Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

RedHat: RHSA-2023:4889-01 Important: DevWorkspace Operator 0.22 Release

red hat
Calendar Grey August 31, 2023
Dist Redhat Esm H88
Canonical unveils the significant launch of Snapcraft 5.12, focusing on performance enhancements and bug fixes.
Red Hat DevWorkspace Operator 0.22 has been released

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.

Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

Summary

The DevWorkspace Operator extends OpenShift to provide DevWorkspace support.
Security Fix(es):
* openssh: Remote code execution in ssh-agent PKCS#11 support (CVE-2023-38408)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Topics%20covered

Topics Covered

security advisory remote execution important redhat devworkspace

References

https://access.redhat.com/security/cve/CVE-2023-2602 https://access.redhat.com/security/cve/CVE-2023-2603 https://access.redhat.com/security/cve/CVE-2023-27536 https://access.redhat.com/security/cve/CVE-2023-28321 https://access.redhat.com/security/cve/CVE-2023-28484 https://access.redhat.com/security/cve/CVE-2023-29469 https://access.redhat.com/security/cve/CVE-2023-38408 https://access.redhat.com/security/updates/classification#important

Package List


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2023:4889-01
Product: DEVWORKSPACE
Advisory URL: https://access.redhat.com/errata/RHSA-2023:4889
Issue date: 2023-08-30

Topic

Red Hat DevWorkspace Operator 0.22 has been released.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory remote execution important redhat devworkspace

Relevant Releases Architectures

Bugs Fixed

2224173 - CVE-2023-38408 openssh: Remote code execution in ssh-agent PKCS#11 support

5. JIRA issues fixed (https://redhat.atlassian.net/jira/projects):

CRW-4641 - Release DevWorkspace Operator v0.22

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here