Headline
RHSA-2023:1655: Red Hat Security Advisory: OpenShift Container Platform 4.10.56 security update
Red Hat OpenShift Container Platform release 4.10.56 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-3172: A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This issue leads to the client performing unexpected actions and forwarding the client’s API server credentials to third parties.
- CVE-2022-31690: A flaw was found in the Spring Security framework. Spring Security could allow a remote attacker to gain elevated privileges on the system. By modifying a request initiated by the Client (via the browser) to the Authorization Server, an attacker can gain elevated privileges on the system.
- CVE-2022-31692: A flaw was found in the spring-security framework. Spring Security could allow a remote attacker to bypass security restrictions caused by an issue when using forward or include dispatcher types. By sending a specially-crafted request, an attacker can bypass authorization rules.
- CVE-2022-42889: A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
- CVE-2023-24422: A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
- CVE-2023-27898: A flaw was found in Jenkins. Affected versions of Jenkins do not escape the Jenkins version that a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins in the plugin manager. This issue results in a stored Cross-site scripting (XSS) vulnerability, exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.
- CVE-2023-27899: A flaw was found in Jenkins. Jenkins creates a temporary file when a plugin is uploaded from an administrator’s computer. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is installed in Jenkins, potentially resulting in arbitrary code execution.
- CVE-2023-27903: A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build.
- CVE-2023-27904: A flaw was found in Jenkins. The affected version of Jenkins prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers.
Issued:
2023-04-12
Updated:
2023-04-12
RHSA-2023:1655 - Security Advisory
- Overview
- Updated Packages
Synopsis
Critical: OpenShift Container Platform 4.10.56 security update
Type/Severity
Security Advisory: Critical
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
Red Hat OpenShift Container Platform release 4.10.56 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.10.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.56. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2023:1656
Security Fix(es):
- apache-commons-text: variable interpolation RCE (CVE-2022-42889)
- spring-security-oauth2-client: Privilege Escalation in spring-security-oauth2-client (CVE-2022-31690)
- spring-security: Authorization rules can be bypassed via forward or include dispatcher types in Spring Security (CVE-2022-31692)
- jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)
- Jenkins: XSS vulnerability in plugin manager (CVE-2023-27898)
- Jenkins: Temporary plugin file created with insecure permissions (CVE-2023-27899)
- kube-apiserver: Aggregated API server can cause clients to be redirected (SSRF) (CVE-2022-3172)
- Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)
- Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform 4.10 for RHEL 7 x86_64
- Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
- Red Hat OpenShift Container Platform for ARM 64 4.10 aarch64
Fixes
- BZ - 2127804 - CVE-2022-3172 kube-apiserver: Aggregated API server can cause clients to be redirected (SSRF)
- BZ - 2135435 - CVE-2022-42889 apache-commons-text: variable interpolation RCE
- BZ - 2162200 - CVE-2022-31690 spring-security-oauth2-client: Privilege Escalation in spring-security-oauth2-client
- BZ - 2162206 - CVE-2022-31692 spring-security: Authorization rules can be bypassed via forward or include dispatcher types in Spring Security
- BZ - 2164278 - CVE-2023-24422 jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin
- BZ - 2177626 - CVE-2023-27899 Jenkins: Temporary plugin file created with insecure permissions
- BZ - 2177629 - CVE-2023-27898 Jenkins: XSS vulnerability in plugin manager
- BZ - 2177632 - CVE-2023-27903 Jenkins: Temporary file parameter created with insecure permissions
- BZ - 2177634 - CVE-2023-27904 Jenkins: Information disclosure through error stack traces related to agents
CVEs
- CVE-2022-3172
- CVE-2022-31690
- CVE-2022-31692
- CVE-2022-42889
- CVE-2023-24422
- CVE-2023-27898
- CVE-2023-27899
- CVE-2023-27903
- CVE-2023-27904
References
- https://access.redhat.com/security/updates/classification/#critical
- https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html
Red Hat OpenShift Container Platform 4.10 for RHEL 8
SRPM
cri-o-1.23.5-8.rhaos4.10.gitcc8441d.el8.src.rpm
SHA-256: 03643fc538398dce14386919ee24b02aeb9a270ad9997d45aff88b86d80507b2
haproxy-2.2.19-4.el8.src.rpm
SHA-256: deb173329f41c2e248ed0546ebede5efc5a4726b8dbf5dce6c7364b0459a99f9
jenkins-2-plugins-4.10.1680703106-1.el8.src.rpm
SHA-256: f45a8096055b5cc2f0acb9e3d9ecd15262f8ac9ed8878693e601f7b4c97c97b8
jenkins-2.387.1.1680701869-1.el8.src.rpm
SHA-256: b2bc0dbcf397f9228e287373c057fc9bd005d87ad5416e85f9988f4fde3bd366
kernel-4.18.0-305.85.1.el8_4.src.rpm
SHA-256: dd8e3b4460e6300ad73b5029e6f9f37cbfb0a989c482b26f5dc6a36993fb2da4
kernel-rt-4.18.0-305.85.1.rt7.157.el8_4.src.rpm
SHA-256: c41b2cf6892a4c2d8bdcfdaca35163ed0f4641c6e0de9d33437941d7024a38c4
openshift-4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src.rpm
SHA-256: 254d7f555a85c8d70eda8c24b356aec7dedb02493c92de62b3b7b6b687051453
openshift-clients-4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src.rpm
SHA-256: d66d725b2ac1261afaed9f3115016f90bf8547ca9b29b9f794fdda3b4e85dd52
toolbox-0.0.9-1.rhaos4.10.el8.src.rpm
SHA-256: 8998ee66121f3e44a300f70b070040fefd2040b3fc981969f766df99d8dc8856
x86_64
bpftool-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 4393b1f51e9ada30bf0ab8ef681b655da41882e100df8c6e433d787f5c07ab88
bpftool-debuginfo-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 6b5803887ae7d515b0dda3ccc7b8b1b66f7f4c1e243142d7c35898f03f65103b
