-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2024.0970
     OpenShift Container Platform 4.14.12 bug fix and security update
                             14 February 2024

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           OpenShift Container Platform
Publisher:         Red Hat
Operating System:  Red Hat
Resolution:        Patch/Upgrade
CVE Names:         CVE-2023-49569 CVE-2023-49568 CVE-2022-21708

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2024:0735

Comment: CVSS (Max):  9.8 CVE-2023-49569 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
         CVSS Source: Red Hat
         Calculator:  https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

- --------------------------BEGIN INCLUDED TEXT--------------------

=====================================================================
                Red Hat Security Advisory

Synopsis:          Critical: OpenShift Container Platform 4.14.12
                   bug fix and security update
Advisory ID:       RHSA-2024:0735
Product:           Red Hat OpenShift Container Platform 4.14
Advisory URL:      https://access.redhat.com/errata/RHSA-2024:0735
Issue date:        2024-02-13
CVE Names:         CVE-2022-21708 CVE-2023-49568 CVE-2023-49569
=====================================================================

1. Summary:

Red Hat OpenShift Container Platform release 4.14.12 is now available with
updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container
Platform 4.14.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenShift Container Platform 4.14 - amd64, ppc64le, arm64, s390x 
Red Hat OpenShift Container Platform 4.14 - amd64, ppc64le, arm64, s390x 

3. Description:

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes
application platform solution designed for on-premise or private cloud
deployments.

This advisory contains the container images for Red Hat OpenShift Container
Platform 4.14.12. See the following advisory for the RPM packages for this
release:

https://access.redhat.com/errata/RHBA-2024:0738

Space precludes documenting all of the container images in this advisory. See
the following Release Notes documentation, which will be updated shortly for
this release, for details about these changes:

https://docs.openshift.com/container-
platform/4.14/release_notes/ocp-4-14-release-notes.html

Security Fix(es):

* go-git: Maliciously crafted Git server replies can lead to path traversal
and RCE on go-git clients (CVE-2023-49569)
* go-git: Maliciously crafted Git server replies can cause DoS on go-git
clients (CVE-2023-49568)
* graphql-go: Denial of service via stack overflow panics (CVE-2022-21708)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
All OpenShift Container Platform 4.14 users are advised to upgrade to these
updated packages and images when they are available in the appropriate release
channel. To check for available updates, use the OpenShift CLI (oc) or web
console. Instructions for upgrading a cluster are available at
https://docs.openshift.com/container-
platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html

4. Solution:

For OpenShift Container Platform 4.14 see the following documentation, which
will be updated shortly for this release, for important instructions on how to
upgrade your cluster and fully apply this asynchronous errata update:

      https://docs.openshift.com/container-
platform/4.14/release_notes/ocp-4-14-release-notes.html

You may download the oc tool and use it to inspect release image metadata for
x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be
found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.

      The sha values for the release are

      (For x86_64 architecture)
      The image digest is
sha256:671bc35e8fc2027d6f4c2c756d19909d83d55d1c591e8f9ea790ec8da744d171

      (For s390x architecture)
      The image digest is
sha256:641ac9df3fbc2575922e68cc2e3b0903d7d268faf6862777fca93ac7ed2fe82b

      (For ppc64le architecture)
      The image digest is
sha256:ab24f08a86cb6715e3259153ab44820620d80f21c87781001289bc7ebe13cf02

      (For aarch64 architecture)
      The image digest is
sha256:7f3942d330660112a9220786bd2fb3015f05bda0354002f70cf5735e6386b93b

All OpenShift Container Platform 4.14 users are advised to upgrade to these
updated packages and images when they are available in the appropriate release
channel. To check for available updates, use the OpenShift CLI (oc) or web
console. Instructions for upgrading a cluster are available at
https://docs.openshift.com/container-
platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html

5. Bugs fixed (https://bugzilla.redhat.com/):

2045014 - CVE-2022-21708 - graphql-go: Denial of service via stack overflow
panics
2258165 - CVE-2023-49568 - go-git: Maliciously crafted Git server replies can
cause DoS on go-git clients
2258143 - CVE-2023-49569 - go-git: Maliciously crafted Git server replies can
lead to path traversal and RCE on go-git clients

6. Package List:

Red Hat OpenShift Container Platform 4.14

14:openshift4/ose-console@sha256:26b0127d10ceec535dd9e58077cfa8b88fcfa5c8ac225f1
5ffeb96b0a4dd9e12_amd64:
openshift4/ose-console@sha256:26b0127d10ceec535dd9e58077cfa8b88fcfa5c8ac225f15ff
eb96b0a4dd9e12_amd64.rpm

14:openshift4/ose-console@sha256:475d8ce51b4627005c1bed354c1d7937deaa3d267e2e212
5c7928d1b8bd0004b_arm64:
openshift4/ose-console@sha256:475d8ce51b4627005c1bed354c1d7937deaa3d267e2e2125c7
928d1b8bd0004b_arm64.rpm

14:openshift4/ose-console@sha256:ba1ffa8b24ade1f8027a871206fa169e283bc32e04abd96
7b0d0bab4d1a38bab_s390x:
openshift4/ose-console@sha256:ba1ffa8b24ade1f8027a871206fa169e283bc32e04abd967b0
d0bab4d1a38bab_s390x.rpm

14:openshift4/ose-console@sha256:fcc20f5b7ef541c16d70a6f63a11808353306c8f0436987
a8d4b599e3cb87b20_ppc64le:
openshift4/ose-console@sha256:fcc20f5b7ef541c16d70a6f63a11808353306c8f0436987a8d
4b599e3cb87b20_ppc64le.rpm

