Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:4456: Red Hat Security Advisory: OpenShift Container Platform 4.13.8 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.8 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
  • CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Red Hat Security Data
#vulnerability#web#mac#linux#red_hat#dos#git#kubernetes#vmware#alibaba#oauth#auth#ibm#rpm#docker

Synopsis

Moderate: OpenShift Container Platform 4.13.8 bug fix and security update

Type/Severity

Security Advisory: Moderate

Topic

Red Hat OpenShift Container Platform release 4.13.8 is now available with updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.13.

Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. See the following advisory for the RPM packages for this release:

https://access.redhat.com/errata/RHSA-2023:4459

Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html

Security Fix(es):

  • openshift: OCP & FIPS mode (CVE-2023-3089)
  • net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html

Solution

For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html

You may download the oc tool and use it to inspect release image metadata for x86_64, s390x, ppc64le, and aarch64 architectures. The image digests may be found at https://quay.io/repository/openshift-release-dev/ocp-release?tab=tags.

The sha values for the release are

(For x86_64 architecture)
The image digest is sha256:a956488d295fe5a59c8663a4d9992b9b5d0950f510a7387dbbfb8d20fc5970ce

(For s390x architecture)
The image digest is sha256:9768dd5f5c79565da6e410de63429dc1b329a777d250047d37e474f70521c06e

(For ppc64le architecture)
The image digest is sha256:45a1e6f79a40ca205449936ba34c08cd4a1c4309453d85948ce91d7178a85be1

(For aarch64 architecture)
The image digest is sha256:c8f6f564d2f840cf7b8785ae5c0aaeef01017a258a85be50945dc003485b83f7

All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.13/updating/updating-cluster-cli.html

Affected Products

  • Red Hat OpenShift Container Platform 4.13 for RHEL 9 x86_64
  • Red Hat OpenShift Container Platform 4.13 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform for Power 4.13 for RHEL 9 ppc64le
  • Red Hat OpenShift Container Platform for Power 4.13 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 9 s390x
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 8 s390x
  • Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 9 aarch64
  • Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 8 aarch64

Fixes

  • BZ - 2178358 - CVE-2022-41723 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding
  • BZ - 2212085 - CVE-2023-3089 openshift: OCP & FIPS mode
  • OCPBUGS-11016 - node_exporter shouldn’t collect metrics for Calico Virtual NICs
  • OCPBUGS-11091 - Custom build strategy cannot add configmaps as build input
  • OCPBUGS-11498 - vsphereStorageDriver validation is misleading
  • OCPBUGS-15290 - OpenShift Installer gets stuck while listing GCP projects
  • OCPBUGS-16158 - “Duplicate RoleBinding” leads to “Unsupported value” error
  • OCPBUGS-16335 - GCP: add me-central1 region to the survey as supported region
  • OCPBUGS-16390 - cannot set network type other than OVNKubernetes or OpenShiftSDN
  • OCPBUGS-16768 - Cluster Autoscaler Operator should inject unique labels on Nutanix platform
  • OCPBUGS-16888 - Fail to apply machine-config during rhel node upgrade
  • OCPBUGS-17069 - NTO: Address a race in rollback.go e2e test
  • OCPBUGS-17120 - [release-4.13] 4.13.z FIPS build - HyperShift - pods crashlooping with API connection failures
  • OCPBUGS-17163 - Fix for dnf-RHEL worker nodes breaks 4.12 -> 4.13 upgrades badly
  • OCPBUGS-13310 - [infrastructure-operator] GitOps ZTP does not support enabling multi-node workload partitioning
  • OCPBUGS-13641 - Users who can’t list CatalogSources also can’t initiate operator upgrades from the Subscription tab of the CSV details page
  • OCPBUGS-14265 - Regression: OpenShift Console no-longer filters SecretList when displaying ServiceAccount
  • OCPBUGS-14599 - log additional host info at warning level
  • OCPBUGS-14711 - Agent based IPV6 only install fails when the RendezvousIP is not canonical
  • OCPBUGS-15258 - openshift-oauth-apiserver metrics are not collected
  • OCPBUGS-15743 - Hypershift NodePool AllMachinesReady and AllNodesHealthy should have message conditions ordered
  • OCPBUGS-15810 - The ExternalLink for ' OpenShift Pipelines based on Tekton’ is incorrect
  • OCPBUGS-15859 - [4.13] Rebase openshift/etcd to 3.5.9
  • OCPBUGS-15973 - Sync stable branch for CPO release-1.26 into release-4.13
  • OCPBUGS-15998 - Upload JAR file does not work if the Cluster Samples Operator is disabled
  • OCPBUGS-16066 - No agetty issue messages are displayed on console
  • OCPBUGS-16121 - [4.13] OVN-kubernetes references AddressSets after deleting them, causing ovn-controller errors
  • OCPBUGS-16124 - IPI Azure internal (User Defined Routing) clusters create purposeless standard load balancer
  • OCPBUGS-16164 - LatencySensitive featureset must be removed
  • OCPBUGS-16328 - Performance issue with systemd-coredump and container process linking 2000 shared libraries
  • OCPBUGS-16340 - Avoid retry of Network Policy event
  • OCPBUGS-16434 - [Openshift Pipelines] Stop option for pipelinerun is not working
  • OCPBUGS-16613 - Add admin acknowledgement in 4.13 for API removals in 4.14
  • OCPBUGS-16622 - 4.13/4.14 MCDs do not work with FIPS enabled golang builders
  • OCPBUGS-16673 - NetworkManager fail to read static network configuration
  • OCPBUGS-2758 - cluster infrastructure object is failing validation

CVEs

  • CVE-2022-41723
  • CVE-2022-45869
  • CVE-2023-0458
  • CVE-2023-1998
  • CVE-2023-3089
  • CVE-2023-3090
  • CVE-2023-22652
  • CVE-2023-28321
  • CVE-2023-28322
  • CVE-2023-28484
  • CVE-2023-29469
  • CVE-2023-32681
  • CVE-2023-35788
  • CVE-2023-38408

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html
  • https://access.redhat.com/security/vulnerabilities/RHSB-2023-001

aarch64

openshift4/cloud-network-config-controller-rhel8@sha256:9c6e0341ff27ee4f10f5e37c9fe2022dc3f8796b10af6267885b8d3df24e2771

openshift4/driver-toolkit-rhel9@sha256:16d2b77c1e3dc05096de7e50119567cf5861d306fa4c9acecfa4e0a78cea1264

openshift4/egress-router-cni-rhel8@sha256:08114bd914fd4dc3e4e030f45630851aa6e5e356cc449c6675331309c5224c58

openshift4/kubevirt-csi-driver-rhel8@sha256:6a21c0bef886c25858d2762af63c33337f905c89975aabce818c547ef2afae1c

openshift4/network-tools-rhel8@sha256:8bcd63bfb177969dbf04ae1ce04083d33f7e0d1c0195e308e9650378ed7220aa

openshift4/openshift-route-controller-manager-rhel8@sha256:882f9744bf88e268c11c875f67fe29aa52327e4e736e22ad4c959dfcba3f7f5c

openshift4/ose-agent-installer-api-server-rhel8@sha256:de0f9fa9488eae6ea380795dd42006d1307f3a46a79dc80547499b58a5d9900d

openshift4/ose-agent-installer-csr-approver-rhel8@sha256:b579e2c3be893032b5e6b4e8123b5be7d726fb3e13ae9cd6e99c6d4c65267a57

openshift4/ose-agent-installer-node-agent-rhel8@sha256:b3830e16d167b2d225bfb6dcbec86a79d169ff7948b78849be1346d2fb89ae25

openshift4/ose-agent-installer-orchestrator-rhel8@sha256:d72a31ddc9d57a07b0f94d6d6e91a360aff20138bf499752b8450a104a70754e

openshift4/ose-apiserver-network-proxy-rhel8@sha256:995a65cda3f014cd7f4871739ccb6ccfe620dfcff05f52f4fb3daeb6de25bc26

openshift4/ose-aws-cloud-controller-manager-rhel8@sha256:e772b30a2e12eeed8e26eb620a88234568a6db1eb50696d077cc015f1599ea6a

openshift4/ose-aws-cluster-api-controllers-rhel8@sha256:9cbba2e9f0981fff026a7415ee5f6371123c502e92b0cb31c2f7b66772227e83

openshift4/ose-aws-ebs-csi-driver-rhel8@sha256:b2c2cb12e246951e5027282f790c9caf05195c86569e7894587d88f16ac2578e

openshift4/ose-aws-ebs-csi-driver-rhel8-operator@sha256:cfb7c601179ed08a2961841925884f4a28f8d5224efd37398bec191a5e6231e2

openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:76742ddad35b53937d87f8a675e6e7dcd8d317ad70d1338a52624c857163d5bf

openshift4/ose-azure-cloud-controller-manager-rhel8@sha256:a8ed7dc1033740d6c13e9c5eb55599c5a307a37b3df66b32c608fc55dd96c479

openshift4/ose-azure-cloud-node-manager-rhel8@sha256:80f1145e4f17c020ae96e9665b097e7f0ed4e5503721246ed2940e23821f3463

openshift4/ose-azure-cluster-api-controllers-rhel8@sha256:f6e352fe92cb1123938788625a8031199751625833f2418e8b26162a252a48a1

openshift4/ose-azure-disk-csi-driver-rhel8@sha256:f7e15d07a201fcd67fcde26a518caf9028c04acf363fd168549d10840d5fa1d3

openshift4/ose-azure-disk-csi-driver-rhel8-operator@sha256:3f1ea644ea0f888cf205eda9f3e431f56395b025cc4616ec17512e1cebe97be0

openshift4/ose-azure-file-csi-driver-operator-rhel8@sha256:6932d03dbb2f55b15f789524c459b6eea5b8e9d671006ebc24f820ba24d48d79

openshift4/ose-azure-file-csi-driver-rhel8@sha256:0c862ad78b96550415a209d2f74c761a77c426b4b29609ea5e40d465cfc11b28

openshift4/ose-baremetal-installer-rhel8@sha256:aec0aea53ef33c24ba0b39a932526ce1d925b6ff04c76d0dfc473b4023256c50

openshift4/ose-baremetal-machine-controllers@sha256:82c82eb71f784f7b07b0aa0d05bf96fb21542349d3f92555c51a1a5f5ce3409a

openshift4/ose-baremetal-rhel8-operator@sha256:93c1fc4644abdd2bfae3ff7e0f2b1b7b660bcd46bca2685e4561c44e1a3b08b3

openshift4/ose-baremetal-runtimecfg-rhel8@sha256:76f4612874668ea35ead0da85b3c142b4f4cc7cee92221d6b8a39566ce949fc9

openshift4/ose-cli@sha256:77850d2a4a548330b77a94dbf7f3ec0eecd4ddecaab345a7cb00e99fe6bbe533

openshift4/ose-cli-artifacts@sha256:ebbf3138f50198ae41c68b4e95d62da76c55f6844c6c42ac78b280ed530ca5ba

openshift4/ose-cloud-credential-operator@sha256:15f6bb484bed68f6446526562d2eb820adcf68dbadf87c4011622d650752698c

openshift4/ose-cluster-api-rhel8@sha256:1c8ec487f871a89dae7cc78829014adf874493b9d4e485ebb4b43565b9f839ec

openshift4/ose-cluster-authentication-operator@sha256:af8e6a03be6032f29a07d3cb934a9c38288cf7b4d7d732e6810e1f1bc4ad1e29

openshift4/ose-cluster-autoscaler@sha256:f3197f47c7bc2cf037b2b53914a9423a15c56497b220a7e50a5a21e8d894134b

openshift4/ose-cluster-autoscaler-operator@sha256:ce33a72df9788d65d5eb7b77b9219e7695df2cdd4fcb8da13a23ed2a6286a002

openshift4/ose-cluster-baremetal-operator-rhel8@sha256:4dd205c0e70e42db9ab7303bcd905025ccb00e53742113a8d71a6153b2d8c91e

openshift4/ose-cluster-bootstrap@sha256:8539aa2520d02537d018bf7504709df4b9bca2bd97588dba4248361aafc30712

openshift4/ose-cluster-capi-rhel8-operator@sha256:bf3c245511c783faa2817726889a82477df0f29a8fbfdb0da56f9a8aa3f25956

openshift4/ose-cluster-capi-operator-container-rhel8@sha256:bf3c245511c783faa2817726889a82477df0f29a8fbfdb0da56f9a8aa3f25956

openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:6cda1d53c79dafc2dd96c704772b803fc93d26124570aa55136d370b616416fb

openshift4/ose-cluster-config-operator@sha256:b1659abf543f7c287cc9fdaec387ab17379984251df38e523e357cba022c5b0a

openshift4/ose-cluster-control-plane-machine-set-operator-rhel8@sha256:92fabd37ff1d0e0bc208bfe091a691ab6ac45becc6edbcaed47bf52d4c59e34c

openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:22a0c932394d8cc43178a92b397fc8e4475165932366e410d2da9fa0cee5d510

openshift4/ose-cluster-dns-operator@sha256:9328feab66bc093669bfe800c4cabb4e9e37acf9bb16f1bdd9c7c65f5d8b6dfa

openshift4/ose-cluster-etcd-rhel8-operator@sha256:0d68da54edb8872b4ee5633b9d122d6aaa7e9a187ebd45888b30b557b765df23

openshift4/ose-cluster-image-registry-operator@sha256:1ffb4691a09f958550800940360233714f2b4889f505d71637217ffc99ae62db

openshift4/ose-cluster-ingress-operator@sha256:cacd484453e672001e9491368cbf6f3d658aa597569e1917b03f1bc48ce6da32

openshift4/ose-cluster-kube-apiserver-operator@sha256:defddad5a4e2f0a947390ff055b8c551303b868254e671f516cfae2e748be144

openshift4/ose-cluster-kube-cluster-api-rhel8-operator@sha256:8e99bf140aa79b6787077e8269038ece85cc7fe1d8ff6d1322d775e5f0ba1dd5

openshift4/ose-cluster-kube-controller-manager-operator@sha256:a36c0f4f0d978402c1a9a0d321f82f9908d0847c073801ac52f0a2c43c41939a

openshift4/ose-cluster-kube-scheduler-operator@sha256:9bd25c6dac67bc90455da4952dc9971495344d13ac674aa09376003561c2d8eb

openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:cc8039937fb2fcaaf90207389312abb1cb6ac5c835967d9efdd6347dd213fb7b

openshift4/ose-cluster-machine-approver@sha256:fcbc07ea0554168c6322bcf5b297f6987f6aeff5699d7e038721e500d06104f8

openshift4/ose-cluster-monitoring-operator@sha256:18be07c2be40bd067c4eeae7325c6f08e04480e7b4a4c5307a0fba8c79f9b8f1

openshift4/ose-cluster-network-operator@sha256:bf6484b7bb192e3b15c76c5232e77353fe0700819ce8d1e248e27aa10fbb3add

openshift4/ose-cluster-node-tuning-operator@sha256:08027508821d773445d56ba34648970a0363f356db257c67221b1ee7baed89f8

openshift4/ose-cluster-openshift-apiserver-operator@sha256:506b12f2c1f4d103fffb46ce498c9794c27bc580d4116805e8c0cb49cd553dad

openshift4/ose-cluster-openshift-controller-manager-operator@sha256:2a3818bbfd0e26d55dd2c3507818fdf8a2ea078458a1d31062799cc8cc4be5c0

openshift4/ose-cluster-platform-operators-manager-rhel8@sha256:97359c696ddc9b8631c5bcbf89d2e0fcd36d6d8b03ddb656eacf83187ec71316

openshift4/ose-cluster-policy-controller-rhel8@sha256:70bb844f66698f67a4e76aa0cb386cd69f84780b5622aa7d70d977fd1394fcb9

openshift4/ose-cluster-samples-operator@sha256:ce09e442d68e3e3511deea7e2b6d0fc67e7153adc3cb3ae682d21f593a8da933

openshift4/ose-cluster-storage-operator@sha256:7faa9b8147b82b3e38c0a8b583cefedd13d47c5102d50d1c6482535944e92753

openshift4/ose-cluster-version-operator@sha256:97b017ebcc58cb73451992bfa5e2066852070afe6ee30e90018031748f0fb52a

openshift4/ose-configmap-reloader@sha256:b3c9e3d24c3a6562a5a36243695565766af37f9e9c5107a496d5d841eb64930f

openshift4/ose-console@sha256:7cf9b93ed0df7d19b76e6f0bb3ee825910cfa4483b20ec0ea0f1e08243b6d031

openshift4/ose-console-operator@sha256:5427e989088e5d89c3d66fd466bb6163c4cdd59647328364b3b0356fbef64bc5