cri-o-1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64.rpm
SHA-256: 940ddf4ab89396aff99a802535d270a96031284478f39eb524fafdf19e98526e
cri-o-debuginfo-1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64.rpm
SHA-256: 19db2a842be6a071b63f726ff89892588f900a81f7ea352ae0656cc8cb2789be
cri-o-debugsource-1.23.5-8.rhaos4.10.gitcc8441d.el8.x86_64.rpm
SHA-256: 284801b17510605f7eebfc19c624bc9d0244d58b5390d308b66db09eb98dfff5
haproxy-debugsource-2.2.19-4.el8.x86_64.rpm
SHA-256: a72af94d47289914cad52882a41bd73227babeb6c06bea1ae210f0f2ab46b025
haproxy22-2.2.19-4.el8.x86_64.rpm
SHA-256: bf64c61e6c4759bc143fa5afd17650d8a13bd64031926afb95fbc966c063358e
haproxy22-debuginfo-2.2.19-4.el8.x86_64.rpm
SHA-256: e111a06822646b0a9a6286bd30beda183212901a685e94adf1445b3aacee9485
jenkins-2-plugins-4.10.1680703106-1.el8.noarch.rpm
SHA-256: 4fea95f2ded7d46dda489564024d80aac760e7190bdc67bd2d43ab4ee8a0c81d
jenkins-2.387.1.1680701869-1.el8.noarch.rpm
SHA-256: 360dc982d0e83be251207c0bf6f5f9067e740365ccdf45d71e02a77b733caadc
kernel-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 31896ef8de7093a4942be65cb6116b413f4d1254376ed1b7f02c5509cd6da5c6
kernel-core-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: f957d6b60a36cd40427949ee8f0adc82befc2d1afdc5422d5e7baf0cf365fe8f
kernel-cross-headers-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: c1ef48abe851a87587c17d52edcff83bccc6bff4ed1efbca1e6ae88326d60e79
kernel-debug-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 7bc81b8f68155dbc9eaed65b5bc456399d5ed967a4423d021bef9ff47141600a
kernel-debug-core-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 766cf336ca70a8f9c952b870e8efab1230ddce0f735639e8f143230a1acdb9b6
kernel-debug-debuginfo-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 1d4f125490ac847397489eca0b5c83b400fdac53b325190e226139ce3d6d1fa5
kernel-debug-devel-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 4360db4b7a6f7dbd4faf81f04e1a874c26e9dc622ceb4cc1984d049b7de55d70
kernel-debug-modules-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: f798505ed0e08900154d0acf7d0fbcde76b892303be943197ba5d0c7ca463b7c
kernel-debug-modules-extra-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 9a18521c51a7c10e746ac65aeec81280328f9b2a9d01977daf5cf024190de55a
kernel-debug-modules-internal-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 592828a1ec96ac875b6083697b00e61bdd4804a6f91d35c39750d35732feaff7
kernel-debuginfo-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: ef3550e197bab75700dcc794aa629e6c61a7bba783fbac76e8ac57fa550a23cb
kernel-debuginfo-common-x86_64-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: ffd8beb836b577a55718cddf304a5cc2ead155d96a74e5161e8f26306686e9d9
kernel-devel-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 7801c77182e6f150e74dfcdfce3d2c251a0f1a74cbad31711107529032c3b55e
kernel-doc-4.18.0-305.85.1.el8_4.noarch.rpm
SHA-256: 68556baa1037c9a0ed7296cbcd7b339657aa2c56c8632e97de6f2ab8e9f61a63
kernel-headers-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 53d8522e7ba6b7fd41a98c901381626254447230989673d9f4e22c77ebb50841
kernel-ipaclones-internal-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 1ecd421f758c56f0367fe664731afce6067073f2d4c54f5ad0a7a3f9eae8c5a9
kernel-modules-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 02f058c431f7838036d35a69c98a83a4753ed48fcb630ff3d0971fca12a45cb6
kernel-modules-extra-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 38e79d7cf77011ce9d9bbde947f4314ff605871c048a5e2cc2bc8005ebda2c6d
kernel-modules-internal-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 907045f09915c74c5d0ff3a08c08edd2541944d63b4f3f87840b2fb579539637
kernel-rt-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: c73b2b423bde1768f4ebab2a24109733d304760da33a694b17653c3b401ec43d
kernel-rt-core-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: e1d554f8d6cecce81690c99016306d36c60207a78a463f63a072172ae3b8f96b
kernel-rt-debug-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: e4bb1f24797f8486441ef0709f74eeada595d14d8d9bcba9da2a2aec22343595
kernel-rt-debug-core-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: 0d736aee6465127cee774bb6f9583d780f33ba64e9f1cd0409f20984b66590dc
kernel-rt-debug-debuginfo-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: a5784230bc1f27e8a784df7e6d10252babf29c4d1e2923f033fe4a36ee131b22
kernel-rt-debug-devel-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: 23c68759dca13af83641b73e6a5bda1d7c5aa02ef18b6c85d3582e57acadc87c
kernel-rt-debug-kvm-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: 7e3d08c643be42b575b0ba732e24bf3598545bdd6f5f3c53b6ecca9e3a08ee03
kernel-rt-debug-modules-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: 5715f286c568824b8691d9cd2a86495c2a95afbe258a4902c88a21d878e549d4
kernel-rt-debug-modules-extra-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: eb62518081f9965797f6fe86afaf9ac31c541c634e5fa340798fd82a4eed6781
kernel-rt-debug-modules-internal-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: 85bda09a99d3816be5978427e26d10e74eaba7d5d75895a94dac92f7508f1774
kernel-rt-debuginfo-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: 0ebd6b56149e0e16fdae1b867a5834e782c08895cbd4d3b4064f74668cabd950
kernel-rt-debuginfo-common-x86_64-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: ababd37444e5be0e97ecc58101e3a97b6f01138eb7f95ba3b9c9c8fffe49535e
kernel-rt-devel-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: c854dfc39665f0af28ee1a1a9069c3e63d23c705f4e0a55c19f13de7df1bfebe
kernel-rt-kvm-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: 3a149a7b40d27545aa22f2ccc0c7cfeb05b07f8b0c044653ff41f950fc85bd1b
kernel-rt-modules-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: 08548cc2b3e8a815dd4a71d742a08aa3c76761373a46ed20c83bae44d14cac63
kernel-rt-modules-extra-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: 2c550a3f02f9db959aa8e59f8ec74bcd0b451b5c5c2945ad2311d8723efe3514