14:openshift4/network-tools-rhel8@sha256:392988b33b613ffe4981425bf96ebd72109398f
4bd9297fdc74eaed6a0156fa6_arm64:
openshift4/network-tools-rhel8@sha256:392988b33b613ffe4981425bf96ebd72109398f4bd
9297fdc74eaed6a0156fa6_arm64.rpm

14:openshift4/network-tools-rhel8@sha256:8242f96538e18eec148d5cf4d26c2f8bc837e0c
b2d2b424183ea579803188fd2_amd64:
openshift4/network-tools-rhel8@sha256:8242f96538e18eec148d5cf4d26c2f8bc837e0cb2d
2b424183ea579803188fd2_amd64.rpm

14:openshift4/network-tools-rhel8@sha256:8a59164de78da22ad6934ecfe1f5aa18b81790c
9aa4294e1769154d21c7a8c6c_s390x:
openshift4/network-tools-rhel8@sha256:8a59164de78da22ad6934ecfe1f5aa18b81790c9aa
4294e1769154d21c7a8c6c_s390x.rpm

14:openshift4/network-tools-rhel8@sha256:fe10793b6a5fe8bca87c08721730af057dc8df5
4bb32aeb53fb1bbdd443b0ec0_ppc64le:
openshift4/network-tools-rhel8@sha256:fe10793b6a5fe8bca87c08721730af057dc8df54bb
32aeb53fb1bbdd443b0ec0_ppc64le.rpm

14:openshift4/oc-mirror-plugin-rhel8@sha256:84d480f2763a1db6756f4fe00e4287691767
2786e25fca03f44cfddaf28082a2_arm64:
openshift4/oc-mirror-plugin-rhel8@sha256:84d480f2763a1db6756f4fe00e4287691767278
6e25fca03f44cfddaf28082a2_arm64.rpm

14:openshift4/oc-mirror-plugin-rhel8@sha256:a87e6fdccf969eb1ffa5759542f7482bb76c
0ee399111130d9a3579a9fa6fada_amd64:
openshift4/oc-mirror-plugin-rhel8@sha256:a87e6fdccf969eb1ffa5759542f7482bb76c0ee
399111130d9a3579a9fa6fada_amd64.rpm

14:openshift4/oc-mirror-plugin-rhel8@sha256:b198aea08568e40e3f7f5329d2c1d3763bdb
4bcc7a9f323b4704403d68656106_s390x:
openshift4/oc-mirror-plugin-rhel8@sha256:b198aea08568e40e3f7f5329d2c1d3763bdb4bc
c7a9f323b4704403d68656106_s390x.rpm

14:openshift4/oc-mirror-plugin-rhel8@sha256:e7d7087f8c9e1640d6b741207f7b22cbf1ae
820c263b0b9fd6bf96c41eeb1b86_ppc64le:
openshift4/oc-mirror-plugin-rhel8@sha256:e7d7087f8c9e1640d6b741207f7b22cbf1ae820
c263b0b9fd6bf96c41eeb1b86_ppc64le.rpm

14:openshift4/ose-alibaba-disk-csi-driver-operator-container-rhel8@sha256:c59197
fd2b71316b51083010ed266b5dbd2337791c04d812497c716b914ed7d5_amd64:
openshift4/ose-alibaba-disk-csi-driver-operator-container-rhel8@sha256:c59197fd2
b71316b51083010ed266b5dbd2337791c04d812497c716b914ed7d5_amd64.rpm

14:openshift4/ose-aws-ebs-csi-driver-rhel8-operator@sha256:7b0d07f44cab631ac47dc
168e43d1716f1f332620706055574f9722c29e90296_amd64:
openshift4/ose-aws-ebs-csi-driver-rhel8-operator@sha256:7b0d07f44cab631ac47dc168
e43d1716f1f332620706055574f9722c29e90296_amd64.rpm

14:openshift4/ose-aws-ebs-csi-driver-rhel8-operator@sha256:fe6b1c8aea442792d49f2
1b76198467a70bda5f5b7430c42731c2f20eebc3a55_arm64:
openshift4/ose-aws-ebs-csi-driver-rhel8-operator@sha256:fe6b1c8aea442792d49f21b7
6198467a70bda5f5b7430c42731c2f20eebc3a55_arm64.rpm

14:openshift4/ose-azure-file-csi-driver-operator-rhel8@sha256:db4fa94339f96a72f9
89900d026f6782fc4032715d7c22e8f590202c3aba9bac_arm64:
openshift4/ose-azure-file-csi-driver-operator-rhel8@sha256:db4fa94339f96a72f9899
00d026f6782fc4032715d7c22e8f590202c3aba9bac_arm64.rpm

14:openshift4/ose-azure-file-csi-driver-operator-rhel8@sha256:ec37033c2244931b1c
a85fdd68a63047ad9f7fe6656d50dd311b604de83ef916_amd64:
openshift4/ose-azure-file-csi-driver-operator-rhel8@sha256:ec37033c2244931b1ca85
fdd68a63047ad9f7fe6656d50dd311b604de83ef916_amd64.rpm

14:openshift4/ose-cloud-credential-operator@sha256:1a27f1946d3584056f73ff84d5a04
294855d57dcfccc0487d9ff72f9de80ba62_s390x:
openshift4/ose-cloud-credential-operator@sha256:1a27f1946d3584056f73ff84d5a04294
855d57dcfccc0487d9ff72f9de80ba62_s390x.rpm