openshift4/ose-container-networking-plugins-rhel8@sha256:169437ad5638b1ba88c7b80bc68da61337ccf3b8411803120bc53e453ac737f9

openshift4/ose-coredns@sha256:ae10751deb19926f2d230dfe20cec71cdc95be86a99224c4c5c34dc28591372c

openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:978c622ebc5caccfab0d271e4f0c1c3ea18e4590bc47bd320fc270add0fc86a8

openshift4/ose-csi-driver-shared-resource-rhel8@sha256:8b125a7a131bfdb62c4b77ab72a0a05f4f399a275f09caecc5bb2e635044f80d

openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:70ff77f2078be2ea848c5ecb02de42416b8dbdf8a68e72c94cc3a622feca3abd

openshift4/ose-csi-external-attacher-rhel8@sha256:a6ae2051889cc8eaf726537bc665b80fc825a7394897c206f1ff843ec57516d4

openshift4/ose-csi-external-attacher@sha256:a6ae2051889cc8eaf726537bc665b80fc825a7394897c206f1ff843ec57516d4

openshift4/ose-csi-external-provisioner-rhel8@sha256:29b412efa64d2d3a8f26a68d97305680da65774f60967ff7e44ebb2401e3573a

openshift4/ose-csi-external-provisioner@sha256:29b412efa64d2d3a8f26a68d97305680da65774f60967ff7e44ebb2401e3573a

openshift4/ose-csi-external-resizer@sha256:cfdae21b4b9eb6cae509a8604b96ff9c9e016018c0cc0ebc20ca7ac70fba8089

openshift4/ose-csi-external-resizer-rhel8@sha256:cfdae21b4b9eb6cae509a8604b96ff9c9e016018c0cc0ebc20ca7ac70fba8089

openshift4/ose-csi-external-snapshotter-rhel8@sha256:e1250acbc6e011e61427b06381269e5d0c5f8acd8043e054d55f64ce911511cf

openshift4/ose-csi-external-snapshotter@sha256:e1250acbc6e011e61427b06381269e5d0c5f8acd8043e054d55f64ce911511cf

openshift4/ose-csi-livenessprobe-rhel8@sha256:6761dbf31b0faf059928b6ecf70417339362613d6bbf2eac22cd4ac6d5369cb2

openshift4/ose-csi-livenessprobe@sha256:6761dbf31b0faf059928b6ecf70417339362613d6bbf2eac22cd4ac6d5369cb2

openshift4/ose-csi-node-driver-registrar@sha256:459f17034a224b446becfd6d630696009446966f7e3c12c6e2f62ccf33239aa1

openshift4/ose-csi-node-driver-registrar-rhel8@sha256:459f17034a224b446becfd6d630696009446966f7e3c12c6e2f62ccf33239aa1

openshift4/ose-csi-snapshot-controller-rhel8@sha256:0f8a411c84d7bee70654a18d57dbc463786137e7fb073cdb0129d5c449f9148d

openshift4/ose-csi-snapshot-controller@sha256:0f8a411c84d7bee70654a18d57dbc463786137e7fb073cdb0129d5c449f9148d

openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:dde697417a07498a97f3ce7dcb743d61bd93b8b75a751152f8b35644302a1a66

openshift4/ose-deployer@sha256:737ee976ad3be2f6f0aa4930d31a4f400aecd7d005e1879210530e8f6adc28a8

openshift4/ose-docker-builder@sha256:aa37b6c6c60dd8da8448f7f12cf792bb383fbc2f849316ffce44be4412c04fd0

openshift4/ose-docker-registry@sha256:4f325c1f2477d0e5f2f62d7b0e36af7baaebbfd3bb9ac2333632887c441d60cf

openshift4/ose-etcd@sha256:9d6ffd390e1bc474de7df3e0ee4b86c167ed7dc73f8d5a7a42cbd8f303b9120b

openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:e77865268fbff483714dbe8951e0d7f868808951c39cc560d07bdf95ae6092dd

openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:eb923eebc66737abe158e3d12b920a5248e337e8d429b88f53fcaaac5a78adad

openshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:a4ff1ac5a0361f8f4d1fe8f382ace7dbf6090d55e5f7b69fefd648bae88c3903

openshift4/ose-gcp-pd-csi-driver-rhel8@sha256:6ac0a217484be8b60928fde2781d72c643d94f0210af648275cddd7dac034841

openshift4/ose-haproxy-router@sha256:a71ea9307adb423136b17f25d3411008fdb4b205c9f540dc719225f0b31913fe

openshift4/ose-hyperkube@sha256:510f04fb28b1891473613456d7607bdc3dd281b020c9d49a9d24344a7ab3f7a1

openshift4/ose-hypershift-rhel8@sha256:666691f25e924aebef6065900091dc9dcb5c487bc99171804ab5b93aa3e8997f

openshift4/ose-image-customization-controller-rhel8@sha256:718cb24f4645b1d551fd7edcdc4fd2b5c1ee1f7b1d39b0db2a6dd7cf4a1f9ba4

openshift4/ose-insights-rhel8-operator@sha256:fbde0f59f2fd552120a4a525d9392155b23851f0c9a6ee21fe2639b626101ce2

openshift4/ose-installer@sha256:83cc1a53a4112e98f70a5966855f514b680dd4d8fa8e8835137cd452471ed17b

openshift4/ose-installer-artifacts@sha256:e54ac83cd2d846bbded7e072dd63c9684489a2e498135d325ef0183d6031b6c7

openshift4/ose-ironic-agent-rhel9@sha256:33ccbab2f5ef0ec84d0dc60721e941f22860e3dc50bfda57c00c62ad2fce6f18

openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:c174213da9d7ac9e28c451bc26de6f5b4e0b6182572fceaca9e617c68cf8cea7

openshift4/ose-ironic-rhel9@sha256:499997a6cfff0d02d8ba0eb125b2dedf6da02aa23df866a299bd560628fcd403

openshift4/ose-ironic-static-ip-manager-rhel9@sha256:2788403c50c9ead2c3f4729c064f0312832a2f7a1dd3ad9c300f13d1eba660ba

openshift4/ose-k8s-prometheus-adapter@sha256:7e86ded6b8268f8a945032420af1596bc6f5cc4dc105c3b43b92dc4b035298e6

openshift4/ose-kube-proxy@sha256:6c4dabda7a0c0b3c4086f0953675e9d4dd98bfacb6980f6655d928cc07388df8

openshift4/ose-kube-rbac-proxy@sha256:49559ed53ca6c23b9ae25232fea7ff0fc57a9a52850b3be48b63debcb891acc6

openshift4/ose-kube-state-metrics@sha256:5ffedda26825b1b4fad501687e908c47d166be62a28e79fdae91dcc45dd56834

openshift4/ose-kube-storage-version-migrator-rhel8@sha256:c4b0fb83c42d9a8f37ce49a296bb802e7b8c595ea50f3b751d76026eb82902cb

openshift4/ose-kubevirt-cloud-controller-manager-rhel8@sha256:7e787d455df10b810e9d2458f3b9e8905820e981a656965c20d70ce7d83ec00b

openshift4/ose-libvirt-machine-controllers@sha256:0fbdf904a94afb6e157a90e65b04f97aa35b13278b9f921a3aef2cb36489daa8

openshift4/ose-machine-api-operator@sha256:d0311aa4cf68364d7e3ffb7421f92e576621086fbe0ac596b6c398383a72c4dc

openshift4/ose-machine-api-provider-aws-rhel8@sha256:41288458cb96a9e0ef27c12244ca1623b1ee99d4915abda3b0a9e27b4df5d712

openshift4/ose-machine-api-provider-azure-rhel8@sha256:aadad2f799ece93740af627f9c170b7725918b8240d517535d446fc4bacc9bb1

openshift4/ose-machine-api-provider-gcp-rhel8@sha256:6df4dc8338aa056b900f71f062fdd64321601ac0c78fe5eee1079446caa95df4

openshift4/ose-machine-api-provider-openstack-rhel8@sha256:2943935bc708498f8a4200904720bad42cf349d5940516c447969727e9e55888

openshift4/ose-machine-config-operator@sha256:8efe13282f08e5ae54b78a861c444f81cb321a7be56352a12791ff81e051395f

openshift4/ose-machine-os-images-rhel8@sha256:2cecf7de9b77ac154cea3e7a16861e3205c86f8a7b351280665138fef81b5033

openshift4/ose-multus-admission-controller@sha256:cd065ecced6c81372b1789204562688e54d73d08eb735fb0e3dc26316284be42

openshift4/ose-multus-cni@sha256:0177da254d772a64c7e0544cc84d3ab193fc597547f4470bc88790c5c4b0fe31

openshift4/ose-multus-networkpolicy-rhel8@sha256:cb3a03077f8528ebae300a597d8f2ab3733fcd2ad61e544cefcfda2453385ef1

openshift4/ose-multus-route-override-cni-rhel8@sha256:90c122c3b6afc880b03e2775912b1475a745e4cedfc4d17665c61857ecb6fca7

openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:7e25848e0b3b68c1d0f8b34ed9c1482909626a8ede04bfcd7d8f62028ab087b1

openshift4/ose-must-gather@sha256:8bbc146fad6149ffcc8ceab8a3b450ea8d347c68746a019ef241f9e700b8605c

openshift4/ose-network-interface-bond-cni-rhel8@sha256:1f39102833a8273db56c0c567c952010435d1d6776ce5a9400dc2ed70cf61286

openshift4/ose-network-metrics-daemon-rhel8@sha256:95d261634caa3ca8c47f321a8c364fd74bc28cbccc61341ccac72dfa32444c91

openshift4/ose-oauth-apiserver-rhel8@sha256:3b032f9597bec9cc84db221747401b4460c2f8a100bf7ce88c0b0ceb51302c72

openshift4/ose-oauth-proxy@sha256:ebe64375281666444fc9609f1874278094bc8549c040f634b7edef1ba4772aed

openshift4/ose-oauth-server-rhel8@sha256:f168cf6ad47db1114e1b7dacd638ca672be03fc3a494121e8caa0d609ddfca23

openshift4/ose-olm-rukpak-rhel8@sha256:56c5d888cbf08ee6035b9cea7be19ff2f19596b2a51d39e73f47176aa8bd7040

openshift4/ose-openshift-apiserver-rhel8@sha256:12fe888e6ea308435a0a96d0f74ffe7d776a059eed3a796ad356fe7564941b76

openshift4/ose-openshift-controller-manager-rhel8@sha256:045ec7203c2749bba9217abcf359b3e89f8d4a1549c51ea8fd7f4198fea4ca6a

openshift4/ose-openshift-state-metrics-rhel8@sha256:72e8f3cc2f42ec1d23138004f3888489b43f7a3616a98f68bc0ecae5a892a300

openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:4b15ca969ca89f6c5efa21cd3b8109bb001f7da91250d6be1b6b5376847eb78c

openshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:1de82752182362570c6445ffb748f26a81b0b6cddfc7a1ec3d33f455d8376537

openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:27fd441bae35af60bcbbcbfe8b8f82b560c546205ea8266f63a708c2a8192f36

openshift4/ose-openstack-machine-controllers@sha256:4e869f1272ba05437cf74ad377ac4713ebb5b6ade3bf86c2a5312cabcf43bd5b

openshift4/ose-operator-lifecycle-manager@sha256:8fd87a8744dbce590bdef035a9f003bff7114e75308972ab278e9f239b5de4bf

openshift4/ose-operator-marketplace@sha256:bc812de567b41964c2ab3fbc3b6e17a54d22004e6c9624fb8d138ae80020b910

openshift4/ose-operator-registry@sha256:ce359f1551257496939ee21bd8311bcd7bed87f82fd3c0af742dde591a8dca40

openshift4/ose-ovirt-machine-controllers-rhel8@sha256:1001f3b5e175b2dcf4290ac9c4e35da3342dd2f5254ffafdb96e31fc020a8051

openshift4/ose-ovn-kubernetes@sha256:8838e2e8493d5246d250bd9337d26adc98698c32de256b8264fe348a2d4de4d5

openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d7d1bfac7d8fcaf6b5c5a1bfb7c253363280acf66531b61a2b8a88514b29f675

openshift4/ose-pod@sha256:a3b3b73520e20dcc352c609f5023bf2b8f81b0c479e29255142788b3e431689d

openshift4/ose-prom-label-proxy@sha256:1a5c565823f20b4909b8f14f35f30ad580af94c1a15e585ba7847c65ee0001ca

openshift4/ose-prometheus@sha256:4b3de143a93ef9d747843b6af75d61863039fa4410eb45f9363230d48085d4b1

openshift4/ose-prometheus-alertmanager@sha256:50f29b7ec12569c775f35ffd9c4929dfdcce879312f48aae40d825acb4bc2f5b

openshift4/ose-prometheus-config-reloader@sha256:d68735b6fd9c59cc84ccb41d881d92c964aa4000860d645df652e336c5d68a5e

openshift4/ose-prometheus-node-exporter@sha256:78cfb4dc3c0f35013caf344981e15767883dddf862c3206a89f3546419933b46

openshift4/ose-prometheus-operator@sha256:0648a850cb6611bf44a83c88cb748cd88d82524b4fb14ea83295fcfed2a444f4

openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:42cde34410f66bdf628996b98fa4b5a747025b3b0858d52290795bb4e5f5ae0d

openshift4/ose-sdn-rhel8@sha256:9b3163bcb29b2bbad3140668302c089135a0a5430e95abafda9dd82827dbaad6

openshift4/ose-service-ca-operator@sha256:816f10481bbb22c9be44ab84617276c9ba0dd0f497248810c9f1d6b7030d611a

openshift4/ose-telemeter@sha256:30151bf5a1cd304039663d13d095719f3b190fd929462c953c20217c55c5046c

openshift4/ose-tests@sha256:089f2fcded2e93cbaf1b9931026c3e72ed0ba33c08ca9df8770fc9c6518cdc50

openshift4/ose-thanos-rhel8@sha256:699fb1dad5272b25eea0a72b153f27539bc3aca6f5ee4a83d61d73605844d85b

openshift4/ose-tools-rhel8@sha256:af1b33ed553192965390ca3d9ca2851e867a0bea35af2b8d269d6392d7d0045f

openshift4/ovirt-csi-driver-rhel8@sha256:28f26b1cebc8ce942fd5327e3c9f31633c1a935b3731e47e3101516fda7db8bf

openshift4/ovirt-csi-driver-rhel7@sha256:28f26b1cebc8ce942fd5327e3c9f31633c1a935b3731e47e3101516fda7db8bf

openshift4/ovirt-csi-driver-rhel8-operator@sha256:7f3e1a2a0c1bd047e2bfa2270030003c3a71cae9e71d26c4ddbdf3af098c99c6

ppc64le

openshift4/cloud-network-config-controller-rhel8@sha256:927157d6f5db25525bea2a649a519fbc1b63cededc69e1c5dd86b6ebd4764873

openshift4/driver-toolkit-rhel9@sha256:60757657aab2c7450f67aae0459678c92e9cfb9662c4933787ca4698f0dfd48e

openshift4/egress-router-cni-rhel8@sha256:001ec14fcccf616a956e66fcac828ce3e7a78bc83ea00546daafd61471747473

openshift4/kubevirt-csi-driver-rhel8@sha256:bc68274ea72c86450bf9dbe8d6b9d3b2de8ac237113fa914383034170005bbff

openshift4/network-tools-rhel8@sha256:c04140d23662a04f9eb5502f142dc6cd8555bba38f6b3a06c755ad8a753604a6

openshift4/openshift-route-controller-manager-rhel8@sha256:d257ed147e749c2aa7757b6a44baaa2196f11391e56da7f738a029f1eb99090f

openshift4/ose-agent-installer-api-server-rhel8@sha256:397dedb55ffdc3b7e9800fd7941720ef6b823a585baff667c6aa3e8ac929c260

openshift4/ose-agent-installer-csr-approver-rhel8@sha256:a9342a57d9280898bc4c8401793e240b4fb461881a8f83be9006566257cc3dad

openshift4/ose-agent-installer-node-agent-rhel8@sha256:5b84c91d7116840a59a4bcb8733d5f46abcf53e21d68c7860656371a35b4ee4f

openshift4/ose-agent-installer-orchestrator-rhel8@sha256:ec6b814bdc4607a62b1fd8016fdcc4cf1a1e09848a247819ff220603a39d1579

openshift4/ose-apiserver-network-proxy-rhel8@sha256:0454ac9124c8f836a540c66ae407f5bcb1dc6c0ef2ff09e776ce2fd332459d2e