kernel-rt-modules-internal-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: bc80ce5ece089a8e74e5cb9cadc7fce7fc27cbe84774c5de995f28310cb3b158
kernel-rt-selftests-internal-4.18.0-305.85.1.rt7.157.el8_4.x86_64.rpm
SHA-256: bfce42a4b02ee3d65d515bcd03132d3e39c5d27a6f9177f65c4f3cad900dd532
kernel-selftests-internal-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: e7a52fb3a8c1af80f5147bf00cbd35992eec1a9aee49c81ea4fdd24acc3ab777
kernel-tools-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: fb7c38da23fe56c01883ed215052c9ac0b0894afae74e082340f38f5564e4c3d
kernel-tools-debuginfo-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 6c1e199776b138f23bf3e680ff55ca81f102d0142369fb43bd9b80b5493c55dd
kernel-tools-libs-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 5eee5f40db86b6ba0357a8ea67cfac56c62c83546e5b590ca25e7a892db62455
kernel-tools-libs-devel-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: ae49d1ea5e5591a9337ca279f04da93c29d53c0760099ffba781fc24186363d8
openshift-clients-4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64.rpm
SHA-256: 93b9eedbb7e5f5585d5f3bb7a6f61fe9e4fed92d155b0c98458f74e9b916d50b
openshift-clients-redistributable-4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.x86_64.rpm
SHA-256: 359ebab2e15d9b75e323513aed15cbe98019dfc581a6b5c06d5dc855de54eaa5
openshift-hyperkube-4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.x86_64.rpm
SHA-256: 2e85e8ee6ecc16cc0a9f2351507903cf69a0e517fece6c50753aa78dd1591972
perf-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: a552fdbdd3d43e1ab11adde1187da868fd574de07b79e7b65e19ca85799c4531
perf-debuginfo-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: c8fea8a894931020f2e3e4f263798f7959686ab3187e173843bb134849716790
python3-perf-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 00144ee92c2bd05e0c38791882aa07d1eeffdae72debe1f58452246cdcda7b35
python3-perf-debuginfo-4.18.0-305.85.1.el8_4.x86_64.rpm
SHA-256: 5d4ad83f2affdc37f5644893d54001fe564a510ce63e7e0c091b99f16288b994
toolbox-0.0.9-1.rhaos4.10.el8.noarch.rpm
SHA-256: 6aeb61cdc1eeaf163c05e3ac648650539a887356c44b74928e8da4e0647fc9d5
Red Hat OpenShift Container Platform 4.10 for RHEL 7
SRPM
cri-o-1.23.5-8.rhaos4.10.gitcc8441d.el7.src.rpm
SHA-256: c8de8d26101106919093f76f79880c95fe4cdb899d0a796d43e2df6a8012c0c1
openshift-4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.src.rpm
SHA-256: c006c051d9e3f3940eeea1502cb784c9a5caaa1f798a6cab4ba8e91cf24e5dc9
openshift-clients-4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.src.rpm
SHA-256: 08cc33d9b335479eb8c277c7a8bf1bf70e32ba4c63e5d4317a1c017f2067c09b
x86_64
cri-o-1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64.rpm
SHA-256: 485585d1e9f899a961c8c32ecacda6e4c6a3a08aa7388b91a01a3a53c7bff631
cri-o-debuginfo-1.23.5-8.rhaos4.10.gitcc8441d.el7.x86_64.rpm
SHA-256: 33300cb3e4ae7037404ce7896f061a6c451ff88716451cc38249226206d70108
openshift-clients-4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64.rpm
SHA-256: 512a82e69110490539dd4389d0d21ac8ba7915f26010009b76f91c982502d088
openshift-clients-redistributable-4.10.0-202304032041.p0.g3a7500d.assembly.stream.el7.x86_64.rpm
SHA-256: e797fc72f8d51ae89db28b033a71323f390a2b302e870aa5782ee29473a44425
openshift-hyperkube-4.10.0-202303221742.p0.g16bcd69.assembly.stream.el7.x86_64.rpm
SHA-256: 4269b48a211c5a41eae310e64784036c9a87d7b4f624b2698db34921c2a4b8b8
Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8
SRPM
cri-o-1.23.5-8.rhaos4.10.gitcc8441d.el8.src.rpm
SHA-256: 03643fc538398dce14386919ee24b02aeb9a270ad9997d45aff88b86d80507b2
haproxy-2.2.19-4.el8.src.rpm
SHA-256: deb173329f41c2e248ed0546ebede5efc5a4726b8dbf5dce6c7364b0459a99f9
jenkins-2-plugins-4.10.1680703106-1.el8.src.rpm
SHA-256: f45a8096055b5cc2f0acb9e3d9ecd15262f8ac9ed8878693e601f7b4c97c97b8
jenkins-2.387.1.1680701869-1.el8.src.rpm
SHA-256: b2bc0dbcf397f9228e287373c057fc9bd005d87ad5416e85f9988f4fde3bd366
kernel-4.18.0-305.85.1.el8_4.src.rpm
SHA-256: dd8e3b4460e6300ad73b5029e6f9f37cbfb0a989c482b26f5dc6a36993fb2da4
openshift-4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src.rpm
SHA-256: 254d7f555a85c8d70eda8c24b356aec7dedb02493c92de62b3b7b6b687051453
openshift-clients-4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src.rpm
SHA-256: d66d725b2ac1261afaed9f3115016f90bf8547ca9b29b9f794fdda3b4e85dd52
toolbox-0.0.9-1.rhaos4.10.el8.src.rpm
SHA-256: 8998ee66121f3e44a300f70b070040fefd2040b3fc981969f766df99d8dc8856
ppc64le
bpftool-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: b05cc742f77b7b4792b7d6816b768cfba223391d7d52869dee6528f21049b4aa
bpftool-debuginfo-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 72ac3681ff58892f849ba9f120f3fae8ebe3955679d2ce0efea2263bd5578625
cri-o-1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le.rpm
SHA-256: 83888a8ee7c878f7a5ae83eb10f679a6c4f77f4901c5c8838d7f5cba6fe1e601
cri-o-debuginfo-1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le.rpm
SHA-256: d835cd4ddda56f2224bea85d7196f987a007cdaf023309b7a3a6b1deff26d4f3
cri-o-debugsource-1.23.5-8.rhaos4.10.gitcc8441d.el8.ppc64le.rpm
SHA-256: 92e27eb3da04dacffe81246697b970b3342f067ba6c8cea73ef9026b8685014b
haproxy-debugsource-2.2.19-4.el8.ppc64le.rpm
SHA-256: 7988e120086f90b071d2ca18a72b946c2e0c1bdc172f64f2fa24636a0c59dde4
haproxy22-2.2.19-4.el8.ppc64le.rpm
SHA-256: 2fc960cf385b15d3e006e66904c76ad66f6e0073cbd0d6650391a618f568b464
haproxy22-debuginfo-2.2.19-4.el8.ppc64le.rpm
SHA-256: a8a2df0f9d5fb7a8e5c03799d15739a217fb0e39b623d0db49f1eb1b61513250
jenkins-2-plugins-4.10.1680703106-1.el8.noarch.rpm
SHA-256: 4fea95f2ded7d46dda489564024d80aac760e7190bdc67bd2d43ab4ee8a0c81d
jenkins-2.387.1.1680701869-1.el8.noarch.rpm
SHA-256: 360dc982d0e83be251207c0bf6f5f9067e740365ccdf45d71e02a77b733caadc
kernel-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 6436f1be7f3585cb4275a9ec94f13c187450e74783dcede6fdff712b26e2ee11
kernel-core-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: a10698a10c3fa2e57985aa75cc38ad0ac1ca981dbb0dd85c3d6ccec9173bc707
kernel-cross-headers-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 1d561b0384174b9295e76e6dfc1b0d861a450ffa616f0ec7d6a2019983f5f6f2