14:openshift4/ose-cloud-credential-operator@sha256:3a82a2f0533422e928fced06677e5
3a331b94500f49a0230f5b7e652fd789003_ppc64le:
openshift4/ose-cloud-credential-operator@sha256:3a82a2f0533422e928fced06677e53a3
31b94500f49a0230f5b7e652fd789003_ppc64le.rpm

14:openshift4/ose-cloud-credential-operator@sha256:819a069cd69a7e60e9e27d25ecc45
648c9cca2dbf224856745be5cd27a586358_arm64:
openshift4/ose-cloud-credential-operator@sha256:819a069cd69a7e60e9e27d25ecc45648
c9cca2dbf224856745be5cd27a586358_arm64.rpm

14:openshift4/ose-cloud-credential-operator@sha256:fae618466660ee22e5e79c3f434d3
f91bf589201dff6e2b65236f700e8021c41_amd64:
openshift4/ose-cloud-credential-operator@sha256:fae618466660ee22e5e79c3f434d3f91
bf589201dff6e2b65236f700e8021c41_amd64.rpm

14:openshift4/ose-cluster-machine-approver@sha256:7fbc684130d3167f7c7ffcdedc6a68
9b771b2c877e7e0f6de0f069be48e5f28c_s390x:
openshift4/ose-cluster-machine-approver@sha256:7fbc684130d3167f7c7ffcdedc6a689b7
71b2c877e7e0f6de0f069be48e5f28c_s390x.rpm

14:openshift4/ose-cluster-machine-approver@sha256:900f4859257659f4edcbc7fd162cf6
3ea1fd842a92c7d42d942178d43d379dd4_arm64:
openshift4/ose-cluster-machine-approver@sha256:900f4859257659f4edcbc7fd162cf63ea
1fd842a92c7d42d942178d43d379dd4_arm64.rpm

14:openshift4/ose-cluster-machine-approver@sha256:b10af2df852f81b391898c2318cf66
426aa64ba2930abfd49555b9722cb6125a_amd64:
openshift4/ose-cluster-machine-approver@sha256:b10af2df852f81b391898c2318cf66426
aa64ba2930abfd49555b9722cb6125a_amd64.rpm

14:openshift4/ose-cluster-machine-approver@sha256:c016ce76a990bf38c387ce52730e3c
fc34e5f739ad5389816cdf9ff11278ed97_ppc64le:
openshift4/ose-cluster-machine-approver@sha256:c016ce76a990bf38c387ce52730e3cfc3
4e5f739ad5389816cdf9ff11278ed97_ppc64le.rpm

14:openshift4/ose-cluster-olm-operator-rhel8@sha256:9a07d7c5d06ba4adaa0a7889d230
25aa63c46f6c5056129017172e8589f7ee5a_arm64:
openshift4/ose-cluster-olm-operator-rhel8@sha256:9a07d7c5d06ba4adaa0a7889d23025a
a63c46f6c5056129017172e8589f7ee5a_arm64.rpm

14:openshift4/ose-cluster-olm-operator-rhel8@sha256:c208dbb5014ad7988e4b139c259c
63693fd247a5eb6202666434645551461d86_amd64:
openshift4/ose-cluster-olm-operator-rhel8@sha256:c208dbb5014ad7988e4b139c259c636
93fd247a5eb6202666434645551461d86_amd64.rpm

14:openshift4/ose-cluster-olm-operator-rhel8@sha256:d80338391a783a1f831746b6905a
d8558b9f671c8b898bc56a141d5bd84480fe_s390x:
openshift4/ose-cluster-olm-operator-rhel8@sha256:d80338391a783a1f831746b6905ad85
58b9f671c8b898bc56a141d5bd84480fe_s390x.rpm

14:openshift4/ose-cluster-olm-operator-rhel8@sha256:ea821cd31b9cea6048613fb6134a
f6b20c38893338c86e4effa43a98e342f38d_ppc64le:
openshift4/ose-cluster-olm-operator-rhel8@sha256:ea821cd31b9cea6048613fb6134af6b
20c38893338c86e4effa43a98e342f38d_ppc64le.rpm

14:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:2911f8a22
cca9c18347455dd4f55442e4f85a41f5d7adb286e4029c004295d97_s390x:
openshift4/ose-cluster-openshift-controller-manager-operator@sha256:2911f8a22cca
9c18347455dd4f55442e4f85a41f5d7adb286e4029c004295d97_s390x.rpm

14:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:449ea5ef5
a4e1a333da25f4c877130e001ff95d45f5de3aba0e9730a6265406b_amd64:
openshift4/ose-cluster-openshift-controller-manager-operator@sha256:449ea5ef5a4e
1a333da25f4c877130e001ff95d45f5de3aba0e9730a6265406b_amd64.rpm

14:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:a274d2123
b7e0067cacf804102f814fbc4254f3ee46f419e26f48bd3b7af8346_arm64:
openshift4/ose-cluster-openshift-controller-manager-operator@sha256:a274d2123b7e
0067cacf804102f814fbc4254f3ee46f419e26f48bd3b7af8346_arm64.rpm

14:openshift4/ose-cluster-openshift-controller-manager-operator@sha256:b74803843
22a8cdffac683a5d2956d673749090278b152236961012d7895e335_ppc64le:
openshift4/ose-cluster-openshift-controller-manager-operator@sha256:b7480384322a
8cdffac683a5d2956d673749090278b152236961012d7895e335_ppc64le.rpm