openshift4/ose-baremetal-installer-rhel8@sha256:652453d4bab600507ed25c10353e12c0818d933fa7f4a7145e91a092f370c6f5

openshift4/ose-baremetal-machine-controllers@sha256:01bf57e7534f4dfdf6c79d70b26fae89a170608202080ac633eaf5efd2beadfa

openshift4/ose-baremetal-rhel8-operator@sha256:f087a9ceecf9b0f557f06a49454b7ae3e8c82250ad73e6d68bdd0fd30257863b

openshift4/ose-baremetal-runtimecfg-rhel8@sha256:709d3478aec6586ccb684c5faade124e2996c579ab9862b1c989d35196139d34

openshift4/ose-cli@sha256:a3149eaa8366b339be2a6b5d5d1d4b763b0c6032077f9e5cc05c5a7b0861d440

openshift4/ose-cli-artifacts@sha256:5e3601de17043857dfdf716d1882e9b93b6f06b4391344e4371c1a7218399399

openshift4/ose-cloud-credential-operator@sha256:d61015dd0d5f0036215477546156a506e7e8a310e1d7723468d2f26f702a909f

openshift4/ose-cluster-api-rhel8@sha256:a7339356a785607bd1146033587ec50e294f9866394e3ddc59e3c25c8d92f872

openshift4/ose-cluster-authentication-operator@sha256:6035c7a2577de69fa6f79165bf144a6cf6ca3d48880de6e9ad368195343d417c

openshift4/ose-cluster-autoscaler@sha256:fcde5d5f618e6502bf037a289636ecc5ca3bcef96bb2fb7c3a5323057933f9f6

openshift4/ose-cluster-autoscaler-operator@sha256:27f4c34e3b5cd003ae6245b4156933609ad731a4a68d31a99858ac877ef35c3c

openshift4/ose-cluster-baremetal-operator-rhel8@sha256:d0f3aca21d1bbf29ce9e82185e53d29f60baceee065c4d1c5f5236242cbf1b55

openshift4/ose-cluster-bootstrap@sha256:9d49128b51e80295d2064b351c8dfefd851464f600da50ecfd510edfe372b82e

openshift4/ose-cluster-capi-rhel8-operator@sha256:ae71c36412279c0d72c53c53e30fd16fe62086bf1628c4bebecee893058f2b32

openshift4/ose-cluster-capi-operator-container-rhel8@sha256:ae71c36412279c0d72c53c53e30fd16fe62086bf1628c4bebecee893058f2b32

openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:cf4a6dc2bc992daade7eac2da83b66218d911e786fe7aef0ce24881b6f3a0329

openshift4/ose-cluster-config-operator@sha256:9e73a4d9eff1a242db218be67f1e7fe9e404bf1c8960904cb7b7f7e94ef310c1

openshift4/ose-cluster-control-plane-machine-set-operator-rhel8@sha256:b0ceedf57b20df13f70e9866f7c68a31529717933d5f6c3d8714c2040947aa42

openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:f6ce23618f19d293dc1945a07d93c9e9a582c8e4b9c34a906df910a28d5cbaeb

openshift4/ose-cluster-dns-operator@sha256:02d15caaee181db5846b0ffa38f9efe9c9fc14cf49f33b444d6381f256ada17f

openshift4/ose-cluster-etcd-rhel8-operator@sha256:ec71414e25f9f5f294a2d1b105097ba546035a6834af0ded786a8d9adf0f2535

openshift4/ose-cluster-image-registry-operator@sha256:43611e835ff8d787975e60658d41ebc3f70d18cfc15635cfa1cdba8560424fe8

openshift4/ose-cluster-ingress-operator@sha256:35532909ada18c587b1f3df6e6be20d11c43db3ef92ae206803ebc4e9597f5db

openshift4/ose-cluster-kube-apiserver-operator@sha256:233dea853340a914d52fa5b62e87a6b6dfcd3a0e09a922b6db31f0202959e7d9

openshift4/ose-cluster-kube-cluster-api-rhel8-operator@sha256:2956bf38465654203af46d1326f78691eb6f0c2845b6d77fde8dfa702784c11e

openshift4/ose-cluster-kube-controller-manager-operator@sha256:136421b803ff08526e3e9d7dfd64b9c4c37458105eccfa3abdad9f277833535c

openshift4/ose-cluster-kube-scheduler-operator@sha256:258154339956a434bb12cf08d1bf29e69d9b11ffd203d04e7e70c95390b99d45

openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:3302d2ce9d7d5a5c51a7e65ae5d97d100630d8a930d4d4bf1c82e16f549f2305

openshift4/ose-cluster-machine-approver@sha256:68e6268ccb442aed47f4c4b53bccaf133b92340c5f51680348ace6127de9874b

openshift4/ose-cluster-monitoring-operator@sha256:606ac1a6d7cb70df678cf7196ee15afe5b1970e78223d33a4a19ee10b7cceeb2

openshift4/ose-cluster-network-operator@sha256:2d6757b0f2dbed3cd6711de846f4c70f5ccecae0bec3a8aeef4fc6b4bc508dde

openshift4/ose-cluster-node-tuning-operator@sha256:67c1c77e81f7f4c6bd646a36d70d379e775bc15e758eab111768911671078dde

openshift4/ose-cluster-openshift-apiserver-operator@sha256:4c754493ccea2b9f57969b39ecee1a09fb64311bb1abfd2edb44f0b03d5150ca

openshift4/ose-cluster-openshift-controller-manager-operator@sha256:2b5b370ca97802aed73b6215c09d413337250a025fdf9dc6e334990c85429183

openshift4/ose-cluster-platform-operators-manager-rhel8@sha256:84de069426228a0120fe38f50a86914146dff418d038c855f916e2a673a6924c

openshift4/ose-cluster-policy-controller-rhel8@sha256:555195165f5a5b1fbac974586e26b683ff5ef4a18c6f7921bf0e39f4748f6b28

openshift4/ose-cluster-samples-operator@sha256:21e839e82d4a77ea0890c3b681a7a52f2e58167682ee700a5370e272349a1a4e

openshift4/ose-cluster-storage-operator@sha256:8f2a8eab84e95ffb461aab1cbcf46360dc1b167014128507ea2debe39d456af8

openshift4/ose-cluster-version-operator@sha256:ede1395912298cc2681e12d339890a61c37b8de90e60a66f7c62e14f10546d5a

openshift4/ose-configmap-reloader@sha256:f1bd152fda87461fc8b8ec1a7ef91d0c09ee7be551a82b9c44026f8aef3d53bd

openshift4/ose-console@sha256:e33f542c9bd6fa81406f6f3cc66fa1b786ddef24c6125afc464719ff516598cc

openshift4/ose-console-operator@sha256:3d3777a4e319e5eaa351c69af755ca3d7d139bf23fe9c018fcf0be123d61150a

openshift4/ose-container-networking-plugins-rhel8@sha256:629fa4efd9161fa304bf83127cef1d9a22031dd7afd7d4d5a949fdc0a66e9a09

openshift4/ose-coredns@sha256:7e23db5eb2779ba3f7716ac7484afda2fc226d1c02911d03d14e8b0d5019e13f

openshift4/ose-csi-driver-manila-rhel8@sha256:9846b6c328b22209c7e9aa113177452e9b32055f6a7cb92412176b92f0ff84d6

openshift4/ose-csi-driver-manila-rhel8-operator@sha256:b74820ef8335f177b4793b69ebab916db795f0995520fb1b76db20df1086959f

openshift4/ose-csi-driver-nfs-rhel8@sha256:a235eef288623b4da905cb55ce1b7b01248a6e274ae07718b51305ca458add58

openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:ea209a8bb52f59d3a714256a7ebea99b1b9020790e89762ff35893fcd8cb081e

openshift4/ose-csi-driver-shared-resource-rhel8@sha256:5728664a2ec230d429f5533c6a7c4da5bc624b5a6570c188530a109d97f0eabf

openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:14aff2bfd12b342aa105588c3f9db4d82a45f5a6833adc2ce1fca79b84d0e2ea

openshift4/ose-csi-external-attacher-rhel8@sha256:be2171df0a6d1eb770c587483538d178e81e182b91ce640c44d4e3721ce0a59e

openshift4/ose-csi-external-attacher@sha256:be2171df0a6d1eb770c587483538d178e81e182b91ce640c44d4e3721ce0a59e

openshift4/ose-csi-external-provisioner-rhel8@sha256:5b37a3844ce28d2d524246d85191961436e6e422c57c62ea5b8c9354b7de3b66

openshift4/ose-csi-external-provisioner@sha256:5b37a3844ce28d2d524246d85191961436e6e422c57c62ea5b8c9354b7de3b66

openshift4/ose-csi-external-resizer@sha256:eb5d57e93ce86efd5d5656a17e5cfdc9d011da5b43c46160dd018bd3765f1d1a

openshift4/ose-csi-external-resizer-rhel8@sha256:eb5d57e93ce86efd5d5656a17e5cfdc9d011da5b43c46160dd018bd3765f1d1a

openshift4/ose-csi-external-snapshotter-rhel8@sha256:93d9a303038f02a26a5eddc9ebe927d92939ba63a85e233838fe48a019821cd7

openshift4/ose-csi-external-snapshotter@sha256:93d9a303038f02a26a5eddc9ebe927d92939ba63a85e233838fe48a019821cd7

openshift4/ose-csi-livenessprobe-rhel8@sha256:e76e2a0668dbf0d7ed862aed2054984dca3a2788c1aeba239c4a333b6e872462

openshift4/ose-csi-livenessprobe@sha256:e76e2a0668dbf0d7ed862aed2054984dca3a2788c1aeba239c4a333b6e872462

openshift4/ose-csi-node-driver-registrar@sha256:fac8d17e1865f7e0e698f5099442ae1cf89382d79611682f6bdc6d974a16c7d8

openshift4/ose-csi-node-driver-registrar-rhel8@sha256:fac8d17e1865f7e0e698f5099442ae1cf89382d79611682f6bdc6d974a16c7d8

openshift4/ose-csi-snapshot-controller-rhel8@sha256:e82c2232a4def4567e4f562b3e57f5251135dc21137163144fc3251e3db58b87

openshift4/ose-csi-snapshot-controller@sha256:e82c2232a4def4567e4f562b3e57f5251135dc21137163144fc3251e3db58b87

openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:a909e48a92cb2fb7db4263945f3477ae12aaa61f253af74fbb5ad06a787a0724

openshift4/ose-deployer@sha256:f3e755f94dba254d732ba3452c767fd356580a419fc9e0c677ec751d8b2585a2

openshift4/ose-docker-builder@sha256:8efd246954163da1312225b431da1c66433979714217f3ff9c142044921d9cea

openshift4/ose-docker-registry@sha256:df554bc083e198aba3af043a075923364b8cd580d91de2fea893f9556dcc0055

openshift4/ose-etcd@sha256:5ff54f041836b320ce264259d0756541885c8aa8a6b3947ee65d292fc2d105b5

openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:5f97bf8da777356f9a6a790fcbeadfce84802e5dd99ee34ac605713870f7cf00

openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:3bea86d9eabf92e65a7a15adcbe181167095a7f3be2d7329fc02746dc31ad194

openshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:6659934044437e35795ecd76af3a82b69a8b5fc9af204ee93baace07b435c2ba

openshift4/ose-gcp-pd-csi-driver-rhel8@sha256:d21ef7e405204288644bc959b9566ee6994a23869894e214bbd88e592cceb242

openshift4/ose-haproxy-router@sha256:f5ae237ba18c4d31c119aa565fcef206832d49aecf5443bab310dd08a902db5d

openshift4/ose-hyperkube@sha256:903d96fd265d97cafe0d60a2f3e628ec9806cfd992774153ca05d88fc2dd7763

openshift4/ose-hypershift-rhel8@sha256:5f0be561ad09407037dff0549fca29ea3374c1f50c6f44e8060a46f78a88f748

openshift4/ose-ibmcloud-cluster-api-controllers-rhel8@sha256:2d4121cc15dcc79fd954fa260982d403b352fadd8b3bdef71e9e910cd6cd87b4

openshift4/ose-insights-rhel8-operator@sha256:df4d154357a1636bbac3e3330807a8d39c91e5b394c4a878c0e7b1dd8bb9979e

openshift4/ose-installer@sha256:f9fc2c19323a737725d094b4dbda854e45699cde2408bae699b28ebfbfc6312e

openshift4/ose-installer-artifacts@sha256:0db1e7bd1ffc12a8921db0a5696e58635575523c82f44d75f9af7bdea05341de

openshift4/ose-k8s-prometheus-adapter@sha256:61fa9a387aa6e3da6b028ac05771b71828fd1ca89755d07509e93be1c46a120e

openshift4/ose-kube-proxy@sha256:d33080f3f472adf19529dac741caa482c9e3a4a68f1275a263ede4ad5d297e15

openshift4/ose-kube-rbac-proxy@sha256:832cdc18738226427b2e6c5056ad912f49c4252a0dcb7a2990121c755af043f5

openshift4/ose-kube-state-metrics@sha256:06c266605752f58dcfb91186faf455e8fb9e378fe360a53ea4e087c06365ce77

openshift4/ose-kube-storage-version-migrator-rhel8@sha256:721c3cd0ffef4e8a59dca9982b736189dd87b003588054de1f08f62244c36fc6

openshift4/ose-kubevirt-cloud-controller-manager-rhel8@sha256:6b0a345439ac95e6c005dfe96858a04b4715b0a6842070dcfc479e150d8bf759

openshift4/ose-kuryr-cni-rhel8@sha256:d99954ecfebd6ccd1d3fd9452f857248650c74f8d4cc2d4beb92426736b7356c

openshift4/ose-kuryr-controller-rhel8@sha256:feb72639423663f1f99a9052b64a624433f200f270561d64d31cb12e5c9e0521

openshift4/ose-libvirt-machine-controllers@sha256:6fc33ee4aea21bea7485912c33f938119e877044cef5ccc794cb2e3a08c13aeb

openshift4/ose-machine-api-operator@sha256:8d4b16b6d956677deac9b73e28301fb2158eed0db11bab204fd30f23f0f67046

openshift4/ose-machine-api-provider-gcp-rhel8@sha256:14f165c5c06bebb9de15c6a411215a55b36e6777b29db6521c7c356b88890038

openshift4/ose-machine-api-provider-openstack-rhel8@sha256:e161824c24d6713947744cb302360ddb3f85825739ce5c92a84c77c13e660300

openshift4/ose-machine-config-operator@sha256:03db0f2c8f57d908f2ad0e9647d49b35043a8bcee5fc30d5d39b8a0c4b1f52c3

openshift4/ose-machine-os-images-rhel8@sha256:f9ba1850f796808a54d69e0f3bc1c34bfb259cd28d2be97ad32a7be1b82542ec

openshift4/ose-multus-admission-controller@sha256:84a8a95f2a70aa68a80ec260829ff30a32d6e2ef678d7f877b7849f0fe219e07

openshift4/ose-multus-cni@sha256:ab7db58045ae8b5bd29201f0b29e0bb814d87a79faa56eabc3e1499326a68591

openshift4/ose-multus-networkpolicy-rhel8@sha256:99fbcfda560e1a3a7514cc033e25892d8e693c40604700a6f66d34f2137ba7bf

openshift4/ose-multus-route-override-cni-rhel8@sha256:74dfab0ddf13c03873e7a8b9f4be6b9cdc1d0a4e9d82b6538623ea9249fd5f1f

openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:2ee5e0add2fa0cc72e2977a1e3b406f587002f5697a4c7a546adf04f7f4fb4dd

openshift4/ose-must-gather@sha256:d95c7112d28a98772004a03c0749cf550303e571c87b54949ba68689e4975293

openshift4/ose-network-interface-bond-cni-rhel8@sha256:6ff830c1be35cf72733474bc9e0e6883b619f2a7dcc75ad6148e46996527209a

openshift4/ose-network-metrics-daemon-rhel8@sha256:dd3a1b26b785ef78888fc72885e06af756a1c267f5af5b1f1516d6f6af9fa401

openshift4/ose-oauth-apiserver-rhel8@sha256:d5ed670353f674c5016e946c56cc72622bb1f37259d79117cf1d50a28c83cd96

openshift4/ose-oauth-proxy@sha256:995aaa99a08a69becf8cc0d9ff8c08eaf18c4fe6874a872bc5b9822b3b612245

openshift4/ose-oauth-server-rhel8@sha256:a45d60414f443282035ca813af3419774d6a774fd6fd54bea51a985ab9d57dfe