kernel-debug-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 8d2b56de324279151181f49ac848945fbc77eea5ec961b4b418d4d26c8b73d18
kernel-debug-core-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 81a1f39fda7943be4e2a33b481a606717be653885487f1a0c4535664c475e321
kernel-debug-debuginfo-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: fd8f0b8c144ff3e2ece42336177f325d18231580190f7f9cb415a7cc75391ca0
kernel-debug-devel-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 6d13d6a9f529f7f87e297cf30ce494b5a374511119f7b557998fc275f0bcf7db
kernel-debug-modules-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: af1792c525d73c82e023b58ebdefc9965675e8aecdc2a543c615f2e289a8be23
kernel-debug-modules-extra-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: cdc518a6bee758ff948b9ad6c268e219492ed59e13d83fac163f54ecad9a8da4
kernel-debug-modules-internal-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: bcd370b396d1ddb9bc6abd82082251bd21a4c5646a593b90b17146d5790712ef
kernel-debuginfo-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 819f6bf94bbaa0f9ccf9ad64dd501a41990bb981f68623389a25b89223265cc9
kernel-debuginfo-common-ppc64le-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: c05605597b018b93b35f4edcd68e6d62101b5db3de5bd559830ed6f4dc181c04
kernel-devel-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 638036bfac899e96497cf26f606a6a53413dacd2dca6db6b9531b95ff684171f
kernel-doc-4.18.0-305.85.1.el8_4.noarch.rpm
SHA-256: 68556baa1037c9a0ed7296cbcd7b339657aa2c56c8632e97de6f2ab8e9f61a63
kernel-headers-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 59af947a299f19c9dc8d63fb635dfed9a53e1adac0d99f00323f893f94541d6f
kernel-ipaclones-internal-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 5d61d056a5681137420cadd702828f09aa707ef734117dcc58474bdf7eadbfc6
kernel-modules-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: d7fcaa53d7d88f5d1e0a8b14f720136a5b6fefa410702204753b05d0b9ebf23f
kernel-modules-extra-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: c0d5091e334c589495fe865ddd491db70872a50e9b60699d858c53dec79f3fcf
kernel-modules-internal-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: e4546f45eaf9b3b69dd155c01fb972b78e76088240dc8a535a9906dbc523eee9
kernel-selftests-internal-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 3de5de1a0fa08f88561a09c8a3f93d8cef49c4fcb04a84079346cecb7e7505ba
kernel-tools-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 5a3edc93683fe7bce9265f566ee12ba1c1a61ffa36bb0f4fbf9ffbaaae082373
kernel-tools-debuginfo-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 5ff5956ff16ab8504c1f8aab5ed6911cadbbea5f5f1f60cd9d50a9fa07160e3c
kernel-tools-libs-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 0cae1dbbcb86417bc99e636b3e70411e990fe000e0e01b0fe89c953cdd0dc767
kernel-tools-libs-devel-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 290c568e64a8f2394985509460e82642a9dd2d816445889d891afa6a4c086c1b
openshift-clients-4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.ppc64le.rpm
SHA-256: 377286d7a0ee86114932684073a19177df2e6943d6446dfc6e7ccaf8ef73ba95
openshift-hyperkube-4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.ppc64le.rpm
SHA-256: 10c6dc639a7df1a94938bfe5578bf27bc49bb18c98371af3cd81008ca8f639f1
perf-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 1a000f9167cfa4cf37b341fb06ca61a61011fd1b94fe3fdcc48e288229a5894a
perf-debuginfo-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 1ca3ca621b08f9aa8eb0a9ffacabf49c1351dc8c9008c1892ebc023b4f598e70
python3-perf-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: c93d0d605d5eda401a30fe92838237b513f3dcd089b7da0f4204a81b3bcaca9f
python3-perf-debuginfo-4.18.0-305.85.1.el8_4.ppc64le.rpm
SHA-256: 4d2924eb8a283b3211625260e6edb306b491560d543601a23a9d67963de75949
toolbox-0.0.9-1.rhaos4.10.el8.noarch.rpm
SHA-256: 6aeb61cdc1eeaf163c05e3ac648650539a887356c44b74928e8da4e0647fc9d5
Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8
SRPM
cri-o-1.23.5-8.rhaos4.10.gitcc8441d.el8.src.rpm
SHA-256: 03643fc538398dce14386919ee24b02aeb9a270ad9997d45aff88b86d80507b2
haproxy-2.2.19-4.el8.src.rpm
SHA-256: deb173329f41c2e248ed0546ebede5efc5a4726b8dbf5dce6c7364b0459a99f9
jenkins-2-plugins-4.10.1680703106-1.el8.src.rpm
SHA-256: f45a8096055b5cc2f0acb9e3d9ecd15262f8ac9ed8878693e601f7b4c97c97b8
jenkins-2.387.1.1680701869-1.el8.src.rpm
SHA-256: b2bc0dbcf397f9228e287373c057fc9bd005d87ad5416e85f9988f4fde3bd366
kernel-4.18.0-305.85.1.el8_4.src.rpm
SHA-256: dd8e3b4460e6300ad73b5029e6f9f37cbfb0a989c482b26f5dc6a36993fb2da4
openshift-4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src.rpm
SHA-256: 254d7f555a85c8d70eda8c24b356aec7dedb02493c92de62b3b7b6b687051453
openshift-clients-4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src.rpm
SHA-256: d66d725b2ac1261afaed9f3115016f90bf8547ca9b29b9f794fdda3b4e85dd52
toolbox-0.0.9-1.rhaos4.10.el8.src.rpm
SHA-256: 8998ee66121f3e44a300f70b070040fefd2040b3fc981969f766df99d8dc8856
s390x
bpftool-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 4eeef4af488c595832b6b3c2cdc091df5de69eac4715a5f9b792eec79525c190
bpftool-debuginfo-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 1734061d3d5e3f3d466fc62cf8e0cbeabf0066c2792e376dc64cf0438f26dc07
cri-o-1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x.rpm
SHA-256: 551d68d6dec5dccd8cbbdf34479e889e7dec78abf488a90dd8baad8e262075f4
cri-o-debuginfo-1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x.rpm
SHA-256: 9142e3f48949593c131ffb93c0c343cca8bbfd7ac0830d9b63573e58408493d6
cri-o-debugsource-1.23.5-8.rhaos4.10.gitcc8441d.el8.s390x.rpm
SHA-256: 29d3b3e7e20aeb582fd6213996509f95a768e2cbe58e00cbc1a4bd9f1368e5cf
haproxy-debugsource-2.2.19-4.el8.s390x.rpm
SHA-256: b6b87ebbd4521914074fbbaa05ec198b05c500a4a0f4b537dca12b8ec04f6627
haproxy22-2.2.19-4.el8.s390x.rpm
SHA-256: a12c4e80f6f810e3e69b1e5d9c262e0d43424da02d11e3d2426c169b53638b25
haproxy22-debuginfo-2.2.19-4.el8.s390x.rpm
SHA-256: d4c501d509c7fb1d05347aa8545aa73b8ebc1a1630ac97026bd20b33530c8bd2
