Alerts This Week
Warning Icon 1 924
Alerts This Week
Warning Icon 1 924

Red Hat OpenShift 3.11/4.1 Advisory: Low Impact AMQ Online Security Fix

red hat
Calendar Grey April 22, 2020
Dist Redhat Esm H88
New version released for Red Hat AMQ Online with minimal security implications. Refer to the advisory for further information.
An update of the Red Hat OpenShift Container Platform 3.11 and 4.1 container images is now available for Red Hat AMQ Online

Solution

The Red Hat OpenShift Container Platform 3.11 and 4.1 container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available from https://access.redhat.com.

Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.

Before applying this update, make sure all previously released errata relevant to your system have been applied.

Summary

The release of Red Hat AMQ Online 1.4.1 serves as a replacement for AMQ online 1.4.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.
Security Fix(es):
* netty: compression/decompression codecs don't enforce limits on buffer allocation sizes (CVE-2020-11612)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Topics%20covered

Topics Covered

security advisory security issue update low impact Red Hat OpenShift container images Red Hat AMQ

References

https://access.redhat.com/security/cve/CVE-2020-11612 https://access.redhat.com/security/updates/classification#low

Package List


Severity
low
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2020:1538-01
Product: Red Hat JBoss AMQ
Advisory URL: https://access.redhat.com/errata/RHSA-2020:1538
Issue date: 2020-04-22

Topic

An update of the Red Hat OpenShift Container Platform 3.11 and 4.1container images is now available for Red Hat AMQ Online.Red Hat Product Security has rated this update as having a security impactof Low. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory security issue update low impact Red Hat OpenShift container images Red Hat AMQ

Relevant Releases Architectures

Bugs Fixed

1816216 - CVE-2020-11612 netty: compression/decompression codecs don't enforce limits on buffer allocation sizes

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here