openshift4/ose-olm-rukpak-rhel8@sha256:56c0352d7ef21d757cf4bfa9603cbc6249fa38df8ae9f43ccfb7633798be8a50

openshift4/ose-openshift-apiserver-rhel8@sha256:dc24526b43ddd90d403cb7e35ca6109369124feb003d9bbab295e2f67849b1f2

openshift4/ose-openshift-controller-manager-rhel8@sha256:67fb27073f232906f1762ce7cec893fe491059b5c8c032c645ac43e94bb2d1e8

openshift4/ose-openshift-state-metrics-rhel8@sha256:413bba81cb2080ca3d618deeb377419b74c82c89d3b9dd76288eb326870c1635

openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:872b832aca73a369932467ceb7f56d98d0b2537f6ea7c043e35e539badaf085d

openshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:3526a441a4dc6f4d3c1f399d6816e9d3c87223c5fc6eae7d00ef3e5d4bd7b895

openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:8700a2ed8d94f11967b5e6b23a77df88f55f1214fb125471432aca79271288cf

openshift4/ose-openstack-machine-controllers@sha256:01f0614d50178eb990fee6572345307f18aae2ef8df49dd6944c792b7bc31f24

openshift4/ose-operator-lifecycle-manager@sha256:e47ebc08a5da84bfd70b67af68a07e0c25e121676e3c8ee93c667260adb6b7ff

openshift4/ose-operator-marketplace@sha256:dd1a8666adc18c2bd627b852a527c64678e5ac829fb21f699a689a64ad22dcfb

openshift4/ose-operator-registry@sha256:aba10cc90e95f29ff808fc7b240cffed4e3f181e0e568c20cc6f30ee841b3cc2

openshift4/ose-ovirt-machine-controllers-rhel8@sha256:a12a330f8dfad95ddc4655230911c15f0f09efb665c1d4aa93cf829984276dad

openshift4/ose-ovn-kubernetes@sha256:4c3b8c68102c1368e7295e1bd262f6da3dac7fbcfe36738a8faefe1a655fe87c

openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:58aed40646cef3c992022cb3e328226fcf335275284fba00c5abf315a11e7e15

openshift4/ose-pod@sha256:98b8e4c0bcb6d09cd647d38495998473675ca427644cc368f1e0dbbb17f8c549

openshift4/ose-powervs-block-csi-driver-operator-rhel8@sha256:1876e3ea797fa92b019d57e4714566ff96fcf890100512005840f162c6f752e8

openshift4/ose-powervs-block-csi-driver-rhel8@sha256:14784e19a3eda7ebc054205e9e351889ad705c9e0a79a47fea2b279881332de4

openshift4/ose-powervs-cloud-controller-manager-rhel8@sha256:6550ee10cfe652477ad156d1594ad576f97f9ec7bc82e23a8de9e391a2aaba10

openshift4/ose-powervs-machine-controllers-rhel8@sha256:25c1b2a733f30fb99dfd76ed4ae958b4bfbd9539060f3e7e07514591487e65d9

openshift4/ose-prom-label-proxy@sha256:c4da21447fff9f1a1e1fc6c9a3c1c58d5316760f04e67413169b7b7733337e1f

openshift4/ose-prometheus@sha256:a8e4d5118f577fbfaeda27b39f31064a19f9c1d190e153786741bb81c841ed30

openshift4/ose-prometheus-alertmanager@sha256:3c21e4e8f6b3001bdb0f1c0cf1867bec5865da1d1af38255af77c3ccb47988be

openshift4/ose-prometheus-config-reloader@sha256:6655ba19d8b86162022461a409531d415ef69d068b988678ef257d2ff2434a6c

openshift4/ose-prometheus-node-exporter@sha256:f7f6a3a61dd80a42edea23defb87ad398bf2a8d9904291550be9a3bdbc48795b

openshift4/ose-prometheus-operator@sha256:00a71cf8649d9c15894f102459b02c580d9f1f7fd90d2b9e6da0eaad6b75c5fa

openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:1ea95b848b4326354101582ad760482887e9ee61513dd24d15befc58ba1523c1

openshift4/ose-sdn-rhel8@sha256:297843397de929be83d78a03565196138c1adc9cd2203b786f1444fa224c11fe

openshift4/ose-service-ca-operator@sha256:443b3c9640d964e7a2c9f69c1fdf1ad10a48421d8eadf1c9687666ce7e6cb2d0

openshift4/ose-telemeter@sha256:4677536b10a248089575b6cfef74a6954526d6bc43be234aeaecf672b8ed1102

openshift4/ose-tests@sha256:b95d1eb984c38b4f55c9346cf4b01ae8ee05120836c40d06565be7b10189e988

openshift4/ose-thanos-rhel8@sha256:d2933031277c43e07e5403392140d77a1b5a938793c09e79ee35054ca944cb2f

openshift4/ose-tools-rhel8@sha256:7c62daf47619dd1a6126d99468e1a6faf3433722ab4ffce295bf483c9adae650

openshift4/ovirt-csi-driver-rhel8@sha256:b9a6797668ddc43a317d588ea9a3ba6b1e1f7d223fdf1be21c51966d48d7a914

openshift4/ovirt-csi-driver-rhel7@sha256:b9a6797668ddc43a317d588ea9a3ba6b1e1f7d223fdf1be21c51966d48d7a914

openshift4/ovirt-csi-driver-rhel8-operator@sha256:39afa39e36fd9bb43fbec80b11d87800cc73ed64e05713bad9ba15ff411e7070

s390x

openshift4/cloud-network-config-controller-rhel8@sha256:2fa6d6d5764b828663df8aca6264b57f6c572fe3cecc445f3d7fd04218ae9458

openshift4/driver-toolkit-rhel9@sha256:360cc9942503a1cf41a2c6c002de77f059230e5fd3ffa43ac68c23358615fa0b

openshift4/egress-router-cni-rhel8@sha256:0ce83e1d4be5190ccac81dc04a9a4a2af9a51c4512000494750aab26459d7374

openshift4/kubevirt-csi-driver-rhel8@sha256:fa7f9be37568b058d1aa220ebc75551ba875cad0db1d6bd00d49763ce5f13740

openshift4/network-tools-rhel8@sha256:1387f092f719818ea91c2c6370ea5856d29c32532691791c4e2d2a5706b23d72

openshift4/openshift-route-controller-manager-rhel8@sha256:bfada38246104c2045d2b0e10988d9be27eacc2a151ac69911e36dff00e257ea

openshift4/ose-agent-installer-api-server-rhel8@sha256:f30dc53366aedfea8288d18ae6a57fa21ee84d82d4b843334cdbc9d683b5bbe6

openshift4/ose-agent-installer-csr-approver-rhel8@sha256:378764704d0dbb7c02b9fde60ccaa3dcc1215faf965faff2445a60068fa0d2ec

openshift4/ose-agent-installer-node-agent-rhel8@sha256:b82fdcc6a72ca6d717d441777e07952b6c61f74e2547a5b934708bd45f37f41e

openshift4/ose-agent-installer-orchestrator-rhel8@sha256:291f2341c3bf4211e85bae554408ba1eb2d293366bd4096b3dcd4c80d295f4bf

openshift4/ose-apiserver-network-proxy-rhel8@sha256:574b5f79b42d8dabaf5844573f09c792c0c6769b564d2cbfd20178181d16e614

openshift4/ose-baremetal-installer-rhel8@sha256:e182b1b26394348ac59e4df1fbbcb0ec2415df9b525ff582948b8a5bbdf371d4

openshift4/ose-baremetal-machine-controllers@sha256:4a48dadbf813d29a1b216dfea0c5a209568e209a58f94e15566028f7e2c19093

openshift4/ose-baremetal-rhel8-operator@sha256:3afaee36ae883e26222bd3169697b012c041d4435209b698a9f9cab700560ae9

openshift4/ose-baremetal-runtimecfg-rhel8@sha256:6d66868a16564dcb52a5022c3584daad97ccf1c555850a9557b3a428a78b7d11

openshift4/ose-cli@sha256:6f47e57d6f43db25dd96da9c56702ed1528bc6b6dabb2837070349a68e65f70f

openshift4/ose-cli-artifacts@sha256:2d8c58fd5c0406104851cb95430f7cad3784d01344516ef548260d934b43495a

openshift4/ose-cloud-credential-operator@sha256:c8f3486a24cf3325aefd03f62fc8a05fa07674ef9351234f70b80e744e8a2e13

openshift4/ose-cluster-api-rhel8@sha256:d41fd5fc243cf8a1cd856a7ce1bfb8744e20d13bdd8efc128d532b60e116f3a8

openshift4/ose-cluster-authentication-operator@sha256:643ddba13bc948dd6516902dcb5188eeec4b6bb419ef671eb164d4a242030789

openshift4/ose-cluster-autoscaler@sha256:976fc87ef39279d9408e1f2a92172428fe8a1f9841c018d5fb034e7975d67a89

openshift4/ose-cluster-autoscaler-operator@sha256:672fef109904f258880326ee9007c071a5527b52e9bcd48e4a79a8076e03b7e7

openshift4/ose-cluster-baremetal-operator-rhel8@sha256:0a7b9899da794d8d7e5f17b953b88b3de2c6f7fe6e2af167a61f10ceb28b9ac3

openshift4/ose-cluster-bootstrap@sha256:035bd28ad8614e0b52ff8b4d8535954202a194ad9b36fa87b168651a0aa12194

openshift4/ose-cluster-capi-rhel8-operator@sha256:bcfecf2415211758b8250be6b2ee8c597863f6edcd4ef4d75515c5c681a37080

openshift4/ose-cluster-capi-operator-container-rhel8@sha256:bcfecf2415211758b8250be6b2ee8c597863f6edcd4ef4d75515c5c681a37080

openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:6d5f46cc0b27dc01cf3dad5f1cf48c54ef58ae4054c7ff17812752f242da9c63

openshift4/ose-cluster-config-operator@sha256:d16bd442060084450caf939ecea441bf42f06caf7ea7c5fd805e1dc87351163b

openshift4/ose-cluster-control-plane-machine-set-operator-rhel8@sha256:1d2fc11f3bed639cd6603ad1bc053e54c8e965b9c7accba185f2eb1eef40dc9d

openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:7cfb5e691c1cf5647420f8e4e2bdecc414444863e90881109c9df2b591db39ab

openshift4/ose-cluster-dns-operator@sha256:64b2b7be9eafcffd79ffa67237ea84a1569c27ab890db29d1e1455f48863fd0c

openshift4/ose-cluster-etcd-rhel8-operator@sha256:422f0ff0cc5214e574a582dbe1e0885c22a5941327dd4e567b41797d76b59ec0

openshift4/ose-cluster-image-registry-operator@sha256:45629389a1bd307fb43cc2a81b6b611968ddf894ee8abb3a3d4721dc17609a6e

openshift4/ose-cluster-ingress-operator@sha256:3f716f3e935f402e3a5fbd3ffcd91a5fd044454844d7fd6cf8c68ec35d825b12

openshift4/ose-cluster-kube-apiserver-operator@sha256:d7364351fc860739e24285896a9113abb134a8b8ad07ceb8c9ceeb524fcc0e1e

openshift4/ose-cluster-kube-cluster-api-rhel8-operator@sha256:43a8cfc8fc1e6f3e4fb8cd6212b024582e4a985eed747b0c88ff54a7cd77a7d0

openshift4/ose-cluster-kube-controller-manager-operator@sha256:158ed5c5b3ce6674ba83fa20375fd4c18b830eacabe4001373b96ad10ad25988

openshift4/ose-cluster-kube-scheduler-operator@sha256:09a834625dffe107bbd2631dd0b1f7e0d6143bdde0c0b67254f2093ad2fe00f5

openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:a2dd21b35f32b767b6cf553e27c0ee61c6b9d69a18f1da24ff45e5790557295e

openshift4/ose-cluster-machine-approver@sha256:a64e80a62b1013012d9913d36118d1f8b872f56c354925d4ca6c714b01f79cb9

openshift4/ose-cluster-monitoring-operator@sha256:8c96ea3f72aa3828c69e2e148afe46309246ff7f8727b90b017a7db8e47046a9

openshift4/ose-cluster-network-operator@sha256:0520349a81cf5fb2f08e2f71dcd6cffaad5e128aea7253a6af8e3974010845a2

openshift4/ose-cluster-node-tuning-operator@sha256:2a18d16dda1cdce0f5cb5a91d34b57a6bec1fcd0d1260845be398271736be4c0

openshift4/ose-cluster-openshift-apiserver-operator@sha256:f01333a96dfad2638833fafd3cf9735f30a5f32bdcddd7b35d4400b28ade2051

openshift4/ose-cluster-openshift-controller-manager-operator@sha256:796e6e3da4649085d4c65111a559bba91d44ff88ccb4c54b2437bec2da6a3dc2

openshift4/ose-cluster-platform-operators-manager-rhel8@sha256:54883413b6b607e7e009e50a1edc9c0f967439904d0b19bc9ddc331182e496c6

openshift4/ose-cluster-policy-controller-rhel8@sha256:f0f1aaae75059cd8cd0f118d235f32ba28754e4872ce3df34caa524b130a4208

openshift4/ose-cluster-samples-operator@sha256:236c619c5554348c712694305d52b972554b56b288fd6225a4285d488ba3f990

openshift4/ose-cluster-storage-operator@sha256:4704e62be2aedfcd74a0dc14e95d54ff0c283969be1ca61ada8a02d34c362860

openshift4/ose-cluster-version-operator@sha256:3477cc8298c8e3e672c00ebe4f2e7a6949610fb173e69a9e1756980fcad72f58

openshift4/ose-configmap-reloader@sha256:749c60624dafe06ddf897ec6b4f3fcc6ba2f5f9932e957a38339d466b01010ce

openshift4/ose-console@sha256:0f051a5c0e536680e875f54a17fae24922c1d85cc54a3ef06fb73af9f9421139

openshift4/ose-console-operator@sha256:9ed70e5dda973abba6a707706d11e27b89abb7741696c2b1df7cdfccae28f7b9

openshift4/ose-container-networking-plugins-rhel8@sha256:7cb1a13eb807dedba697a269b5db34e0123c808ace0805df6e372beefcda1a26

openshift4/ose-coredns@sha256:e6472fae32595e4329724c3ec49567ee4fb843e974a4218374514570978e3319

openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:8b16b80163f75d49d6a09adc8646653315ca70277bb411fccbd687168e54e7c7

openshift4/ose-csi-driver-shared-resource-rhel8@sha256:bce8eab52e10441ee8d514e83728551b94b811de0dfc792e8fa6f5764720c644

openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:1961094f28f85fab091c7285606a9219b85cb03eae72d07f566d7e51b3f59b33

openshift4/ose-csi-external-attacher-rhel8@sha256:77cc30e7253732b442344904a63ff4571d7f7c79f1fbbaaec01749e0c04efdc9

openshift4/ose-csi-external-attacher@sha256:77cc30e7253732b442344904a63ff4571d7f7c79f1fbbaaec01749e0c04efdc9

openshift4/ose-csi-external-provisioner-rhel8@sha256:706146f4e369cfe6670b5732b8a2d8f631823866945920a4bbbfa502a64de984

openshift4/ose-csi-external-provisioner@sha256:706146f4e369cfe6670b5732b8a2d8f631823866945920a4bbbfa502a64de984

openshift4/ose-csi-external-resizer@sha256:8dcf947b04d9455880a3934dc3a92ac7a0d4395022879a3ec5642322214973a9

openshift4/ose-csi-external-resizer-rhel8@sha256:8dcf947b04d9455880a3934dc3a92ac7a0d4395022879a3ec5642322214973a9

openshift4/ose-csi-external-snapshotter-rhel8@sha256:0a8fe0cc5990bc0ec2959d3ed7db7a7d29c4ae4b0b332bc1430dcadf73ad7a03

openshift4/ose-csi-external-snapshotter@sha256:0a8fe0cc5990bc0ec2959d3ed7db7a7d29c4ae4b0b332bc1430dcadf73ad7a03

openshift4/ose-csi-livenessprobe-rhel8@sha256:2152c16ef00f543e3381d1b697fe4758f3279f6112f921aac0cd4895bdc8d079

openshift4/ose-csi-livenessprobe@sha256:2152c16ef00f543e3381d1b697fe4758f3279f6112f921aac0cd4895bdc8d079

openshift4/ose-csi-node-driver-registrar@sha256:9025b113afd2a1baf3da79970b8aa3a5ef0a6246f3ae5a5019c879113926f4d8

openshift4/ose-csi-node-driver-registrar-rhel8@sha256:9025b113afd2a1baf3da79970b8aa3a5ef0a6246f3ae5a5019c879113926f4d8