jenkins-2-plugins-4.10.1680703106-1.el8.noarch.rpm
SHA-256: 4fea95f2ded7d46dda489564024d80aac760e7190bdc67bd2d43ab4ee8a0c81d
jenkins-2.387.1.1680701869-1.el8.noarch.rpm
SHA-256: 360dc982d0e83be251207c0bf6f5f9067e740365ccdf45d71e02a77b733caadc
kernel-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: a9ed2735cf18c9e02cd75b48f3fa2f3c244f1e4f2109bf70cb8fc9e3130e3161
kernel-core-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 056e524179920e0c62611863119bfb11158c529382e10e780373784c3c0ee3b5
kernel-cross-headers-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: f211eef01733485f89a15910896f6cedf2868acfc7be51ae64e4c76cf62b3825
kernel-debug-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: caeac2167323e971edea726b9b0b049e05beffd9ac55a9f7500e0fda5e1149c2
kernel-debug-core-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: fbd334d09c04ecb815231c4aee2c8b171a6203aff9a133a1400fb9926cf3f98b
kernel-debug-debuginfo-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: eaa9ce27b4714d3a3b49c3e955a59e9e785350783cc42be8b6c522b3d94ea8e1
kernel-debug-devel-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 816f50c3d78c928a6b2abbd84faa7820fdb882cfe8056c1b926c16008cbae1ec
kernel-debug-modules-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 6b477dbe2d453615855ad67a218d36c877f0f90ba66dbfc5f9b7f78d508778f4
kernel-debug-modules-extra-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 794312b28aeee700c1c8bcba61f5c5432e13bda3c23a18de411020580f2d92b6
kernel-debug-modules-internal-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 04748b99c2139dafce50bd4655928efcecef60124d34e5a1c3c3117e1d42026a
kernel-debuginfo-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 2a9d3020d98fcb883c66a2919c941adc99c15b00b8850e494c4fc7e8e4755847
kernel-debuginfo-common-s390x-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 6b69a286e21b6ee7e3d518b8439f5537be49a5ba33b989897d3f0452ffca7995
kernel-devel-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: a39b6d639c5dbedddd6359b7f79463a31445f976436db1bcd05b4d661586dcb8
kernel-doc-4.18.0-305.85.1.el8_4.noarch.rpm
SHA-256: 68556baa1037c9a0ed7296cbcd7b339657aa2c56c8632e97de6f2ab8e9f61a63
kernel-headers-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: c3e3d519dc154b91f5236dfe74b274fb6663fd9e1cb67d840733dde21fd46b92
kernel-modules-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: f070d620e5f6b780242a3a4648f4775b4d0c6dc3e39357b243aa3cd8c9a89320
kernel-modules-extra-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 5757db88d5cf94a0ea8dd443796b1b19a64c590e4940f6b6fbbe8daf52537548
kernel-modules-internal-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 85c95fbbb6ddb85d9d657a02595f8c6888b127e5c5c4b0dfff75a51fe2a34800
kernel-selftests-internal-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: d09ac92556ed7edddf82cf9a79f5386ccaabfde05ec360411483e4bdc4d1a27f
kernel-tools-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 7047c44842ff97780e4cf9e4362a8feb88f384fd406af4ac18faeb4c595dec38
kernel-tools-debuginfo-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 9c66a5790618bf046b87120f4ed6bd3513ebeabf1b2a4c2921e88d9b8d13083e
kernel-zfcpdump-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: a9b4553f29cf9098dfc51eacf12ff60862ef7303fb213533053f4d1fefc51f61
kernel-zfcpdump-core-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 432c6c73872c35aee9acdb520e598f7173b9e08945749a219fa84264f018e90f
kernel-zfcpdump-debuginfo-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: c9eb41c4c6dcb3805f88233ac127d094a3e2d1f3c1bd351729aa4f1e4604a633
kernel-zfcpdump-devel-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 0be2a1d0822c4ab405261688902e8bfc63aedb5be074538e2ef7fb5520554afd
kernel-zfcpdump-modules-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: a3150c55c09776a896ab6bf2965e9bc70e29659bcd2979349e9d402752eed921
kernel-zfcpdump-modules-extra-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 49a8b77ff207075c9ca88c609325400ab455fe0745b24135046cae46bcd91bd4
kernel-zfcpdump-modules-internal-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 796a0a763ff68c740757cce7ee61d3128e06341cd548d8dbb406ad703f5d7304
openshift-clients-4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.s390x.rpm
SHA-256: 2e53a5b55210755dcd035b7076bcba00059a2e78c6fa800a9b86fe0ad3f067a0
openshift-hyperkube-4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.s390x.rpm
SHA-256: c9d9a606be6c113924455ecffc1ecc008169eedb15c4520f6b89fdcf19a7389a
perf-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: a5f3dc5ed7b1d82060141cae76cd5a8db8f6a31776cec8887f9af7b40a320c52
perf-debuginfo-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: a0112d56336fb577d293935d9d211dcd7fe35ee61403caf412834f5344475fdc
python3-perf-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 9f2f7a53d1c3a5ad7a427ba483ebce21224e7d56817c6dde5be86da5aadece61
python3-perf-debuginfo-4.18.0-305.85.1.el8_4.s390x.rpm
SHA-256: 853e3cc9faff11ccf68733ffbf2492fcdd661f8f0272a4b2813e2e14e1643677
toolbox-0.0.9-1.rhaos4.10.el8.noarch.rpm
SHA-256: 6aeb61cdc1eeaf163c05e3ac648650539a887356c44b74928e8da4e0647fc9d5
Red Hat OpenShift Container Platform for ARM 64 4.10
SRPM
cri-o-1.23.5-8.rhaos4.10.gitcc8441d.el8.src.rpm
SHA-256: 03643fc538398dce14386919ee24b02aeb9a270ad9997d45aff88b86d80507b2
haproxy-2.2.19-4.el8.src.rpm
SHA-256: deb173329f41c2e248ed0546ebede5efc5a4726b8dbf5dce6c7364b0459a99f9
jenkins-2-plugins-4.10.1680703106-1.el8.src.rpm
SHA-256: f45a8096055b5cc2f0acb9e3d9ecd15262f8ac9ed8878693e601f7b4c97c97b8
jenkins-2.387.1.1680701869-1.el8.src.rpm
SHA-256: b2bc0dbcf397f9228e287373c057fc9bd005d87ad5416e85f9988f4fde3bd366
kernel-4.18.0-305.85.1.el8_4.src.rpm
SHA-256: dd8e3b4460e6300ad73b5029e6f9f37cbfb0a989c482b26f5dc6a36993fb2da4
kernel-rt-4.18.0-305.85.1.rt7.157.el8_4.src.rpm
SHA-256: c41b2cf6892a4c2d8bdcfdaca35163ed0f4641c6e0de9d33437941d7024a38c4
openshift-4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.src.rpm
SHA-256: 254d7f555a85c8d70eda8c24b356aec7dedb02493c92de62b3b7b6b687051453