14:openshift4/ose-cluster-storage-operator@sha256:484a3b8494e1f4a344ab26ef2a676c
8fc63724e026fdbed3a73b77cc05b90cec_s390x:
openshift4/ose-cluster-storage-operator@sha256:484a3b8494e1f4a344ab26ef2a676c8fc
63724e026fdbed3a73b77cc05b90cec_s390x.rpm

14:openshift4/ose-cluster-storage-operator@sha256:72d8357a182c757948a5f3ee3b0513
f631c2adf69f1c992ba9c0d7b6ec606eca_arm64:
openshift4/ose-cluster-storage-operator@sha256:72d8357a182c757948a5f3ee3b0513f63
1c2adf69f1c992ba9c0d7b6ec606eca_arm64.rpm

14:openshift4/ose-cluster-storage-operator@sha256:af10a7dada886e36002107128cb705
da708f08860e3eb947f8cce80a69f81ed3_ppc64le:
openshift4/ose-cluster-storage-operator@sha256:af10a7dada886e36002107128cb705da7
08f08860e3eb947f8cce80a69f81ed3_ppc64le.rpm

14:openshift4/ose-cluster-storage-operator@sha256:db0381f98430fb5c0f220ad8efbb1d
ee33f8b95df335e0546215e5ba2eada230_amd64:
openshift4/ose-cluster-storage-operator@sha256:db0381f98430fb5c0f220ad8efbb1dee3
3f8b95df335e0546215e5ba2eada230_amd64.rpm

14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:25bafdb6d14dd135b1d5f5
fbb1baabf46b136fff3c45ccf11a9d00e821ea9d6e_amd64:
openshift4/ose-csi-driver-manila-rhel8-operator@sha256:25bafdb6d14dd135b1d5f5fbb
1baabf46b136fff3c45ccf11a9d00e821ea9d6e_amd64.rpm

14:openshift4/ose-csi-driver-manila-rhel8-operator@sha256:dcc8a782bbd03e2b35dfeb
afd85d9e336d24125f17a4299f4359217901bc9c2c_ppc64le:
openshift4/ose-csi-driver-manila-rhel8-operator@sha256:dcc8a782bbd03e2b35dfebafd
85d9e336d24125f17a4299f4359217901bc9c2c_ppc64le.rpm

14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:281ee21303f15
99576ee5d0a6fefcc0614dbbdad482494cff2da2a4ddf909fd4_s390x:
openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:281ee21303f15995
76ee5d0a6fefcc0614dbbdad482494cff2da2a4ddf909fd4_s390x.rpm

14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:2a319018a950c
dacb45e8e20600d15f55351d233b42fc546a305e83ad9ce6c0e_amd64:
openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:2a319018a950cdac
b45e8e20600d15f55351d233b42fc546a305e83ad9ce6c0e_amd64.rpm

14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:6269a0486b760
ac10bedce0b26ad195afae2cf55722def84e29ea84f28d8664a_ppc64le:
openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:6269a0486b760ac1
0bedce0b26ad195afae2cf55722def84e29ea84f28d8664a_ppc64le.rpm

14:openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:7e99665eede82
5a66d181ddb7c213fd6935719d71af825a1a8803b3f259007e3_arm64:
openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:7e99665eede825a6
6d181ddb7c213fd6935719d71af825a1a8803b3f259007e3_arm64.rpm

14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:1da28c45c8493d6c7f1fb7
26fcb883df9d4df64ad4f2d298892fe9696eb8a639_arm64:
openshift4/ose-csi-driver-shared-resource-rhel8@sha256:1da28c45c8493d6c7f1fb726f
cb883df9d4df64ad4f2d298892fe9696eb8a639_arm64.rpm

14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:213d6bedae130a35272ef2
a07b0c9aa4c8c0b20fe2981c51909b94f81e808842_s390x:
openshift4/ose-csi-driver-shared-resource-rhel8@sha256:213d6bedae130a35272ef2a07
b0c9aa4c8c0b20fe2981c51909b94f81e808842_s390x.rpm

14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:7a5bc7864da955b0811c8b
3da0e00b3487caa00afeaaa9195e1e0de31a4f0b60_amd64:
openshift4/ose-csi-driver-shared-resource-rhel8@sha256:7a5bc7864da955b0811c8b3da
0e00b3487caa00afeaaa9195e1e0de31a4f0b60_amd64.rpm

14:openshift4/ose-csi-driver-shared-resource-rhel8@sha256:8f4d43e57376d5ed9450ab
b384b51474d14c6a298b654819d56f081dba4f4a71_ppc64le:
openshift4/ose-csi-driver-shared-resource-rhel8@sha256:8f4d43e57376d5ed9450abb38
4b51474d14c6a298b654819d56f081dba4f4a71_ppc64le.rpm

14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:727b3801c58418
900b4489439a83f68cab83cecf8a5ed5a09b77f1a353dccc3c_s390x:
openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:727b3801c58418900
b4489439a83f68cab83cecf8a5ed5a09b77f1a353dccc3c_s390x.rpm

14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:a551850f4b1738
ec67c0d8aaa6fc2088f6e1d0c06427ce6ef516314076243e80_arm64:
openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:a551850f4b1738ec6
7c0d8aaa6fc2088f6e1d0c06427ce6ef516314076243e80_arm64.rpm