openshift4/ose-csi-snapshot-controller-rhel8@sha256:1fc5262f531959300994ca84bbbfad8c12f289bf551f2b8e5fa29cbebbedab8c

openshift4/ose-csi-snapshot-controller@sha256:1fc5262f531959300994ca84bbbfad8c12f289bf551f2b8e5fa29cbebbedab8c

openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:97757b02216915cf21b822360e4a81930904c57a4ed9cf17a89b4bef790ff063

openshift4/ose-deployer@sha256:324b3574ffc1c7902f7ab09778be41356f68e1de748b69e3f3bd9ae70e395527

openshift4/ose-docker-builder@sha256:7861a49e2f1786fe037bc441d304b7d0e4057499c84778a7a11e98a126e2baf8

openshift4/ose-docker-registry@sha256:a93ea8db37e729e3025a031e180fe4a492157cb107592946bbb7ddbf665bbbe8

openshift4/ose-etcd@sha256:507894a827baef25e7b8877a1f3601c75682448455d3d81bbd15ea6ce4006691

openshift4/ose-haproxy-router@sha256:3b7378553391aad165fe5864276d6c01d3fd19407789de8a79e807b1ec4bc3a8

openshift4/ose-hyperkube@sha256:9c7b73e7201dbc7a92d07d67de61f54f2f41b912aab16376145bb602b3047927

openshift4/ose-hypershift-rhel8@sha256:a28803012d9099d6588a06b019378867d9b0163ae7a0e670220d2333c04fe0be

openshift4/ose-ibm-cloud-controller-manager-rhel8@sha256:a19d593476f00929d1d771ab84bfc80e707f81cf4fb08a7cef6e15ff1bdc8158

openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8@sha256:9db1f90a094d4891e46bc503986c4d257156eb4ae24b6c1c17a342e3861195f6

openshift4/ose-ibm-vpc-block-csi-driver-rhel8@sha256:b9ae7cea484583d026d07cacfd558336b404b93cdc1162894949bbd9fb8a50aa

openshift4/ose-ibm-vpc-node-label-updater-rhel8@sha256:7884d2671b31a9247307bf8921427fac3a64ebe7ab5ea959b5d9151f00d6e9dc

openshift4/ose-ibmcloud-cluster-api-controllers-rhel8@sha256:493367803274bf44d604cd81bcfe93fec31f604385bfe672b2ca56bcd9e14d53

openshift4/ose-ibmcloud-machine-controllers-rhel8@sha256:ef8a9addbf2a05ebfaf3a1ab49af4cedda1ccbb7f52219684613c5cdb0eb29e6

openshift4/ose-insights-rhel8-operator@sha256:d48b826d84238e4fd32e805391851c667b593a255275837ef6e74280762aec08

openshift4/ose-installer@sha256:3799f6ff228730d9fa8e213bdbab952f747309bca6ccb3e0b492bd4225da5213

openshift4/ose-installer-artifacts@sha256:a7971318681dcd757dfa0b8f4c5f4e8fb600671b0c875f3e6bfad84e0e3ce1f9

openshift4/ose-k8s-prometheus-adapter@sha256:34a9ea22fbd1db8da8dc1d955bdc5240e6f5f476e94f8785b654a748528b5e2d

openshift4/ose-kube-proxy@sha256:63a9c8471653486bd782fc58c0c6bbe68b43cc436c62ae1f1da6651351c0e34a

openshift4/ose-kube-rbac-proxy@sha256:263c7b821007aa0189fbd2ca0f988e32bb56c6e673022b06b7b3987b0c7ce05e

openshift4/ose-kube-state-metrics@sha256:c112c8328246ab0b7935c76a839b90b27b3bdeba301b35a01cbf4ac92573d21c

openshift4/ose-kube-storage-version-migrator-rhel8@sha256:9ba687cb942562e00b0a7ef319e2f83114851c46f1c490e29d0d421ff2645f06

openshift4/ose-kubevirt-cloud-controller-manager-rhel8@sha256:1e009753c1aa9e1b4a34143d32aba6742ed23b3a2f748453ed6131576f8d72c9

openshift4/ose-libvirt-machine-controllers@sha256:50714573756e58d9eee28c0b2fe6541f60aacc88bf07a46841467c9b9df9ca66

openshift4/ose-machine-api-operator@sha256:9e96d7f76ae7747b51aef6e8ed077b28881c11fb041884c21a5538c4ddacbff2

openshift4/ose-machine-api-provider-openstack-rhel8@sha256:1a482e50ca4ca2fa074c4813c2378573fb61084ffcbb7fe2f8c5cc3713e49872

openshift4/ose-machine-config-operator@sha256:3138c3151186b65997a4223047776dae76fe658bf4d0728277c53288b8b982ce

openshift4/ose-multus-admission-controller@sha256:725ad302e937cdd334fc5770ad4bca1b5d3030b8db52f653271567762e4bdd28

openshift4/ose-multus-cni@sha256:7aee8a2ade33cd0ca2b7c9b2ad149bc12ea53daa848c09c97a6f3d0c27431e07

openshift4/ose-multus-networkpolicy-rhel8@sha256:5309e4f6e63264ccd5bb5c50d63f78e5aa1ee462086e69f19d400661e806d175

openshift4/ose-multus-route-override-cni-rhel8@sha256:205594051f828289cfbcdc011e59d5f8ac57496c9ad9baf807123826db4a8a96

openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:14e4df5d682a1a4b263404e49cb3e753627931bab3bdc9def98bf0b0c93e0a6f

openshift4/ose-must-gather@sha256:54e5f23aedf82e784acd790efc647a6ceabfc23a1565646837726aa18c803446

openshift4/ose-network-interface-bond-cni-rhel8@sha256:70bc15398882ee9fe63b5112acebd9660dc4c7ab87acb1145d117e48a545842b

openshift4/ose-network-metrics-daemon-rhel8@sha256:912bd7092baf81645051671d233e5b14be3c7248190a71976ce58b7e84244dc2

openshift4/ose-oauth-apiserver-rhel8@sha256:c912c8ef95e58c489b04753ad7195923044db07b5f3f0091ac3da09a82835a70

openshift4/ose-oauth-proxy@sha256:a659f83e65de876a35fbab6c0c03787f2f9eadd91d80fda2161e67dae71f8a60

openshift4/ose-oauth-server-rhel8@sha256:301df5f605c4f1c273890d01141b3603e992d04c0cf98cf5cd8de97e65cd836a

openshift4/ose-olm-rukpak-rhel8@sha256:23a3a9813a9d85bf4191411bbf14491ba74e4e8d49faf959bde26e94de92c238

openshift4/ose-openshift-apiserver-rhel8@sha256:b64dc04006fe3bad21112d03df8242aa0412cd7f77740587fd91119b1dc7f941

openshift4/ose-openshift-controller-manager-rhel8@sha256:71133ecf783ca0ab04d463332818df3a10f67e68d29cb4ab9572fc48911579df

openshift4/ose-openshift-state-metrics-rhel8@sha256:bb8b529323b5bd2496621f36f95c3aa3c4646e6ba3796d3add8145e6c9bb0dfe

openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:5d1ea8cf5144bf6ed6245813b5a23370e504a8a9a5fc35bbe0a198a7e192aee4

openshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:95783f590e9f822601cdf6b11a3c44950b1eedcef0883f7005b7a64c7394a7d7

openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:748b7bf94735151c3167d05037ce9cf96bd13dd21701386aa82b40674aa3727f

openshift4/ose-openstack-machine-controllers@sha256:f32972d01317c964551160f0644806424957bf0fcaffd393ddba625e85d1bfb6

openshift4/ose-operator-lifecycle-manager@sha256:925bfa2330be186437b871247e571100152807274e493f3999f0bdf571be43f4

openshift4/ose-operator-marketplace@sha256:cd70a3bd0a26c3403d144bb658673e3566fa69b1782510ff94bda3807a6d6eef

openshift4/ose-operator-registry@sha256:68f15fc2b50ca44bb59106bc50f1c25010a6eb812a094808b23ca47655688f73

openshift4/ose-ovirt-machine-controllers-rhel8@sha256:0bb7271d8ff1457869adf6cb619ae077b544b598f9f7350a10bb862732f1c36e

openshift4/ose-ovn-kubernetes@sha256:6ac5652c97eb5eec72cac34e7a4cf398f84921795753e6f7fb1e7f067284cd7b

openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:d5f8c401977d7e140a7b55d05ffdbd93b6cfb90e6da5f5897b7b32d8fb178435

openshift4/ose-pod@sha256:d45b128d02ce3a26563d77158c50a6c8a1fafef348ba94721035b64da2f46a3c

openshift4/ose-prom-label-proxy@sha256:7d5a10baaa1e35072d8bd8abef2aae38be558c4452e34f2c82322cdbcd023b33

openshift4/ose-prometheus@sha256:5d7289da6e3d899ccdbc2ac34e379018d87e1d42ddc90731a15a2a1193dde581

openshift4/ose-prometheus-alertmanager@sha256:8098f2978bbaeb94c63a157a9c216ccbe060a04eda34db3ae8d32e334485139b

openshift4/ose-prometheus-config-reloader@sha256:734f1be8feaaa146820f9a37207b48e6557d9f7ad22179e3a42218f63305d389

openshift4/ose-prometheus-node-exporter@sha256:3743eac61be10987871a00c1e10226cce4ed211afecc25b05692acee952042b0

openshift4/ose-prometheus-operator@sha256:91acffe64d86f57c3525a682a44dc190a5cbf426c5c83c124be0c8b3b444d0ed

openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:5b061c280d9e334d4515ef10cac49850c57797aad68023734309e33c1ca22f79

openshift4/ose-sdn-rhel8@sha256:6822b4c5784803fd8b049cca469be221a3edb40e5ea13c38427a54f44d9b9274

openshift4/ose-service-ca-operator@sha256:01fcced2b51a97f2bd0d0ec78369e5277edbc32859a806b5f8e7fbe43f6d8545

openshift4/ose-telemeter@sha256:1ef86d448b5aac547fa62fd27f27015cbdb1c802723d553ad9b139135854a721

openshift4/ose-tests@sha256:ca26f2e8b46fc25d09391d6113dfbab11f76dca544101602d1235cbf85ae7fbf

openshift4/ose-thanos-rhel8@sha256:16ea156de6f776502503914d76d70c238b07c40b6e70bfbdd059efcb0e4bd5d8

openshift4/ose-tools-rhel8@sha256:57d9af2a42747e39b22c2b423396032a006d04c4eb0be509ddacef9795cf0daf

openshift4/ovirt-csi-driver-rhel8@sha256:24333015a85d3384899f2a98dc299a6379544aa07eacdf78c2fc8bb342629601

openshift4/ovirt-csi-driver-rhel7@sha256:24333015a85d3384899f2a98dc299a6379544aa07eacdf78c2fc8bb342629601

openshift4/ovirt-csi-driver-rhel8-operator@sha256:4e3db5b38547168209f1a1953db52d3fc571e87cc8daf0f3676d34e35d4a6509

x86_64

openshift4/cloud-network-config-controller-rhel8@sha256:ed34395903b24b6d746814090ff29d6b1cfa8fdff05ef7c38a66bddf7bf63aa8

openshift4/driver-toolkit-rhel9@sha256:56b46ace9b78d2f8816369401f63f93431f45bc3fae696e2e2c26e1810a319fc

openshift4/egress-router-cni-rhel8@sha256:55fa691e775ce7d116c9b28aeede76c37eb6f0f7c3f43292cbebfa32b7abc4db

openshift4/kubevirt-csi-driver-rhel8@sha256:b65cd3daa33b31d9ca5ac9b993e729fca37b71fb387d225afbbb6d3a60e59cef

openshift4/network-tools-rhel8@sha256:2d4cf3736d091e8fe40c83cc4675eca6bd3dfc6f12d1160ee104aa3364ea8807

openshift4/oc-mirror-plugin-rhel8@sha256:278b6167e214992b2a40dd2fb44e8588f4a9ef100a70ec20cada58728350dd02

openshift4/openshift-route-controller-manager-rhel8@sha256:c724af8fbd426cc921ffdba6f6e52e747688bdd677ad636ab0178656998d0042

openshift4/ose-agent-installer-api-server-rhel8@sha256:2da4ee71fea34086a8faee62e27a35a3c3650b86f45d5b5c8abf95901e61a155

openshift4/ose-agent-installer-csr-approver-rhel8@sha256:524a2e1cbebe7791478cc8841656481c8d1a319e980331c195ccd0c2ec20e892

openshift4/ose-agent-installer-node-agent-rhel8@sha256:ceb73314e3e32d6435fa8f89511a53d375e95d5b68fa64d1c85fa3c9cefbc157

openshift4/ose-agent-installer-orchestrator-rhel8@sha256:c02f614fe14cb6fe83a701cbf70f0a71d7d23deb2168ebd0c84805d69d71bf56

openshift4/ose-alibaba-cloud-controller-manager-rhel8@sha256:587fb22f0c2c746c22a0c13170db0adb773a42dfa54744557c8b6dadd05d899e

openshift4/ose-alibaba-cloud-csi-driver-container-rhel8@sha256:827696501fc227acb97cc2613cebb049e16d373dc1dc94e26bbda6ff20f27363

openshift4/ose-alibaba-disk-csi-driver-operator-container-rhel8@sha256:1ee3f0d7fe2270218535e91b036c8ee05bcc27e8c4db9cb56e51679a58961eb3

openshift4/ose-alibaba-machine-controllers-rhel8@sha256:8c1ece4115f53a3fb337ad2f1313a3ca5bb51aed2bce2e7786b25c120d230a22

openshift4/ose-apiserver-network-proxy-rhel8@sha256:ec00cc9f1d9ad3c73fe55364ef4cdb4f29da150b297d70932179cbf0fda735a6

openshift4/ose-aws-cloud-controller-manager-rhel8@sha256:754c9f0aecf06493736db66874e3421395d5268fdaffadbb6d0de7cba10f7b61

openshift4/ose-aws-cluster-api-controllers-rhel8@sha256:b198bb9304f12acf3575c25bfd2084aad76ef7ac3515da0037b3e3f1373821ba

openshift4/ose-aws-ebs-csi-driver-rhel8@sha256:960642914cce33920d832da985336308b5f9394845616488c5bb6e9aac8f57b2

openshift4/ose-aws-ebs-csi-driver-rhel8-operator@sha256:8e3c94d94703e34b3209f34de14c578dea996578d1248db59b82f46367b29286

openshift4/ose-aws-pod-identity-webhook-rhel8@sha256:f3c4c9b25c95a04bdaca3ccd3537944759b5e689a7ca33df9a7df35d834abc76

openshift4/ose-azure-cloud-controller-manager-rhel8@sha256:7f7988cc052ece7e22d1822805187d184c290509c5b95e6bae2c3805e3f3a84b

openshift4/ose-azure-cloud-node-manager-rhel8@sha256:c839084142641febad500d762f4d7cd179f1935b64bf4f720c1be8d7e16c5f98

openshift4/ose-azure-cluster-api-controllers-rhel8@sha256:a21135b926f84b60a09588c87066eb12c8d294435881edb825204bff414a7e83

openshift4/ose-azure-disk-csi-driver-rhel8@sha256:f08af1e5430503adfa3d4261fa7254530f21af8142fdb0062c00ad1afefceadd

openshift4/ose-azure-disk-csi-driver-rhel8-operator@sha256:7feaa3b1e8a687c8a149e205c7408073e7a18b110c144b01fd4a0554f6e6faa7

openshift4/ose-azure-file-csi-driver-operator-rhel8@sha256:0792f0ae1c9e1008c6fd39f4c216cfe62fce373a17f74894c80620cdfa4be6c8

openshift4/ose-azure-file-csi-driver-rhel8@sha256:eddc369e4cec8fc4f0a701959b9c4f9df94e70c91424f32bc7bc68c56aa8b0f5

openshift4/ose-baremetal-installer-rhel8@sha256:e8360927bc625007e2b31230ac7f4a92f57189a439e075e31a4ad281061726ad

openshift4/ose-baremetal-machine-controllers@sha256:3fadf3239c823b20fded8aae69c97088f081aaf9a583ea44956846c69a0228ba

openshift4/ose-baremetal-rhel8-operator@sha256:8d1c86b8445fb2bd6118e962ca45588c4a85228b52106a11694e3083b3e886d7

openshift4/ose-baremetal-runtimecfg-rhel8@sha256:e3429f4fa702c490c71603d0a5e080a58977b11ac7cf20f224953a5b08442293