openshift-clients-4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.src.rpm
SHA-256: d66d725b2ac1261afaed9f3115016f90bf8547ca9b29b9f794fdda3b4e85dd52
toolbox-0.0.9-1.rhaos4.10.el8.src.rpm
SHA-256: 8998ee66121f3e44a300f70b070040fefd2040b3fc981969f766df99d8dc8856
aarch64
bpftool-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: 0b8240935accc8198f254ee948681f768ad48bbbfda5866b4b66c1163526cbc6
bpftool-debuginfo-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: 873de47a3970d13bbdf1435b05dca070c89ec4bd1058465df2c161fa43639937
cri-o-1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64.rpm
SHA-256: 0b8b160e04b5902800357b2e786211d091e6bf57a277dc2857dfff7541ce67b7
cri-o-debuginfo-1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64.rpm
SHA-256: 5450bb98fd7e25c9ef6a6036b1cec90907425fd2369e636bf56083311af593df
cri-o-debugsource-1.23.5-8.rhaos4.10.gitcc8441d.el8.aarch64.rpm
SHA-256: 27132446e4b46cdad283331412662a659e564ded062464ffa6f593ac1e564771
haproxy-debugsource-2.2.19-4.el8.aarch64.rpm
SHA-256: ff36bd66908f50c3a5376d0a35af4055ec7261336fcdc1ed284be9025802fc0c
haproxy22-2.2.19-4.el8.aarch64.rpm
SHA-256: 33bf2b8a47401b1bb5c5eb1b81b19e19febaa378a9ca2da71d22f9d616996994
haproxy22-debuginfo-2.2.19-4.el8.aarch64.rpm
SHA-256: fec33e48f07a11cd5f3764779ba338a053ac4cf42b8140f46e9bc0c6bcdf2288
jenkins-2-plugins-4.10.1680703106-1.el8.noarch.rpm
SHA-256: 4fea95f2ded7d46dda489564024d80aac760e7190bdc67bd2d43ab4ee8a0c81d
jenkins-2.387.1.1680701869-1.el8.noarch.rpm
SHA-256: 360dc982d0e83be251207c0bf6f5f9067e740365ccdf45d71e02a77b733caadc
kernel-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: e2b9ad5bcf3ba4110604f82c5653477cff5ec7d7d3dbe8d1b4075da4f7ed9f1c
kernel-core-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: ab77046c43518dc1146843ce5ba0524909f02af8022e427f2e06e7d003e83a0c
kernel-cross-headers-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: 32c23eb1ee8272ee871158d1f95378de0374edf02c89e1974a03a744dec92d77
kernel-debug-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: 6cb3afafb4d040360741e7ecec3244eb0a54f208f49e93bf127bf6ccbf477c2f
kernel-debug-core-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: dc178da8241f001829131427a151cccccf3e3cc3afc560a2048d65bab1f61dc5
kernel-debug-debuginfo-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: e876e6f44a1591e8f5c6c5ec49b715e1323af2f054e90615670241e3af4de51c
kernel-debug-devel-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: c16808d11b79ca52490939048ef5d5bc29259d75dac64e6d940f456343f9363c
kernel-debug-modules-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: 0f3b7aadd5901c043b64c491d7a1bd2208549391679fbeac1b5354953d292a20
kernel-debug-modules-extra-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: ba91b8586d1f049510494133636055d3655832ff9d4b6226004a33d1b3416434
kernel-debug-modules-internal-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: 3a86c351ab0d9fa4785bbf9dc881b0bf4e321c1db9fb5f6bff45dad313393150
kernel-debuginfo-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: 7cdf275dc57babffc9c88f3577e996baac4558aed6f3c55b3be570d03a8f4dc3
kernel-debuginfo-common-aarch64-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: dc23161cabdc10c43fe57a7dbe7df3419ccb851cb5898faa6547f83c6e4192fd
kernel-devel-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: c3539c16c4cba5dd73ddb2a4480c791f6ee1015624b0a79c6a7a2d996bb8bbb1
kernel-doc-4.18.0-305.85.1.el8_4.noarch.rpm
SHA-256: 68556baa1037c9a0ed7296cbcd7b339657aa2c56c8632e97de6f2ab8e9f61a63
kernel-headers-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: 75bdf07e5a07fe084bc7a409692d2f2664205882061c6952686a7a0096927c8c
kernel-modules-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: fa6c10a03ed18b65b7de5e7aa08644e5a76120aa3643d1b184b570c78c1656c0
kernel-modules-extra-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: 43ffdcfcd1230b1330e252c08220e2256cef1a9113adf4c6027da439bf719fe1
kernel-modules-internal-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: 6646af2550d753b0387545fe9d3d82d07a063401b025ed5510964ebf76486c71
kernel-selftests-internal-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: daf97c693a11874de07b4276c2b83fbf72b0eed89f07b1f66be003381b0591ad
kernel-tools-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: 87b2abf0f201cd12a0874ebdb548bca748f57f17aa4c9692cb64f3604c5b4a58
kernel-tools-debuginfo-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: ab381164edaa8448ed3361f15ba5a9448fd4544005e155d9b878435243814696
kernel-tools-libs-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: b5adbb52dc8687fc94429d4c5370f0daf7758333d77f46f4034685d06b71bd81
kernel-tools-libs-devel-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: e5d90bbf65d85784d1656b2afbae4fcb60099034c0931ec11828155ef1fcc050
openshift-clients-4.10.0-202304032041.p0.g3a7500d.assembly.stream.el8.aarch64.rpm
SHA-256: e0f27a3bfa4e386c6e80e442b450a9d03ba97e27a03acce9e650463baa2f034a
openshift-hyperkube-4.10.0-202303221742.p0.g16bcd69.assembly.stream.el8.aarch64.rpm
SHA-256: aa635d31e224902ce7428935a12325a5f1681504a880cd588bec72ef72985a90
perf-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: 4b1315b3b526814e62c0212004260fdd580e762ae80962b973abeea74d8a007e
perf-debuginfo-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: ce892543590ca8a0212e2e261e4d712372a89fba9b97d2d45b36b691372e8929
python3-perf-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: dc6d7de3c1e8de8595e1ce3ea1f22acf5c03eea1e4fd602cb65fcdca6a8a9b13
python3-perf-debuginfo-4.18.0-305.85.1.el8_4.aarch64.rpm
SHA-256: df26fe741385aaf214ccf46553c2f6f1ac122c57c49af555e7d04a35559295b1
toolbox-0.0.9-1.rhaos4.10.el8.noarch.rpm
SHA-256: 6aeb61cdc1eeaf163c05e3ac648650539a887356c44b74928e8da4e0647fc9d5
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2024-0778-03 - An update for Jenkins and Jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, improper authorization, information leakage, insecure permissions, and open redirection vulnerabilities.