14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:dbd5138f80b135
10a6ad250f6eb600e0cd9f4fd261e8902a19b098a358a1127e_ppc64le:
openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:dbd5138f80b13510a
6ad250f6eb600e0cd9f4fd261e8902a19b098a358a1127e_ppc64le.rpm

14:openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:f34e7f27b0184d
55df51fc3bac4a3a3d3b266568d6e819f485d1d63e061c156b_amd64:
openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:f34e7f27b0184d55d
f51fc3bac4a3a3d3b266568d6e819f485d1d63e061c156b_amd64.rpm

14:openshift4/ose-docker-builder@sha256:5654a4ee244d463cc9d75ff6fc2fe69b587752ae
36bcc01b6c60141a7c557785_s390x:
openshift4/ose-docker-builder@sha256:5654a4ee244d463cc9d75ff6fc2fe69b587752ae36b
cc01b6c60141a7c557785_s390x.rpm

14:openshift4/ose-docker-builder@sha256:6001d0d2d7045cb3bad502aa98e2e956e4f73621
b23d1d41e9db49c12c34a86c_arm64:
openshift4/ose-docker-builder@sha256:6001d0d2d7045cb3bad502aa98e2e956e4f73621b23
d1d41e9db49c12c34a86c_arm64.rpm

14:openshift4/ose-docker-builder@sha256:f053c7248211c17af364de7e567bd619abb28646
3915af9f7acdb1d6ea0525ed_ppc64le:
openshift4/ose-docker-builder@sha256:f053c7248211c17af364de7e567bd619abb28646391
5af9f7acdb1d6ea0525ed_ppc64le.rpm

14:openshift4/ose-docker-builder@sha256:f52635c2d191359d7d328542618092f677a0fa8b
c357d6f1ab0b75a341fbdb0c_amd64:
openshift4/ose-docker-builder@sha256:f52635c2d191359d7d328542618092f677a0fa8bc35
7d6f1ab0b75a341fbdb0c_amd64.rpm

14:openshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:01901fb39370d3c61e2fea
199c9fbcf32793825dc94d6c1a2bf277e96626cbb2_arm64:
openshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:01901fb39370d3c61e2fea199
c9fbcf32793825dc94d6c1a2bf277e96626cbb2_arm64.rpm

14:openshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:15021374cb8366b34aa8e5
0afccd6d5de2ca8be23ba0947c6790fd1e9c561f5a_ppc64le:
openshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:15021374cb8366b34aa8e50af
ccd6d5de2ca8be23ba0947c6790fd1e9c561f5a_ppc64le.rpm

14:openshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:791d60cd6ea7d7ea7514ae
bbb31031c3fd27115e1a73dcff144fca7dfcb49c8f_amd64:
openshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:791d60cd6ea7d7ea7514aebbb
31031c3fd27115e1a73dcff144fca7dfcb49c8f_amd64.rpm

14:openshift4/ose-hypershift-rhel8@sha256:1238409c7503390b1b262e8f03512a920bd693
6c93c7a00ced0631079067a72a_amd64:
openshift4/ose-hypershift-rhel8@sha256:1238409c7503390b1b262e8f03512a920bd6936c9
3c7a00ced0631079067a72a_amd64.rpm

14:openshift4/ose-hypershift-rhel8@sha256:b3862632def25374ff8bae43b52b1afdd758cb
b862959b719c6654e1707feb20_arm64:
openshift4/ose-hypershift-rhel8@sha256:b3862632def25374ff8bae43b52b1afdd758cbb86
2959b719c6654e1707feb20_arm64.rpm

14:openshift4/ose-hypershift-rhel8@sha256:b58354f9e660a56fe7f063c5dde21def1e2ece
254dfcd68c42bdb02f9d6e1bb2_s390x:
openshift4/ose-hypershift-rhel8@sha256:b58354f9e660a56fe7f063c5dde21def1e2ece254
dfcd68c42bdb02f9d6e1bb2_s390x.rpm

14:openshift4/ose-hypershift-rhel8@sha256:f3db0686714999f28feab6f575a018ae92a221
763eab40a43f1eefe514f2e6b5_ppc64le:
openshift4/ose-hypershift-rhel8@sha256:f3db0686714999f28feab6f575a018ae92a221763
eab40a43f1eefe514f2e6b5_ppc64le.rpm

14:openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8@sha256:0ce1290358383a8
dabda220eb4abfe70e6104984984befd18dedb14dc764ba66_s390x:
openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8@sha256:0ce1290358383a8dab
da220eb4abfe70e6104984984befd18dedb14dc764ba66_s390x.rpm

14:openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8@sha256:3f96e6043c53e7e
cdabe381c0a547e7dda69e5bb3b917051ee8d376acdd78a4c_amd64:
openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8@sha256:3f96e6043c53e7ecda
be381c0a547e7dda69e5bb3b917051ee8d376acdd78a4c_amd64.rpm

14:openshift4/ose-machine-api-operator@sha256:38d879f8c691801b31694734c452a5d9c7
2d1c71ed98a06ad2364be8e0c7ae11_s390x:
openshift4/ose-machine-api-operator@sha256:38d879f8c691801b31694734c452a5d9c72d1
c71ed98a06ad2364be8e0c7ae11_s390x.rpm

14:openshift4/ose-machine-api-operator@sha256:72a45a8478be18417a23d0eeae441d876d
6c4c6f10afadfdc4195c822c43d6e9_amd64:
openshift4/ose-machine-api-operator@sha256:72a45a8478be18417a23d0eeae441d876d6c4
c6f10afadfdc4195c822c43d6e9_amd64.rpm