openshift4/ose-cli@sha256:878b31040c88f3eb56ca2bd2d77fa29128dad732850dd3fe779037ec9643bf02

openshift4/ose-cli-artifacts@sha256:0fd862508683a2fc9fb82079b6afb9ce38baf1a5a1815b88754f6d4180f92f5a

openshift4/ose-cloud-credential-operator@sha256:719c9da63d2bc4eee5fb295826dd719e92594ddd6d476dc57404af94f2d633cf

openshift4/ose-cluster-api-rhel8@sha256:8c6a04db91b25ba009236556d23c7d92d2ca646f6e1ceeb2a15be3d86309e8be

openshift4/ose-cluster-authentication-operator@sha256:b1c4f6efbfbd4b4097956744f0e16917222d0829471d362eee52e217e6c62643

openshift4/ose-cluster-autoscaler@sha256:012489f1cd997547e1171445ecc9d23542a2de961e03a8049776c955976841b2

openshift4/ose-cluster-autoscaler-operator@sha256:df2fc16837fedafe6a28b7a4e36b741ac18f536de965b566477210da997a41f0

openshift4/ose-cluster-baremetal-operator-rhel8@sha256:0dc47ae9c9d1adff84c6be2df7c8130ccf0598764cc0e9e7a317b5c19a6bacc9

openshift4/ose-cluster-bootstrap@sha256:e853c9818a3af8ae2577557cffd2a870a473616dd94ea97a5f70be3d530e8ee6

openshift4/ose-cluster-capi-rhel8-operator@sha256:789a21001677ae7544768cf1ed75a5f903cd720245b6c0e893ac61f2f0d1c09f

openshift4/ose-cluster-capi-operator-container-rhel8@sha256:789a21001677ae7544768cf1ed75a5f903cd720245b6c0e893ac61f2f0d1c09f

openshift4/ose-cluster-cloud-controller-manager-operator-rhel8@sha256:24cf17e5f8324c2b8533720c31d7ccc2d3e12e88ee5cf09e238eedfe551bf68e

openshift4/ose-cluster-config-operator@sha256:244746847c4fceeb5a25070a3d4d48909635b3c34499d9cdc7dc75cec7833acf

openshift4/ose-cluster-control-plane-machine-set-operator-rhel8@sha256:cfcecc2c6d2d2520c24b60b51483d690e8ccb4f03c5ce782d46ab8d7bcc07d68

openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator@sha256:0d97cc48099ad458ffb0b4b6e425d1902712ebba87021527524f7e8d6cd9be50

openshift4/ose-cluster-dns-operator@sha256:9d5a38cdf3b8d5dacd00ae5a41b56b5d6c08045c0d327b2c6eee3303e3b04582

openshift4/ose-cluster-etcd-rhel8-operator@sha256:a622000aa0bed4c394b4b2ff95b34a0ca216211e7d23f80b86e65ec7c20fdf06

openshift4/ose-cluster-image-registry-operator@sha256:4d24d211a1d2fc565a1b4b8a2f36ddd57e0a730b1931cf76dc322966b737d9d8

openshift4/ose-cluster-ingress-operator@sha256:1f1d811465a8b6fcd9b021735b00cae4b6abb74e52666fa474ab321871564a10

openshift4/ose-cluster-kube-apiserver-operator@sha256:07ce671d82e50c504bce7d6151b21723fcdb3756b193f7cf0be36737db14abdb

openshift4/ose-cluster-kube-cluster-api-rhel8-operator@sha256:ac20f0d74bb0e8f23a5b2a017da7cd2c27fa08487ec98d1831e21efe66f23d2d

openshift4/ose-cluster-kube-controller-manager-operator@sha256:b735243ed2713c6f3f6077d5dd02585b44b2abf07a675ffbf94a0067b094e936

openshift4/ose-cluster-kube-scheduler-operator@sha256:4307192551ce659b24131fd16e4c4ccfed4fdfcef703b8e505b51b2660efa232

openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator@sha256:662567a277b3071fdac3a2f680a36a28e8673ea6bf53b509b85fd5a6a9a15337

openshift4/ose-cluster-machine-approver@sha256:0c1b9316dc4b1e58af6483f09fe7f6e4a2f77bbd19c147152da4960f828419e7

openshift4/ose-cluster-monitoring-operator@sha256:282a9da9b75f6b57c27b95f60431b240376c1f355879639e2b31f5bcf7a67b0f

openshift4/ose-cluster-network-operator@sha256:33050327eb5937b342057fd2920ff04ca87ecd84305c5a53eb0934901d86b0d4

openshift4/ose-cluster-node-tuning-operator@sha256:bee238adb960117d10d7b6e84518d51691bf71d0d25efd754bcfe4d24486bd1d

openshift4/ose-cluster-openshift-apiserver-operator@sha256:bf2c4f91899d91221daa12d345a1294b16bde604811ef0901b3e1a9e5159b5a7

openshift4/ose-cluster-openshift-controller-manager-operator@sha256:d268ffcc437c420b0f968860038bf4858abdbcd07370e1e7d2f55e09697b52e1

openshift4/ose-cluster-platform-operators-manager-rhel8@sha256:451f26f408a20305987a9a612d552be92e4d311ef44cc5fe1185721ef2aeba54

openshift4/ose-cluster-policy-controller-rhel8@sha256:b3c17e9bbee328a03a07879e438f8f28947402dcefc685f11bd840183a8de057

openshift4/ose-cluster-samples-operator@sha256:1ef1cbc60b6444d150e9139536151a292300a74b402933d0257000751ec84458

openshift4/ose-cluster-storage-operator@sha256:7076136529285049d8a5d2601c2c521bc9c99ccefda187a59c6dd01f88bfb50d

openshift4/ose-cluster-version-operator@sha256:7f0a93f020381226f21dc312f8f13e031361fe305a521b878e92278ba818c1e4

openshift4/ose-configmap-reloader@sha256:3ac4202b39b9f19e64a2fc89190006bb4181e7279ce73a9d304485561e9feb39

openshift4/ose-console@sha256:4a03b0f8fcb3bd3aa684bed828be01b86bf840ae1167d85fbfab296f24a9325d

openshift4/ose-console-operator@sha256:9aff32947777a4e2fd8444ad4b518d883935efcf5b2c500d961241cf6070ba6f

openshift4/ose-container-networking-plugins-rhel8@sha256:b3494f52065619c5f90c7886c7d71ae5285ae75bedce6659210db35230dd9f25

openshift4/ose-coredns@sha256:d149dad1b6a7e05bad6a7c83df7147e47d52418ec9a86f8603001de7323b4d88

openshift4/ose-csi-driver-manila-rhel8@sha256:b46c7375f0b4ca6c7c561928bc1af5b11097a7632da2edeb8bc84c0b74cf2cba

openshift4/ose-csi-driver-manila-rhel8-operator@sha256:7ea737e76e5e835de3475a3eefbebc67cda4dde2fd8148f02da702c165464528

openshift4/ose-csi-driver-nfs-rhel8@sha256:a68b4b8b80d12b749bcec2eeccad408c4c072b02c7bb2d9d08cce54dde686aaa

openshift4/ose-csi-driver-shared-resource-operator-rhel8@sha256:2f9318a400aa170e2c6408a8c63aa3c9719ff10f4a10dba547361811f4e69bc3

openshift4/ose-csi-driver-shared-resource-rhel8@sha256:47919acf065bf33815527d5378477f0d1eece4ddbc45724a7ef6ec13e75b6107

openshift4/ose-csi-driver-shared-resource-webhook-rhel8@sha256:fd80a9d91f8062c6b2a3e7a760952288e036a3ddd3b662d2731808dca69c13e5

openshift4/ose-csi-external-attacher-rhel8@sha256:16c165a9060a5ddad6e284ed1a93d9afa116c56c407caff1a5d398a301c3425c

openshift4/ose-csi-external-attacher@sha256:16c165a9060a5ddad6e284ed1a93d9afa116c56c407caff1a5d398a301c3425c

openshift4/ose-csi-external-provisioner-rhel8@sha256:5b9ece906ea6cc0b9651e1060f62fb02fb9156807cd196a16268e0e51d251a95

openshift4/ose-csi-external-provisioner@sha256:5b9ece906ea6cc0b9651e1060f62fb02fb9156807cd196a16268e0e51d251a95

openshift4/ose-csi-external-resizer@sha256:cb768760418b491b219336e303418ab401bb55783aec455cf00d9f5f98c7a5b3

openshift4/ose-csi-external-resizer-rhel8@sha256:cb768760418b491b219336e303418ab401bb55783aec455cf00d9f5f98c7a5b3

openshift4/ose-csi-external-snapshotter-rhel8@sha256:8dc6bc83603540174dae4e0dc21ef54769b8172cfb499acd7ce1f05910f16e99

openshift4/ose-csi-external-snapshotter@sha256:8dc6bc83603540174dae4e0dc21ef54769b8172cfb499acd7ce1f05910f16e99

openshift4/ose-csi-livenessprobe-rhel8@sha256:c0e0056a6e1ec8722e201946cea4cf5c977fc872ee245656b8a81b720ef6e905

openshift4/ose-csi-livenessprobe@sha256:c0e0056a6e1ec8722e201946cea4cf5c977fc872ee245656b8a81b720ef6e905

openshift4/ose-csi-node-driver-registrar@sha256:4a6bb809c02ef8d4dcfb7f96f9522c2b61a56a0beba87d4d4007d42a16663da5

openshift4/ose-csi-node-driver-registrar-rhel8@sha256:4a6bb809c02ef8d4dcfb7f96f9522c2b61a56a0beba87d4d4007d42a16663da5

openshift4/ose-csi-snapshot-controller-rhel8@sha256:6821418a732a5faa4ef036f1588f51d5e57c75456ec2430ed9a33c1874b4bfe9

openshift4/ose-csi-snapshot-controller@sha256:6821418a732a5faa4ef036f1588f51d5e57c75456ec2430ed9a33c1874b4bfe9

openshift4/ose-csi-snapshot-validation-webhook-rhel8@sha256:3972e05b0f4905f59668eb9600f06865e99b62ecedb9962ea7d3e629f1c5b6ac

openshift4/ose-deployer@sha256:36ce6107bd95a9fcca8e6768c08e8cf7add33f402904f5ffa977d2d5a7cfe0d1

openshift4/ose-docker-builder@sha256:aabfb7e773c58dd3a5028e891c1c0d930f3ce9ddb930b7b7b8070eafddac3ddc

openshift4/ose-docker-registry@sha256:dbf940bb08b4f77415b6f3f0cd6d7f2349899343dedbeca660cb4a608263ff43

openshift4/ose-etcd@sha256:462a82366d76a4cb25a3e72143534b3c9e140e762b64285d7724a218af88ac5d

openshift4/ose-gcp-cloud-controller-manager-rhel8@sha256:2ad1ff259bf8b3b7e9fe0cf12927b2b08c3bc383763041cfb95c82f6f288c24f

openshift4/ose-gcp-cluster-api-controllers-rhel8@sha256:4a6d85d8b50afc37fe75db278f86bba2885ab3e13e2e31328b0a84b1a0e36cb9

openshift4/ose-gcp-pd-csi-driver-operator-rhel8@sha256:033fc27d01f475208f3304fa04b5f4cbb40e0da9505fdc1f4a904f61b476d072

openshift4/ose-gcp-pd-csi-driver-rhel8@sha256:81acebacc25fe80578fb4d3ab9b9ac580c816493c2ef09ea2f011557a8f5cc53

openshift4/ose-haproxy-router@sha256:6d452dc762f7c51a762ba6ee0897a3bfb06a1d399b1106cb0a10d61694a7b3a7

openshift4/ose-hyperkube@sha256:7e7bfb30ea002c5fa7c4e1b6cf33263fa4660ff12975b632d63880c8960f22f8

openshift4/ose-hypershift-rhel8@sha256:020fd47f043aa9211f633f219e1d54c5496d07ac257d3a496e80fe0010d60449

openshift4/ose-ibm-cloud-controller-manager-rhel8@sha256:8a7f01651df7bab69247fb6a9ce9c3fa868fabeadc4a866d7fdcfc0220f3480f

openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8@sha256:8fcc7aee88238f5f3e32312860ba2b1fd9adf8d34921e15346091c2cd02fbd97

openshift4/ose-ibm-vpc-block-csi-driver-rhel8@sha256:4556d562a5cd86d976e623ed4238118a7d4546c5b0520d4f76dffcd9a1cc58fe

openshift4/ose-ibm-vpc-node-label-updater-rhel8@sha256:687be6becd9635cdd33856761eb9a3c0b22818bd61cc7d8a880aa0185fcfc7ec

openshift4/ose-ibmcloud-cluster-api-controllers-rhel8@sha256:7179029b09cb7a954e5d72b93d35eecce6c24e35e01daea0357c4b50dea0fbbc

openshift4/ose-ibmcloud-machine-controllers-rhel8@sha256:0c090bde92a41b6e6e1319b04d2bdf4142c0b727df3ad77c01b402ca4e058608

openshift4/ose-image-customization-controller-rhel8@sha256:7fc5ffef65f3141389a9e3e4ded204f1229a9d2915f702a4cf86695ad0e549fe

openshift4/ose-insights-rhel8-operator@sha256:ee1a5129c3ca4ca7fea4293bf2dfba30bd4461cdc2c503317e6602b3fd49f6e6

openshift4/ose-installer@sha256:bb61410283059ab6fc5a0aa0c4db3ea006648b069956abcf71b8391c2d65a3f2

openshift4/ose-installer-artifacts@sha256:9b946643a354470d92eb345f11343fb5f948d5d8baa6ab3edc9e7dbda800bc92

openshift4/ose-ironic-agent-rhel9@sha256:d381a5ad6cf7fb16324bdd42433aa5cf1280a82a127f859e73d7bdb30a84c2d3

openshift4/ose-ironic-machine-os-downloader-rhel9@sha256:5a13355cc23c1cee7b900fb6f54b9f1b8c89e85a5b1bb0f92ac04e9df4703d7b

openshift4/ose-ironic-rhel9@sha256:aa2b9a16dee67290da3f8daceaf1f274928ccb56576d00605b842acc86321f65

openshift4/ose-ironic-static-ip-manager-rhel9@sha256:6cabf1d650816da80b1fd9d678b16e632f1a62b3078129c54788f6fbb31e941e

openshift4/ose-k8s-prometheus-adapter@sha256:712658849e5042ddf60b443a7e2643e373f5371b1c8ab18e61667cab1ae04bd8

openshift4/ose-kube-proxy@sha256:98b22635fb07cdbcf931ff55fb23fe22e2cb782ae84580b358ca793214914bed

openshift4/ose-kube-rbac-proxy@sha256:eadc41af9cda0fa7e97b421f7b314024f7757cc545e87d5c99f96b03f335cf79

openshift4/ose-kube-state-metrics@sha256:c260a5243b7d3a2d26e6080afad1b251b289a82b05a091f373e28ad881dd0364

openshift4/ose-kube-storage-version-migrator-rhel8@sha256:073b14016a4df7c4997af172c61eda018d8e93b8fcbf32efa4c9154a66ecf274

openshift4/ose-kubevirt-cloud-controller-manager-rhel8@sha256:566bd205c4ce97d2e15f3ba6651d41a816644745a6d0cc5c595635c64494e618

openshift4/ose-kuryr-cni-rhel8@sha256:04bc2f77efb5ca253671ec4e66a6aa0715be481e718fe3bd815696c3bc9f221c

openshift4/ose-kuryr-controller-rhel8@sha256:edcf4711df9cbe5bfc6433b0470dac237e611d1f3ff680608334f26a149c71c0

openshift4/ose-libvirt-machine-controllers@sha256:d939d67e5eb9b2e6320a3a2f84a0faa03aad35da007d2e26ffbe55c80f25d52a

openshift4/ose-machine-api-operator@sha256:09f70015b7f61474249bc8e0ff1015cf4ac5ce7a8193c7fd207e8fa9d59a81bf

openshift4/ose-machine-api-provider-aws-rhel8@sha256:73b0d942fffd9629df8d05e6bbcafbdd8ecaf1ce56ae84e17c75a3aeaaacbf67

openshift4/ose-machine-api-provider-azure-rhel8@sha256:4d5d36aa0d13aa25d22946a38c2e3edcc5f11ceeb41765b605e9ee3e0c821f79

openshift4/ose-machine-api-provider-gcp-rhel8@sha256:540722d3670031ac95cab143769d70a81d0541ef11cc0294e5e42a6cc57490af

openshift4/ose-machine-api-provider-openstack-rhel8@sha256:417c4e165a5faf4f772e54723c8248490e40ae6b4e9a218eea56551b2cee7b48