The maintainers of the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software Jenkins have resolved nine security flaws, including a critical bug that, if successfully exploited, could result in remote code execution (RCE). The issue, assigned the CVE identifier CVE-2024-23897, has been described as an arbitrary file read vulnerability through the
Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).
Red Hat Security Advisory 2023-3954-01 - This release of Red Hat Fuse 7.12 serves as a replacement for Red Hat Fuse 7.11 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include bypass, code execution, denial of service, information leakage, resource exhaustion, server-side request forgery, and traversal vulnerabilities.
A minor version update (from 7.11 to 7.12) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2012-5783: It was found that Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or su...
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2048: A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests. * CVE-2022-22976: A flaw was found in Spring Framework. The encoder does not perform any salt rounds when using the BCrypt class with the maximum wo...
Red Hat Security Advisory 2023-3644-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release.
Red Hat Security Advisory 2023-3609-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.4 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3172: A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This issue leads to the client performing unexpected actions and forwarding the client's API server credentials to third parties.
Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNIME Business Hub before 1.4.0 has left users vulnerable to click jacking. Clickjacking is an attack that occurs when an attacker uses a transparent iframe in a window to trick a user into clicking on an actionable item, such as a button or link, to another server in which they have an identical webpage. The attacker essentially hijacks the user activity intended for the original server and sends them to the other server.
Red Hat Security Advisory 2023-3299-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, cross site scripting, denial of service, deserialization, improper authorization, and information leakage vulnerabilities.
Red Hat Security Advisory 2023-3296-01 - Multicluster Engine for Kubernetes 2.2.4 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.
Multicluster Engine for Kubernetes 2.2.4 General Availability release images, which fix security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32313: A flaw was found in the vm2. After making a vm, the inspect method is read-write for console.log, which allows an attacker to edit options for console.log. This issue impacts the integrity by changing the log subsystem. * CVE-2023-32314: A flaw was found in the vm2 sandbox. When a host ...
Red Hat Security Advisory 2023-3195-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, cross site scripting, information leakage, and insecure permissions vulnerabilities.
Red Hat Security Advisory 2023-3198-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, deserialization, information leakage, and insecure permissions vulnerabilities.
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42889: A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execut...
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.11. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-26291: A flaw was found in maven. Repositories that are defined in a dependency’s Project Object Model (pom), which may be unknown to users, are used by default resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that r...
Red Hat Security Advisory 2023-2041-01 - Migration Toolkit for Applications 6.1.0 Images. Issues addressed include denial of service, privilege escalation, server-side request forgery, and traversal vulnerabilities.
Migration Toolkit for Applications 6.1.0 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3782: A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect ...
Red Hat OpenShift Container Platform release 4.10.58 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42889: A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Common...
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...
OX App Suite before 7.10.6-rev20 allows XSS via upsell ads.
Red Hat Security Advisory 2023-1656-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.56.
Red Hat Security Advisory 2023-1656-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.56.
Red Hat Security Advisory 2023-1656-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.56.
Red Hat Security Advisory 2023-1656-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.56.
Red Hat Security Advisory 2023-1656-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.56.
Red Hat Security Advisory 2023-1656-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.56.
Red Hat Security Advisory 2023-1656-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.56.
Red Hat Security Advisory 2023-1655-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.56. Issues addressed include bypass, cross site scripting, information leakage, insecure permissions, and privilege escalation vulnerabilities.
Red Hat Security Advisory 2023-1655-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.56. Issues addressed include bypass, cross site scripting, information leakage, insecure permissions, and privilege escalation vulnerabilities.
Red Hat Security Advisory 2023-1655-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.56. Issues addressed include bypass, cross site scripting, information leakage, insecure permissions, and privilege escalation vulnerabilities.
Red Hat Security Advisory 2023-1655-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.56. Issues addressed include bypass, cross site scripting, information leakage, insecure permissions, and privilege escalation vulnerabilities.
Red Hat Security Advisory 2023-1655-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.56. Issues addressed include bypass, cross site scripting, information leakage, insecure permissions, and privilege escalation vulnerabilities.
Red Hat Security Advisory 2023-1655-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.56. Issues addressed include bypass, cross site scripting, information leakage, insecure permissions, and privilege escalation vulnerabilities.
Red Hat Security Advisory 2023-1655-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.56. Issues addressed include bypass, cross site scripting, information leakage, insecure permissions, and privilege escalation vulnerabilities.
Red Hat Security Advisory 2023-1655-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.56. Issues addressed include bypass, cross site scripting, information leakage, insecure permissions, and privilege escalation vulnerabilities.
The Migration Toolkit for Containers (MTC) 1.7.8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36567: A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path. * CVE-2022-24999: A flaw was found in the express.js npm package. Express.js Express is vulnerable to a d...
Red Hat Security Advisory 2023-1286-01 - Migration Toolkit for Runtimes 1.0.2 Images. Issues addressed include denial of service, privilege escalation, and server-side request forgery vulnerabilities.
Red Hat Security Advisory 2023-1285-01 - Migration Toolkit for Runtimes 1.0.2 ZIP artifacts. Issues addressed include privilege escalation, server-side request forgery, and traversal vulnerabilities.
Migration Toolkit for Runtimes 1.0.2 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-31690: A flaw was found in the Spring Security framework. Spring Security could allow a remote attacker to gain elevated privileges on the system. By modifying a request initiated by the Client (via the browser) to the Authorization Server, an attacker can gain elevated privileges on the system. * CVE-2022-41966: A flaw was found in the xstream package. This flaw allows an atta...