14:openshift4/ose-machine-api-operator@sha256:e81355759a79e21b4759d6502e4c0e159d
d8e83cc0afab662f58c48c878ed6e3_ppc64le:
openshift4/ose-machine-api-operator@sha256:e81355759a79e21b4759d6502e4c0e159dd8e
83cc0afab662f58c48c878ed6e3_ppc64le.rpm

14:openshift4/ose-machine-api-operator@sha256:fcc2afe06b860a7384b2573f8ef4eb1721
46bfe62bf1a57e09f097e6447be17e_arm64:
openshift4/ose-machine-api-operator@sha256:fcc2afe06b860a7384b2573f8ef4eb172146b
fe62bf1a57e09f097e6447be17e_arm64.rpm

14:openshift4/ose-machine-api-provider-azure-rhel8@sha256:7e3c1951531e7437ba57ce
27b35803e0dd78f7619ed3f05513fc147c01aa622f_arm64:
openshift4/ose-machine-api-provider-azure-rhel8@sha256:7e3c1951531e7437ba57ce27b
35803e0dd78f7619ed3f05513fc147c01aa622f_arm64.rpm

14:openshift4/ose-machine-api-provider-azure-rhel8@sha256:ec2f12f8a879ded7302865
200ec36611a038e08996d2b7b4ace364efc3e8590b_amd64:
openshift4/ose-machine-api-provider-azure-rhel8@sha256:ec2f12f8a879ded7302865200
ec36611a038e08996d2b7b4ace364efc3e8590b_amd64.rpm

14:openshift4/ose-machine-config-operator@sha256:52debee18389b1547c7b230b067e2e4
6413d03aeff34fa857f0078a6ad43180d_s390x:
openshift4/ose-machine-config-operator@sha256:52debee18389b1547c7b230b067e2e4641
3d03aeff34fa857f0078a6ad43180d_s390x.rpm

14:openshift4/ose-machine-config-operator@sha256:7e6cf64ac26dae2089acf2aedcf2395
a64b54ffa8e2d4820e5287be070e55301_ppc64le:
openshift4/ose-machine-config-operator@sha256:7e6cf64ac26dae2089acf2aedcf2395a64
b54ffa8e2d4820e5287be070e55301_ppc64le.rpm

14:openshift4/ose-machine-config-operator@sha256:98007d050a6f6108ef102383f77ea43
b6d89c8a73e2d921a13dd7111833575be_amd64:
openshift4/ose-machine-config-operator@sha256:98007d050a6f6108ef102383f77ea43b6d
89c8a73e2d921a13dd7111833575be_amd64.rpm

14:openshift4/ose-machine-config-operator@sha256:9e19c0d439935ea5dc414b4acddfe55
453def48c7b19380b2fc738052b0ee5c6_arm64:
openshift4/ose-machine-config-operator@sha256:9e19c0d439935ea5dc414b4acddfe55453
def48c7b19380b2fc738052b0ee5c6_arm64.rpm

14:openshift4/ose-olm-rukpak-rhel8@sha256:641238eb6dd892a0914419c0b0a471315265ca
ce7c5dbc464a9c30b423fbe157_s390x:
openshift4/ose-olm-rukpak-rhel8@sha256:641238eb6dd892a0914419c0b0a471315265cace7
c5dbc464a9c30b423fbe157_s390x.rpm

14:openshift4/ose-olm-rukpak-rhel8@sha256:83c02c5ef6b675cc9c19ff3227c36b463d7060
7873200bf9a33165b21986f895_ppc64le:
openshift4/ose-olm-rukpak-rhel8@sha256:83c02c5ef6b675cc9c19ff3227c36b463d7060787
3200bf9a33165b21986f895_ppc64le.rpm

14:openshift4/ose-olm-rukpak-rhel8@sha256:9fef2730ce862c6a192d1fe848a9fd5e53b086
27d08a9449d52c82d559693b09_arm64:
openshift4/ose-olm-rukpak-rhel8@sha256:9fef2730ce862c6a192d1fe848a9fd5e53b08627d
08a9449d52c82d559693b09_arm64.rpm

14:openshift4/ose-olm-rukpak-rhel8@sha256:ca0e836bc238a40f9cfa39aa59ef23782d535d
e2b901adecc3c5761fd30dac72_amd64:
openshift4/ose-olm-rukpak-rhel8@sha256:ca0e836bc238a40f9cfa39aa59ef23782d535de2b
901adecc3c5761fd30dac72_amd64.rpm

14:openshift4/ose-openshift-controller-manager-rhel8@sha256:1a17af176804a44433c4
ddeb73c5bbce87656c37f259834ba2ea960959631cce_ppc64le:
openshift4/ose-openshift-controller-manager-rhel8@sha256:1a17af176804a44433c4dde
b73c5bbce87656c37f259834ba2ea960959631cce_ppc64le.rpm

14:openshift4/ose-openshift-controller-manager-rhel8@sha256:83ee4ca19d3c9c3e2b81
86680ca1d60d8c5885f9b1e259213e24bff438abc3ff_amd64:
openshift4/ose-openshift-controller-manager-rhel8@sha256:83ee4ca19d3c9c3e2b81866
80ca1d60d8c5885f9b1e259213e24bff438abc3ff_amd64.rpm