openshift4/ose-machine-config-operator@sha256:d8cdf159decdb5232a106d3a011a4c8408ee256b1c7c70afe7858b19805fbf05

openshift4/ose-machine-os-images-rhel8@sha256:fd418ac2ea63cad8eb15bbdaa209d4bba447aa2645d97640c64296d619b2bebf

openshift4/ose-multus-admission-controller@sha256:c51703c20765260b639c8473e0a5f2823a905f72f530b45c5a939d0f9c30eba8

openshift4/ose-multus-cni@sha256:107a711ff6596bbfafd264699322e77368a96d32dc7194ce16a3040cdcfebc1a

openshift4/ose-multus-networkpolicy-rhel8@sha256:61f796857fd7c5714e7ea10864b56d71484529b18afcc0e208812ab3af4ea74a

openshift4/ose-multus-route-override-cni-rhel8@sha256:be906595544fa1d4760e0747446bfbbff5a16dc9c897d79b3343c1899e44cd69

openshift4/ose-multus-whereabouts-ipam-cni-rhel8@sha256:21fb5e026d20bb5023feea9b803603b0c3382acfc798b3c20c928bd1be0743af

openshift4/ose-must-gather@sha256:6367174e22dca6a79d2aca3de974ed38499fb9cd10b7d845143cb82211b7bb02

openshift4/ose-network-interface-bond-cni-rhel8@sha256:3c471b0ee7b5e154d29d8e91ccc897dcd315dbc652998b38df20b95fcfea5be4

openshift4/ose-network-metrics-daemon-rhel8@sha256:7d3345a1fa118e9e91863786eb1911115d4c9c7394aad9b5078d28a751873bdc

openshift4/ose-nutanix-cloud-controller-manager-rhel8@sha256:c92df77e73af4e7ca9ab007c544f0aaf5884160e0d9acd93cbd5403b3149fd5b

openshift4/ose-nutanix-machine-controllers-rhel8@sha256:298e1aea788cdefb1043887b1f4167aa459061de7b55c7af8a9a4e5a48026a26

openshift4/ose-oauth-apiserver-rhel8@sha256:1c9bd732957fc7c57a7d1f7c9eec4b9466604505b228552741877cfcaf0ab8e2

openshift4/ose-oauth-proxy@sha256:5a6d1fc77c635638495c0573b2caf2f99a00ecfd9612704d97106cbc5a1862c6

openshift4/ose-oauth-server-rhel8@sha256:ef9dfa5299924011a6a46e9b3089c1d241b5823c4d7b9109be4e9317791944a8

openshift4/ose-olm-rukpak-rhel8@sha256:f8c02fb2da323d5467585d185e8fc2d416a5d6bece1300cec8ec3e3f01dcf0fb

openshift4/ose-openshift-apiserver-rhel8@sha256:932f72f16f98897921807e80a7b27e73ce174952baf8a76873fd5711ff2f3038

openshift4/ose-openshift-controller-manager-rhel8@sha256:5e49e260428d39139eeac2d4156084ac7a539082b73743f8f511bc6d1d1a783a

openshift4/ose-openshift-state-metrics-rhel8@sha256:d85e3ebef71acef05d1b9834d7148863978413c6bde558bb9332d706f0db4fc3

openshift4/ose-openstack-cinder-csi-driver-rhel8@sha256:15edd2cbfca47cd71f40306089544fc475ab7139be8d744d3396bb24493958e7

openshift4/ose-openstack-cinder-csi-driver-rhel8-operator@sha256:ce60e65082b6dd40f0579429e5f441547e6044d9d1f0f23a5c5a946dcdd19646

openshift4/ose-openstack-cloud-controller-manager-rhel8@sha256:a0c7ea1d7423c1c6140bb5ec48e7c2ad67738617f87f5b67597ce23192b45fe3

openshift4/ose-openstack-machine-controllers@sha256:59540f1de08477f05551959bc6544587276052d76643f5a736aab16307e752ad

openshift4/ose-operator-lifecycle-manager@sha256:eb84d29da4fa0252877a2fb9375ef8195726a0c92223ab8330e9c0795e0294c5

openshift4/ose-operator-marketplace@sha256:053318c87976908f53cc827bcea650cda1b93ed5746a3c94cc931f6effc1a85c

openshift4/ose-operator-registry@sha256:c85fc4b2d63ddfb69c53853f3656b5c69b84d32a3a09e4020bffe011a4eef9d6

openshift4/ose-ovirt-machine-controllers-rhel8@sha256:ae9dead9f3b2d4a6c992ef4922a3743d2402e974f8d4a0c249b1762f7edc453f

openshift4/ose-ovn-kubernetes@sha256:f04641e10484ac54f3410625b17b760bb0f61fb2b7e27785a4069fd34a505c6a

openshift4/ose-ovn-kubernetes-microshift-rhel9@sha256:9fdf7fabfc8148ea0b5e2222f4293071bac2d4e17b17dd47618c4f044dcaf3ee

openshift4/ose-pod@sha256:cb041bb19db23dd6aad0128ddbbdd39cd9ee7a18c21d025a39220f8def35aab3

openshift4/ose-powervs-block-csi-driver-operator-rhel8@sha256:6508670444d323b428ff548d0530acacb02ae972e4fc70e240a16f929fd189a3

openshift4/ose-powervs-block-csi-driver-rhel8@sha256:163121180dc49d52405c4802154c0d4b1842b73705780765effddf74ca3cdeb3

openshift4/ose-powervs-cloud-controller-manager-rhel8@sha256:8b88d65204e83510955347b99ab7c21daca1fb7053d3395be13154b84e3618d5

openshift4/ose-powervs-machine-controllers-rhel8@sha256:2a944bf10b5a573b2cc1720e0335590e7f3543efcf3a4e9af0e93c5e6eba1d6d

openshift4/ose-prom-label-proxy@sha256:a3be33ba953526e59286f59ee149dac045337af7f90fb4b58345deee3bc7f56d

openshift4/ose-prometheus@sha256:42eb23406a452cc11278ddf157197a059ff35f5fe3ef8b3c762581abe51ddfe4

openshift4/ose-prometheus-alertmanager@sha256:b9ce1edde2e1eeac03d4b86fb8c3b43e9f60903b88a608b9bda326ee1ceedd8c

openshift4/ose-prometheus-config-reloader@sha256:0d07558173e3d334bc0a01f204cfb98a10672e3985a8a9d44584c203bf61ae29

openshift4/ose-prometheus-node-exporter@sha256:4b7a2f69899688b7c7854c10a58d710347da0e737f5fdeccbb9e05e3349baaf1

openshift4/ose-prometheus-operator@sha256:ebb8d7a92cc037a8884fd6ddce0f4f6fe9e59835634d88a29c6ac773420c23b1

openshift4/ose-prometheus-operator-admission-webhook-rhel8@sha256:c88e579971db3439265066cbf76e53694ec5ce29abe34816c922b3be69f1f556

openshift4/ose-sdn-rhel8@sha256:ad74bc7186725c4edd975de2871cb1acd7426f7921c542e9ba02cf5250906a05

openshift4/ose-service-ca-operator@sha256:c4529bd4e7181846bc8245a43990650ad4d61f7f8a85aef4f76ca70de3324dc1

openshift4/ose-telemeter@sha256:07fa5f047aca682ca1f18fdcc926d387ee6bbca385bd90dc00bdc51cec46ea5d

openshift4/ose-tests@sha256:4765927c9a24de35209d3f3509aa9fdcaaa8f78706ef894d2dbd8d0d0329f218

openshift4/ose-thanos-rhel8@sha256:e505cda5ee22dfb7c6035a19df57e873a3438b661fdbdff8bf4d171e6bd06aef

openshift4/ose-tools-rhel8@sha256:91c7c08e081306da29aa70aa38b905884e7c935490dfdb8ef00c2b2cc8687d25

openshift4/ose-vsphere-csi-driver-operator-rhel8@sha256:78c6e6bf10561bc52e6f77100e35d8b76d2cc379851f3c5325f02fdab20ce5f9

openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8@sha256:78c6e6bf10561bc52e6f77100e35d8b76d2cc379851f3c5325f02fdab20ce5f9

openshift4/ose-vsphere-csi-driver-rhel8@sha256:b7efd660f17896ff55e37ccd9d763b9101803412a612aef5c7d1a0edc0e58274

openshift4/ose-vmware-vsphere-csi-driver-rhel8@sha256:b7efd660f17896ff55e37ccd9d763b9101803412a612aef5c7d1a0edc0e58274

openshift4/ose-vsphere-cloud-controller-manager-rhel8@sha256:85fd268fd85ce89e5876cf9aba28466aeca077a4a0d4ac3a90aad32e068d6d02

openshift4/ose-vsphere-cluster-api-controllers-rhel8@sha256:2a86370bb59aebdb06646fd7daa6335e2dc16ed0270cbe82042b2ea88c297f37

openshift4/ose-vsphere-csi-driver-syncer-rhel8@sha256:0a9f839f9d2f7aa5343c057cb4a61fb82552d58e83efe3b3861d804d4209f3cc

openshift4/ose-vsphere-problem-detector-rhel8@sha256:851a8022e5ad1cba01bf18e4754abde75566b6811215bbde1072f45593a99236

openshift4/ovirt-csi-driver-rhel8@sha256:2e7b52366a8278a7a3e179003eb3a9d3273e2f7d5fec0e17899f2034e62e8e22

openshift4/ovirt-csi-driver-rhel7@sha256:2e7b52366a8278a7a3e179003eb3a9d3273e2f7d5fec0e17899f2034e62e8e22

openshift4/ovirt-csi-driver-rhel8-operator@sha256:9157d03c4d481cca1be7df75ef55a0ecb59e3ebbf879d538c717a5b165241603

Related news

Red Hat Security Advisory 2024-1188-03

Red Hat Security Advisory 2024-1188-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include code execution, denial of service, memory leak, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-0299-03

Red Hat Security Advisory 2024-0299-03 - An update for python-requests is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Security Advisory 2023-7077-01

Red Hat Security Advisory 2023-7077-01 - An update for kernel is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer overflow, denial of service, double free, information leakage, memory leak, null pointer, out of bounds access, out of bounds write, and use-after-free vulnerabilities.

CVE-2023-43087: DSA-2023-316: Dell PowerScale OneFS Security Updates for Multiple Security Vulnerabilities

Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient permissions. A low privileged remote attacker could potentially exploit this vulnerability to cause information disclosure.

CVE-2023-22130: Oracle Critical Patch Update Advisory - October 2023

Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). The supported version that is affected is 8.8.60. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

Gentoo Linux Security Advisory 202310-12

Gentoo Linux Security Advisory 202310-12 - Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. Versions greater than or equal to 8.3.0-r2 are affected.

Red Hat Security Advisory 2023-5603-01

Red Hat Security Advisory 2023-5603-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, out of bounds write, and use-after-free vulnerabilities.

RHSA-2023:5603: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1206: A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%. * CVE-2...

Red Hat Security Advisory 2023-5480-01

Red Hat Security Advisory 2023-5480-01 - Red Hat OpenShift Serverless release of OpenShift Serverless Logic. This release includes security fixes. Issues addressed include a bypass vulnerability.

RHSA-2023:5447: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.0 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.8.0 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-26115: A flaw was found in the Node.js word-wrap module, where it is vulnerable to a denial of service caused by a Regular expression denial of service (ReDoS) issue in the result variable. By sending a specially crafted regex input, a remote attacker can cause a denial of service.

Red Hat Security Advisory 2023-5379-01

Red Hat Security Advisory 2023-5379-01 - Network Observability 1.4.0. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-5314-01

Red Hat Security Advisory 2023-5314-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.

Ubuntu Security Notice USN-6385-1

Ubuntu Security Notice 6385-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service.

Red Hat Security Advisory 2023-5221-01

Red Hat Security Advisory 2023-5221-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-5175-01

Red Hat Security Advisory 2023-5175-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. Issues addressed include a memory leak vulnerability.

RHSA-2023:5174: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.3 security update

Red Hat OpenShift Service Mesh Containers for 2.4.3 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-35942: A flaw was found in Envoy, where gRPC access loggers using the listener's global scope can cause a use-after-free crash when the listener is drained. This issue can be triggered by a listener discovery service (LDS) update with the same gRPC access log configuration.

Ubuntu Security Notice USN-6237-3

Ubuntu Security Notice 6237-3 - USN-6237-1 fixed several vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts.

CVE-2023-40440: About the security content of macOS Monterey 12.6.8

This issue was addressed with improved state management of S/MIME encrypted emails. This issue is fixed in macOS Monterey 12.6.8. A S/MIME encrypted email may be inadvertently sent unencrypted.

Red Hat Security Advisory 2023-5030-01

Red Hat Security Advisory 2023-5030-01 - An update is now available for Red Hat OpenShift GitOps 1.8. Issues addressed include a denial of service vulnerability.

RHSA-2023:5030: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-40029: A flaw was found in the ArgoCD package, used by Red Hat GitOps, that allows cluster secrets to be managed declaratively using the `kubectl apply` functionality, resulting in the full secret body being stored in `kubectl.kubernetes.io/last-applied-configuration` annotation. Since ArgoCD has included the ability to manage cluster labels and annotations via i...

Ubuntu Security Notice USN-6341-1

Ubuntu Security Notice 6341-1 - Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information. It was discovered that a use-after-free vulnerability existed in the IEEE 1394 implementation in the Linux kernel. A privileged attacker could use this to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2023-4980-01

Red Hat Security Advisory 2023-4980-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.7 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-4972-01

Red Hat Security Advisory 2023-4972-01 - Multicluster Engine for Kubernetes 2.1.8 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-4962-01

Red Hat Security Advisory 2023-4962-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.

RHSA-2023:4967: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which can later lead to double freeing the structure. This flaw allows a local attacker to cause a use-after-free problem, leading to privileg...

Red Hat Security Advisory 2023-4921-01

Red Hat Security Advisory 2023-4921-01 - Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services. This erratum releases a new image for Red Hat Single Sign-On 7.6.5 for use within the OpenShift Container Platform 3.10, OpenShift Container Platform 3.11, and within the OpenShift Container Platform 4.3 cloud computing Platform-as-a-Service for on-premise or private cloud deployments, aligning with the standalone product release. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-4889-01

Red Hat Security Advisory 2023-4889-01 - The DevWorkspace Operator extends OpenShift to provide DevWorkspace support. Issues addressed include a code execution vulnerability.

RHSA-2023:4921: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.5 for OpenShift image enhancement and security update

A new image is available for Red Hat Single Sign-On 7.6.5, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-46877: A flaw was found in Jackson Databind. This issue may allow a malicious user to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization. * CVE-2023-1436: A flaw was found in Jettison. Infinite recursion is triggered in Jettison w...

RHSA-2023:4892: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.12 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.12 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24532: A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh.

RHSA-2023:4875: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.8.1 security and bug fix updates

Red Hat Advanced Cluster Management for Kubernetes 2.8.1 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3027: The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values (instead of the policy apply a static manifest on a managed cluster) of taking advantage of cluster scoped access in a created polic...

Red Hat Security Advisory 2023-4828-01

Red Hat Security Advisory 2023-4828-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.

Red Hat Security Advisory 2023-4834-01

Red Hat Security Advisory 2023-4834-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.

Red Hat Security Advisory 2023-4815-01

Red Hat Security Advisory 2023-4815-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access and out of bounds write vulnerabilities.

Red Hat Security Advisory 2023-4814-01

Red Hat Security Advisory 2023-4814-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.

RHSA-2023:4815: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2124: An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user...

RHSA-2023:4829: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation....

RHSA-2023:4814: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1353: A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. * CVE-2022-39188: A flaw was found in include/asm-generic/tlb.h in the Linux ...

Red Hat Security Advisory 2023-4720-01

Red Hat Security Advisory 2023-4720-01 - Red Hat Middleware for OpenShift provides images for many of the Red Hat Middleware products for use within the OpenShift Container Platform cloud computing Platform-as-a-Service for on-premise or private cloud deployments. This release of the AMQ Broker 7.11.1 aligned Operator includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.

Red Hat Security Advisory 2023-4698-01

Red Hat Security Advisory 2023-4698-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.

RHSA-2023:4697: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-35788: A flaw was found in the TC flower classifier (cls_flower) in the Networking subsystem of the Linux kernel. This issue occurs when sending two TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets with a total ...