Migration Toolkit for Runtimes 1.0.2 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3782: A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs...
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers.
Jenkins update-center2 3.13 and 3.14 renders the required Jenkins core version on plugin download index pages without sanitization, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide a plugin for hosting.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a plugin for installation, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used, potentially resulting in arbitrary code execution.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a plugin for installation, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used, potentially resulting in arbitrary code execution.
Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 through 2.375.3 (both inclusive) does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used.
Jenkins update-center2 3.13 and 3.14 renders the required Jenkins core version on plugin download index pages without sanitization, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide a plugin for hosting.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents.
Jenkins update-center2 3.13 and 3.14 renders the required Jenkins core version on plugin download index pages without sanitization, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide a plugin for hosting.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents.
Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 through 2.375.3 (both inclusive) does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a plugin for installation, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used, potentially resulting in arbitrary code execution.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used.
Jenkins update-center2 3.13 and 3.14 renders the required Jenkins core version on plugin download index pages without sanitization, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide a plugin for hosting.
Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 through 2.375.3 (both inclusive) does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a plugin for installation, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used, potentially resulting in arbitrary code execution.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers.
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service.
Jenkins 2.270 through 2.393 (both inclusive), LTS 2.277.1 through 2.375.3 (both inclusive) does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide plugins to the configured update sites and have this message shown by Jenkins instances.
A pair of severe security vulnerabilities have been disclosed in the Jenkins open source automation server that could lead to code execution on targeted systems. The flaws, tracked as CVE-2023-27898 and CVE-2023-27905, impact the Jenkins server and Update Center, and have been collectively christened CorePlague by cloud security firm Aqua. All versions of Jenkins versions prior to 2.319.2 are
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1471: A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE). * CVE-2022-3171: A parsing issue with binary data in protobuf-java core an...
OX App Suite suffers from cross site scripting and server-side request forgery vulnerabilities.
Red Hat Security Advisory 2023-0693-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.
The Migration Toolkit for Containers (MTC) 1.7.7 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-43138: A vulnerability was found in the async package. This flaw allows a malicious user to obtain privileges via the mapValues() method. * CVE-2022-2879: A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw a...
SQL Injection vulnerability in Talend ESB Runtime 7.3.1-R2022-09-RT thru 8.0.1-R2022-10-RT when using the provisioning service.
Red Hat Security Advisory 2023-0469-01 - Red Hat Integration Camel Extensions for Quarkus 2.13.2 is now available. Issues addressed include denial of service and memory exhaustion vulnerabilities.
A cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick users into logging in to the attacker's account.
Jenkins Semantic Versioning Plugin 1.14 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery.
Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier transmits the private key in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
Jenkins PWauth Security Realm Plugin 0.4 and earlier does not restrict the names of files in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.
A missing permission check in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
A missing permission check in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
A cross-site request forgery (CSRF) vulnerability in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password.
Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login.
A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account.
A cross-site request forgery (CSRF) vulnerability in Jenkins OpenID Plugin 2.4 and earlier allows attackers to trick users into logging in to the attacker's account.
Jenkins Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
A cross-site request forgery (CSRF) vulnerability in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers to connect to an attacker-specified AMQP(S) URL using attacker-specified username and password.
Red Hat Security Advisory 2022-7399-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.0. Issues addressed include denial of service, memory leak, and out of bounds read vulnerabilities.
Red Hat Security Advisory 2022-7398-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.0. Issues addressed include a denial of service vulnerability.
Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).
Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).
Red Hat OpenShift Container Platform release 4.12.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-2879: golang: arc...
Red Hat OpenShift Container Platform release 4.12.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4235: go-yaml: Denial of Service in go-yaml * CVE-2022-2880: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * CVE-2022-2995: cri-o: incorrect handlin...
Gentoo Linux Security Advisory 202301-5 - A vulnerability has been discovered in Apache Commons Text which could result in arbitrary code execution. Versions less than 1.10.0 are affected.
IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237210.
Red Hat Security Advisory 2022-8652-01 - This release of Red Hat Fuse 7.11.1 serves as a replacement for Red Hat Fuse 7.11 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include bypass, cross site scripting, denial of service, remote SQL injection, and traversal vulnerabilities.
A minor version update (from 7.11 to 7.11.1) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2019-8331: bootstrap: XSS in the tooltip or popover data-template attribute * CVE-2021-3717: wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users * CVE-2021-31684: json-smart: Denial of Service in...
Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an application is vulnerable when all of the following are true: The application expects that Spring Security applies security to forward and include dispatcher types. The application uses the AuthorizationFilter either manually or via the authorizeHttpRequests() method. The application configures the FilterChainProxy to apply to forward and/or include requests (e.g. spring.security.filter.dispatcher-types = request, error, async, forward, include). The application may forward or include the request to a higher privilege-secured endpoint.The application configures Spring Security to apply to every dispatcher type via authorizeHttpRequests().shouldFilterAllDispatcherTypes(true)
Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client (via the browser) to the Authorization Server which can lead to a privilege escalation on the subsequent approval. This scenario can happen if the Authorization Server responds with an OAuth2 Access Token Response containing an empty scope list (per RFC 6749, Section 5.1) on the subsequent request to the token endpoint to obtain the access token.
Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an application is vulnerable when all of the following are true: The application expects that Spring Security applies security to forward and include dispatcher types. The application uses the AuthorizationFilter either manually or via the authorizeHttpRequests() method. The application configures the FilterChainProxy to apply to forward and/or include requests (e.g. spring.security.filter.dispatcher-types = request, error, async, forward, include). The application may forward or include the request to a higher privilege-secured endpoint.The application configures Spring Security to apply to every dispatcher type via authorizeHttpRequests().shouldFilterAllDispatcherTypes(true)
Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client (via the browser) to the Authorization Server which can lead to a privilege escalation on the subsequent approval. This scenario can happen if the Authorization Server responds with an OAuth2 Access Token Response containing an empty scope list (per RFC 6749, Section 5.1) on the subsequent request to the token endpoint to obtain the access token.
The good news: The Apache Commons Text library bug is far less likely to lead to exploitation than last year's Log4j library flaw.
WordPress security company Wordfence on Thursday said it started detecting exploitation attempts targeting the newly disclosed flaw in Apache Commons Text on October 18, 2022. The vulnerability, tracked as CVE-2022-42889 aka Text4Shell, has been assigned a severity ranking of 9.8 out of a possible 10.0 on the CVSS scale and affects versions 1.5 through 1.9 of the library. It's also similar to