14:openshift4/ose-openshift-controller-manager-rhel8@sha256:edb2615c58db46631707
ad3d0020e0e4c39b31b3a81d115420ed12d7b622179e_s390x:
openshift4/ose-openshift-controller-manager-rhel8@sha256:edb2615c58db46631707ad3
d0020e0e4c39b31b3a81d115420ed12d7b622179e_s390x.rpm

14:openshift4/ose-openshift-controller-manager-rhel8@sha256:ff60a763ad85c8e2f7c1
844e072dd7c1d17d638fcddd8aa5021095eee5f8e355_arm64:
openshift4/ose-openshift-controller-manager-rhel8@sha256:ff60a763ad85c8e2f7c1844
e072dd7c1d17d638fcddd8aa5021095eee5f8e355_arm64.rpm

14:openshift4/ose-tests@sha256:3443e518976ebe55fc40e96b94848b3d0d838fa8f4097df3a
e60c3f509ddb293_s390x:
openshift4/ose-tests@sha256:3443e518976ebe55fc40e96b94848b3d0d838fa8f4097df3ae60
c3f509ddb293_s390x.rpm

14:openshift4/ose-tests@sha256:bcf7a14bd4e84854449980344a40de00ff4ae405d802fabdb
ee30a89aee161bd_arm64:
openshift4/ose-tests@sha256:bcf7a14bd4e84854449980344a40de00ff4ae405d802fabdbee3
0a89aee161bd_arm64.rpm

14:openshift4/ose-tests@sha256:f9d02b8cbae05f923be47917d0bf466a97751f6fad935011c
3801e9cd96d4689_amd64:
openshift4/ose-tests@sha256:f9d02b8cbae05f923be47917d0bf466a97751f6fad935011c380
1e9cd96d4689_amd64.rpm

14:openshift4/ose-tests@sha256:fd4a58ec64a4b082b33e71d0c3dd366f748f474caeffe21da
49b2d96eb491bfe_ppc64le:
openshift4/ose-tests@sha256:fd4a58ec64a4b082b33e71d0c3dd366f748f474caeffe21da49b
2d96eb491bfe_ppc64le.rpm

Red Hat OpenShift Container Platform 4.14

14:openshift4/driver-toolkit-rhel9@sha256:05bce6081ebd60260a2dc707855bb4c8c7597d
84dc4cec8bf735a492bff2db9c_arm64:
openshift4/driver-toolkit-rhel9@sha256:05bce6081ebd60260a2dc707855bb4c8c7597d84d
c4cec8bf735a492bff2db9c_arm64.rpm

14:openshift4/driver-toolkit-rhel9@sha256:242a3c6d3736a6827b16cf403eabbf5b12eb5d
d766575a5606b5e48e230bea77_amd64:
openshift4/driver-toolkit-rhel9@sha256:242a3c6d3736a6827b16cf403eabbf5b12eb5dd76
6575a5606b5e48e230bea77_amd64.rpm

14:openshift4/driver-toolkit-rhel9@sha256:cfc7d5dc2069294c860fd779531513c23304e8
a86f73f376016bb048e070b28d_ppc64le:
openshift4/driver-toolkit-rhel9@sha256:cfc7d5dc2069294c860fd779531513c23304e8a86
f73f376016bb048e070b28d_ppc64le.rpm

14:openshift4/driver-toolkit-rhel9@sha256:eb96c150d38135e5828626bbbff07164fa07a0
1a424ee433b5448f55dae5f0ed_s390x:
openshift4/driver-toolkit-rhel9@sha256:eb96c150d38135e5828626bbbff07164fa07a01a4
24ee433b5448f55dae5f0ed_s390x.rpm

14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:1bf91a55df1f89c01954
50219af8890ac8ca49f3da6b2b49fd44e9c7fdfd9ef4_amd64:
openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:1bf91a55df1f89c01954502
19af8890ac8ca49f3da6b2b49fd44e9c7fdfd9ef4_amd64.rpm

14:openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:a73de78411a6ba2c799e
5fdca210395a35752634365df4633f83894e032eaa9b_arm64:
openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:a73de78411a6ba2c799e5fd
ca210395a35752634365df4633f83894e032eaa9b_arm64.rpm

14:openshift4/ose-ironic-rhel9@sha256:b9f2d3b239aaf4e864b362e9684967bff4acafc1d0
9538ec09cc14c98b87fb47_amd64:
openshift4/ose-ironic-rhel9@sha256:b9f2d3b239aaf4e864b362e9684967bff4acafc1d0953
8ec09cc14c98b87fb47_amd64.rpm

14:openshift4/ose-ironic-rhel9@sha256:eedacea88e2faac732dad373c9f817e5fc462670d7
0e6d72040bc75d169db317_arm64:
openshift4/ose-ironic-rhel9@sha256:eedacea88e2faac732dad373c9f817e5fc462670d70e6
d72040bc75d169db317_arm64.rpm

14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:02d1326daa93e359787adfd
b2cbea7ce863e9adea88d31ba3f5c375de1f82036_amd64:
openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:02d1326daa93e359787adfdb2c
bea7ce863e9adea88d31ba3f5c375de1f82036_amd64.rpm

14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:16082622ef96fd52fa96d3a
665d0a69e0f5593a5da0a250628bac215238b8d7a_arm64:
openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:16082622ef96fd52fa96d3a665
d0a69e0f5593a5da0a250628bac215238b8d7a_arm64.rpm

14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:50e8ae10e81d3a31940b7f0
9249185158ca79aa36445f650f9793c74f89e5925_ppc64le:
openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:50e8ae10e81d3a31940b7f0924
9185158ca79aa36445f650f9793c74f89e5925_ppc64le.rpm

14:openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6383597fedc8078207083d3
bf635c318385c8d75d6f32d4d77efd7f25511871c_s390x:
openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:6383597fedc8078207083d3bf6
35c318385c8d75d6f32d4d77efd7f25511871c_s390x.rpm

14:openshift4/ose-ovn-kubernetes-rhel9@sha256:af1e6bc335def679ce1309279742a8da44
ee6d4608324af6a9b45ed260985794_arm64:
openshift4/ose-ovn-kubernetes-rhel9@sha256:af1e6bc335def679ce1309279742a8da44ee6
d4608324af6a9b45ed260985794_arm64.rpm

14:openshift4/ose-ovn-kubernetes-rhel9@sha256:dca8367f6c205cacb47c47d774579fd396
d9213ab7b0faeb8d4a26eef71628ab_s390x:
openshift4/ose-ovn-kubernetes-rhel9@sha256:dca8367f6c205cacb47c47d774579fd396d92
13ab7b0faeb8d4a26eef71628ab_s390x.rpm

14:openshift4/ose-ovn-kubernetes-rhel9@sha256:f9302c40944a749077ea44c822090a7b7f
c24c0ea782f8ecc6319bc933f9de75_ppc64le:
openshift4/ose-ovn-kubernetes-rhel9@sha256:f9302c40944a749077ea44c822090a7b7fc24
c0ea782f8ecc6319bc933f9de75_ppc64le.rpm

14:openshift4/ose-ovn-kubernetes-rhel9@sha256:fd9ffb706bebb2b87e4ed4b21c9d4c3d88
18133d6e90027ddee1cc524a15e1fc_amd64:
openshift4/ose-ovn-kubernetes-rhel9@sha256:fd9ffb706bebb2b87e4ed4b21c9d4c3d88181
33d6e90027ddee1cc524a15e1fc_amd64.rpm

14:openshift4/ose-ovn-kubernetes@sha256:af1e6bc335def679ce1309279742a8da44ee6d46
08324af6a9b45ed260985794_arm64:
openshift4/ose-ovn-kubernetes@sha256:af1e6bc335def679ce1309279742a8da44ee6d46083
24af6a9b45ed260985794_arm64.rpm

14:openshift4/ose-ovn-kubernetes@sha256:dca8367f6c205cacb47c47d774579fd396d9213a
b7b0faeb8d4a26eef71628ab_s390x:
openshift4/ose-ovn-kubernetes@sha256:dca8367f6c205cacb47c47d774579fd396d9213ab7b
0faeb8d4a26eef71628ab_s390x.rpm

14:openshift4/ose-ovn-kubernetes@sha256:f9302c40944a749077ea44c822090a7b7fc24c0e
a782f8ecc6319bc933f9de75_ppc64le:
openshift4/ose-ovn-kubernetes@sha256:f9302c40944a749077ea44c822090a7b7fc24c0ea78
2f8ecc6319bc933f9de75_ppc64le.rpm

14:openshift4/ose-ovn-kubernetes@sha256:fd9ffb706bebb2b87e4ed4b21c9d4c3d8818133d
6e90027ddee1cc524a15e1fc_amd64:
openshift4/ose-ovn-kubernetes@sha256:fd9ffb706bebb2b87e4ed4b21c9d4c3d8818133d6e9
0027ddee1cc524a15e1fc_amd64.rpm

7. References:

https://access.redhat.com/security/cve/CVE-2022-21708
https://access.redhat.com/security/cve/CVE-2023-49568
https://access.redhat.com/security/cve/CVE-2023-49569
https://access.redhat.com/security/updates/classification/#critical

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/

iQIVAwUBZcwuqckNZI30y1K9AQjnNA/+L41xSNW3JuZLk6/s5GcggFcnoervL7sx
2HMTT9KX8BWL/FKU/OmeEqUTcqmAGHEoygJwZNTLdj/TWXtmy1A//ZNgyQQoVo3N
Kkc7OYb0nsSzfSzZ5pa1YY0V64w53hPEgcV+xTQV3eLo4F5MRCWHKCLcMYl0OfEA
wIeP/29dSENA3uYvEh7NJG1Xdz2ZA984Cm9p+CbdFB1o986dXRlZ85mO86y3jgKz
ZMS1D1yYMVIxLO2w6YQWcF2vUquqbcve8+N5MwtTn07Z8OyCy8Pw3q+B2XTZsedm
F+SAYZQ7k5LS2sHln6DxK5V3jWNOU9z4ZJDF36OBLWfXo5YUROnPsrXcjmRKwOma
2IeW3cTG4rT1XmbtUSHPi8SvwN9YPCUe4t51FakASUZ0H08hXMSGvbCUQRF98yzd
JQnGdvW8Z0CFxH9Sf4qX2J6FhiiNwvhPYBXn8s7pJakqovSUqSYuAG/njhXT06d8
b42qbpbneZlv5C2+SrAsWzffxTNXBI8WENjOf2ufjcjTYD5h1kt7bBKO+zQo/yPk
6AJWjOpODxlTk//oPdEryyfhDXuIN8+IFXABjJT2tZlMjL6KxG2IfoIbQv/N01M+
dc01xEVVO/oRzp/vV0SfthkdyUOzkR/FOUuMbPqW1bc0QlMOQkl4mcd4SUTw20on
9ALjdazjdZE=
=qyj2
-----END PGP SIGNATURE-----