SadVrOpowYJo3RzNjosY5BLLFo69P3wFp97GcuSh
    Cs7j5Mmi7EeyygAZnX56IUfmQn08LY3BThcCD7xIXiP2pqpuU+fns52xunkIuFHk
    3yf//Gzruz5hqnfTSWhcNrq562ahmpmzSwAzW+Fwsox9e7Y2EQ2wBMGEEe0HbcK9
    eEe4lP6k4oaFfZuIen7qHrlLnQof8yLomMQfaqu6g1ixtTej0W94Jlz/pDWbwKfV
    1z6i6I8zexs=
    =a2TH
    -----END PGP SIGNATURE-----
    
    --
    RHSA-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.redhat.com/mailman/listinfo/rhsa-announce
    

    LinuxSecurity Poll

    Are you planning to use the 1Password password manager now that it is available to Linux users?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/35-are-you-planning-to-use-the-1password-password-manager-now-that-it-is-available-to-linux-users?task=poll.vote&format=json
    35
    radio
    [{"id":"122","title":"Yes","votes":"1","type":"x","order":"1","pct":20,"resources":[]},{"id":"123","title":"No ","votes":"3","type":"x","order":"2","pct":60,"resources":[]},{"id":"124","title":"Not sure at the moment","votes":"1","type":"x","order":"3","pct":20,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.