Red Hat OpenShift: RHSA-2023-2029-01 Moderate: Operator Bug Fix
red hat
May 10, 2023
An updated Security Profiles Operator image that fixes various bugs is now available for the Red Hat OpenShift Enterprise 4 catalog
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied. For details on how to apply this
update, refer to:
https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/updating_clusters/updating-cluster-cli
Summary
The OpenShift Security Profiles Operator v0.7.0 is now available. See the
documentation for bug fix information:
https://docs.openshift.com/en/container-platform/4.12/security/security_profiles_operator/spo-release-notes.html
References
https://access.redhat.com/security/cve/CVE-2023-0475 https://access.redhat.com/security/cve/CVE-2023-25173 https://access.redhat.com/security/updates/classification/#moderate
Package List
PREVIOUS
NEXT
Advisory ID: RHSA-2023:2029-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2023:2029
Issue date: 2023-05-10
Topic
An updated Security Profiles Operator image that fixes various bugs is nowavailable for the Red Hat OpenShift Enterprise 4 catalog.
Relevant Releases Architectures
Bugs Fixed
2170844 - CVE-2023-0475 go-getter: go-getter vulnerable to denial of service via malicious compressed archive
2174485 - CVE-2023-25173 containerd: Supplementary groups are not set up properly
5. JIRA issues fixed (https://issues.redhat.com/):
OCPBUGS-10045 - The spod pods crash with rhel9 os due to "error parsing semanage configuration file"
OCPBUGS-12879 - selinux: Allow using other container-selinux policy templates than container
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!