Red Hat Security Advisory 2023-4664-01

Red Hat Security Advisory 2023-4664-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.3 images. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-4628-01

Red Hat Security Advisory 2023-4628-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP response splitting, bypass, integer overflow, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-4629-01

Red Hat Security Advisory 2023-4629-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section. Issues addressed include HTTP response splitting, bypass, integer overflow, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-4654-01

Red Hat Security Advisory 2023-4654-01 - Red Hat Advanced Cluster Management for Kubernetes 2.7.7 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.

RHSA-2023:4664: Red Hat Security Advisory: OpenShift Virtualization 4.13.3 Images security and bug fix update

Red Hat OpenShift Virtualization release 4.13.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Con...

RHSA-2023:4629: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24963: A flaw was found in Apache Portable Runtime (APR). This issue may allow a malicious attacker to write beyond the bounds of a buffer. * CVE-2022-36760: A flaw was found in the mod_proxy_ajp module of httpd. The connection is not closed when there is an invalid Transfer-Encoding header, allowing an attacker to smuggle requests to the AJP server, where it forw...

RHSA-2023:4628: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.57 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24963: A flaw was found in Apache Portable Runtime (APR). This issue may allow a malicious attacker to write beyond the bounds of a buffer. * CVE-2022-28331: A flaw was found in Apache Portable Runtime, affecting versions <= 1.7.0. This issue may allow a malicious user to write beyond the end of a stack buffer and cause an integer overflow. This affect...

Red Hat Security Advisory 2023-4650-01

Red Hat Security Advisory 2023-4650-01 - Multicluster Engine for Kubernetes 2.2.7 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

RHSA-2023:4650: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.2.7 security updates and bug fixes

Multicluster Engine for Kubernetes 2.2.7 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. * CVE-2023-37903: A flaw was found in the vm2 custom inspect function, which allows attackers to escape t...

Red Hat Security Advisory 2023-4575-01

Red Hat Security Advisory 2023-4575-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters.

Red Hat Security Advisory 2023-4456-01

Red Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.

Red Hat Security Advisory 2023-4456-01

Red Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.

Red Hat Security Advisory 2023-4456-01

Red Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.

Red Hat Security Advisory 2023-4456-01

Red Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.

Red Hat Security Advisory 2023-4456-01

Red Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.

Red Hat Security Advisory 2023-4456-01

Red Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.

Red Hat Security Advisory 2023-4456-01

Red Hat Security Advisory 2023-4456-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.8. Issues addressed include an add administrator vulnerability.

Red Hat Security Advisory 2023-4523-01

Red Hat Security Advisory 2023-4523-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

Red Hat Security Advisory 2023-4529-01

Red Hat Security Advisory 2023-4529-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards.

Red Hat Security Advisory 2023-4529-01

Red Hat Security Advisory 2023-4529-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards.

Red Hat Security Advisory 2023-4520-01

Red Hat Security Advisory 2023-4520-01 - The python-requests package contains a library designed to make HTTP requests easy for developers.

RHSA-2023:4529: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28484: A NULL pointer dereference vulnerability was found in libxml2. This issue occurs when parsing (invalid) XML schemas. * CVE-2023-29469: A flaw was found in libxml2. This issue occurs when hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results, which may lead to various logic or memory errors, i...

RHSA-2023:4520: Red Hat Security Advisory: python-requests security update

An update for python-requests is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32681: A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how rebuild_proxies is used to recompute and reattach the Proxy-Authorization header to requests when redirected. This beh...

RHSA-2023:4516: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch-4_18_0-147_78_1, kpatch-patch-4_18_0-147_80_1, kpatch-patch-4_18_0-147_81_1, kpatch-patch-4_18_0-147_83_1, and kpatch-patch-4_18_0-147_85_1 is now available for Red Hat Enterprise Linux 8.1. Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, w...

RHSA-2023:4515: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which can later lead to double freeing the structure. This flaw allows a local attacker to cause a use-after-free problem, leading to privilege esca...

RHSA-2023:4515: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which can later lead to double freeing the structure. This flaw allows a local attacker to cause a use-after-free problem, leading to privilege esca...

RHSA-2023:4516: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch-4_18_0-147_78_1, kpatch-patch-4_18_0-147_80_1, kpatch-patch-4_18_0-147_81_1, kpatch-patch-4_18_0-147_83_1, and kpatch-patch-4_18_0-147_85_1 is now available for Red Hat Enterprise Linux 8.1. Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, w...

RHSA-2023:4471: Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.29.1

Red Hat OpenShift Serverless 1.29.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

Red Hat Security Advisory 2023-4413-01

Red Hat Security Advisory 2023-4413-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-4419-01

Red Hat Security Advisory 2023-4419-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Issues addressed include a code execution vulnerability.

RHSA-2023:4428: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-38408: A vulnerability was found in OpenSSH. The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system (the code in /usr/lib is not necessarily safe for loading into ssh-agent). This flaw allows an a...

Ubuntu Security Notice USN-6242-2

Ubuntu Security Notice 6242-2 - USN-6242-1 fixed a vulnerability in OpenSSH. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. It was discovered that OpenSSH incorrectly handled loading certain PKCS#11 providers. If a user forwarded their ssh-agent to an untrusted system, a remote attacker could possibly use this issue to load arbitrary libraries from the user's system and execute arbitrary code.

Red Hat Security Advisory 2023-4380-01

Red Hat Security Advisory 2023-4380-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.

Red Hat Security Advisory 2023-4380-01

Red Hat Security Advisory 2023-4380-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.

RHSA-2023:4382: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-38408: A vulnerability was found in OpenSSH. The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system (the code in /usr/lib is not necessarily safe for loading into ssh-agent). This flaw allows an attacker with control of the...

RHSA-2023:4384: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-38408: A vulnerability was found in OpenSSH. The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarde...

RHSA-2023:4383: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-38408: A vulnerability was found in OpenSSH. The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system (the code in /usr/lib is not necessarily safe for loading into ssh-agent). This flaw al...

RHSA-2023:4381: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-38408: A vulnerability was found in OpenSSH. The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an ...

RHSA-2023:4378: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-45869: A flaw was found in the Linux kernel in the KVM. A race condition in direct_page_fault allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualization and the TDP MMU are enabled. * CVE-2023-0458: A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() ...

RHSA-2023:4378: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-45869: A flaw was found in the Linux kernel in the KVM. A race condition in direct_page_fault allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualization and the TDP MMU are enabled. * CVE-2023-0458: A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() ...

RHSA-2023:4378: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-45869: A flaw was found in the Linux kernel in the KVM. A race condition in direct_page_fault allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualization and the TDP MMU are enabled. * CVE-2023-0458: A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() ...

RHSA-2023:4378: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-45869: A flaw was found in the Linux kernel in the KVM. A race condition in direct_page_fault allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualization and the TDP MMU are enabled. * CVE-2023-0458: A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() ...

RHSA-2023:4350: Red Hat Security Advisory: python-requests security update

An update for python-requests is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32681: A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how rebuild_proxies is used to recompute and reattach the Proxy-Authorization header to requests when redirected. This beh...

RHSA-2023:4347: Red Hat Security Advisory: libeconf security update

An update for libeconf is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-22652: A flaw was found in the libeconf library. This issue occurs when parsing a specially crafted configuration file, causing a stack-based buffer overflow, resulting in a denial of service.

Ubuntu Security Notice USN-6261-1

Ubuntu Security Notice 6261-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.

RHSA-2023:4329: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-38408: A vulnerability was found in OpenSSH. The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system (the code in /usr/lib is not necessarily safe for loading into ssh-agent). This flaw allows an at...

Ubuntu Security Notice USN-6260-1

Ubuntu Security Notice 6260-1 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.

Ubuntu Security Notice USN-6256-1

Ubuntu Security Notice 6256-1 - Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice USN-6256-1

Ubuntu Security Notice 6256-1 - Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice USN-6256-1

Ubuntu Security Notice 6256-1 - Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice USN-6255-1

Ubuntu Security Notice 6255-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6254-1

Ubuntu Security Notice 6254-1 - Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information. It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

Ubuntu Security Notice USN-6254-1

Ubuntu Security Notice 6254-1 - Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the do_prlimit function in the Linux kernel did not properly handle speculative execution barriers. A local attacker could use this to expose sensitive information. It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

CVE-2023-38410: About the security content of macOS Ventura 13.5

The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A user may be able to elevate privileges.

CVE-2023-38410: About the security content of macOS Ventura 13.5

The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A user may be able to elevate privileges.

CVE-2023-36854: About the security content of macOS Big Sur 11.7.9

The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to unexpected app termination or arbitrary code execution.

CVE-2023-36854: About the security content of macOS Big Sur 11.7.9

The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to unexpected app termination or arbitrary code execution.

Apple Security Advisory 2023-07-24-6

Apple Security Advisory 2023-07-24-6 - macOS Big Sur 11.7.9 addresses code execution, out of bounds read, and use-after-free vulnerabilities.

Apple Security Advisory 2023-07-24-6

Apple Security Advisory 2023-07-24-6 - macOS Big Sur 11.7.9 addresses code execution, out of bounds read, and use-after-free vulnerabilities.

Apple Security Advisory 2023-07-24-5

Apple Security Advisory 2023-07-24-5 - macOS Monterey 12.6.8 addresses code execution, out of bounds read, and use-after-free vulnerabilities.

Apple Security Advisory 2023-07-24-5

Apple Security Advisory 2023-07-24-5 - macOS Monterey 12.6.8 addresses code execution, out of bounds read, and use-after-free vulnerabilities.

Apple Security Advisory 2023-07-24-4

Apple Security Advisory 2023-07-24-4 - macOS Ventura 13.5 addresses bypass, code execution, out of bounds read, and use-after-free vulnerabilities.

Apple Security Advisory 2023-07-24-4

Apple Security Advisory 2023-07-24-4 - macOS Ventura 13.5 addresses bypass, code execution, out of bounds read, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-4093-01

Red Hat Security Advisory 2023-4093-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.5. Issues addressed include a denial of service vulnerability.

RHSA-2023:4090: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server c...

RHSA-2023:4090: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server c...

Ubuntu Security Notice USN-6237-2

Ubuntu Security Notice 6237-2 - USN-6237-1 fixed vulnerabilities in curl. The update caused a certificate wildcard handling regression on Ubuntu 22.04 LTS. This update fixes the problem. Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain options are set by applications. This could cause applications using curl to misbehave, resulting in information disclosure, or a denial of service. It was discovered that curl incorrectly handled saving cookies to files. A local attacker could possibly use this issue to create or overwrite files. This issue only affected Ubuntu 22.10, and Ubuntu 23.04.

Ubuntu Security Notice USN-6237-2

Ubuntu Security Notice 6237-2 - USN-6237-1 fixed vulnerabilities in curl. The update caused a certificate wildcard handling regression on Ubuntu 22.04 LTS. This update fixes the problem. Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain options are set by applications. This could cause applications using curl to misbehave, resulting in information disclosure, or a denial of service. It was discovered that curl incorrectly handled saving cookies to files. A local attacker could possibly use this issue to create or overwrite files. This issue only affected Ubuntu 22.10, and Ubuntu 23.04.

CVE-2023-38408: Disallow remote addition of FIDO/PKCS11 provider libraries to · openbsd/src@7bc29a9

The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

Ubuntu Security Notice USN-6237-1

Ubuntu Security Notice 6237-1 - Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain options are set by applications. This could cause applications using curl to misbehave, resulting in information disclosure, or a denial of service.

Ubuntu Security Notice USN-6237-1

Ubuntu Security Notice 6237-1 - Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain options are set by applications. This could cause applications using curl to misbehave, resulting in information disclosure, or a denial of service.

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

Ubuntu Security Notice USN-6234-1

Ubuntu Security Notice 6234-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information or possibly cause undesired behaviors.

Ubuntu Security Notice USN-6235-1

Ubuntu Security Notice 6235-1 - It was discovered that the NTFS file system implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service. Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information.

Ubuntu Security Notice USN-6223-1

Ubuntu Security Notice 6223-1 - It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service. It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6222-1

Ubuntu Security Notice 6222-1 - Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice USN-6222-1

Ubuntu Security Notice 6222-1 - Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice USN-6212-1

Ubuntu Security Notice 6212-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information or possibly cause undesired behaviors.

CVE-2023-28955: Security Bulletin: Multiple security vulnerabilities affecting Watson Knowledge Catalog for IBM Cloud Pak for Data

IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 could allow an authenticated user send a specially crafted request that could cause a denial of service. IBM X-Force ID: 251704.

RHSA-2023:4003: Red Hat Security Advisory: Red Hat Service Interconnect 1.4 Release security update

This is release 1.4 of the rpms for Red Hat Service Interconnect. Red Hat Service Interconnect 1.4 introduces a service network, linking TCP and HTTP services across the hybrid cloud. A service network enables communication between services running in different network locations or sites. It allows geographically distributed services to connect as if they were all running in the same site. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2879: A flaw was found in the gol...

Ubuntu Security Notice USN-6206-1

Ubuntu Security Notice 6206-1 - Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NTFS file system implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6207-1

Ubuntu Security Notice 6207-1 - It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service. It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service.

RHSA-2023:3924: Red Hat Security Advisory: OpenShift Container Platform 4.12.23 security update

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...

RHSA-2023:3925: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...

Debian Security Advisory 5448-1

Debian Linux Security Advisory 5448-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

Debian Security Advisory 5448-1

Debian Linux Security Advisory 5448-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

Red Hat Security Advisory 2023-3915-01

Red Hat Security Advisory 2023-3915-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.44.

Red Hat Security Advisory 2023-3914-01

Red Hat Security Advisory 2023-3914-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.44.

RHSA-2023:3910: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.10.63 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server...

RHSA-2023:3914: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.11.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23772: A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issu...

RHSA-2023:3915: Red Hat Security Advisory: OpenShift Container Platform 4.11.44 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS...

CVE-2023-3090

A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled. We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.

Ubuntu Security Notice USN-6187-1

Ubuntu Security Notice 6187-1 - William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service. It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6185-1

Ubuntu Security Notice 6185-1 - It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service. It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type confusion vulnerability in some situations. A local attacker could use this to cause a denial of service.

CVE-2023-32463: DSA-2023-200: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

CVE-2023-32463: DSA-2023-200: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

RHSA-2023:3614: Red Hat Security Advisory: OpenShift Container Platform 4.13.4 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.4 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number...

RHSA-2023:3742: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update

Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...

CVE-2023-35788: security - Linux kernel: off-by-one in fl_set_geneve_opt

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

Ubuntu Security Notice USN-6155-2

Ubuntu Security Notice 6155-2 - USN-6155-1 fixed a vulnerability in Requests. This update provides the corresponding update for Ubuntu 16.04 ESM and 18.04 ESM. Dennis Brinkrolf and Tobias Funke discovered that Requests incorrectly leaked Proxy-Authorization headers. A remote attacker could possibly use this issue to obtain sensitive information.

Ubuntu Security Notice USN-6155-1

Ubuntu Security Notice 6155-1 - Dennis Brinkrolf and Tobias Funke discovered that Requests incorrectly leaked Proxy-Authorization headers. A remote attacker could possibly use this issue to obtain sensitive information.

Ubuntu Security Notice USN-6028-2

Ubuntu Security Notice 6028-2 - USN-6028-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 23.04. It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash.

Ubuntu Security Notice USN-6028-2

Ubuntu Security Notice 6028-2 - USN-6028-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 23.04. It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash.

RHSA-2023:3455: Red Hat Security Advisory: Release of OpenShift Serverless 1.29.0

OpenShift Serverless version 1.29.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System (CVSS) base score.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker ...

Ubuntu Security Notice USN-6134-1

Ubuntu Security Notice 6134-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

CVE-2023-22652: Invalid Bug ID

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2.

RHSA-2023:3304: Red Hat Security Advisory: OpenShift Container Platform 4.13.1 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-17419: The Miek Gieben DNS library is vulnerable to a denial of service caused by a segmentation violation in setTA in scan_rr.go. By persuading a victim to open a specially-crafted file, a ...

CVE-2023-28322

An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.

CVE-2023-28321

An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`.

CVE-2023-32681: Unintended leak of Proxy-Authorization header

Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.

Ubuntu Security Notice USN-6096-1

Ubuntu Security Notice 6096-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service.

GHSA-j8r2-6x86-q33q: Unintended leak of Proxy-Authorization header in requests

### Impact Since Requests v2.3.0, Requests has been vulnerable to potentially leaking `Proxy-Authorization` headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how `rebuild_proxies` is used to recompute and [reattach the `Proxy-Authorization` header](https://github.com/psf/requests/blob/f2629e9e3c7ce3c3c8c025bcd8db551101cbc773/requests/sessions.py#L319-L328) to requests when redirected. Note this behavior has _only_ been observed to affect proxied requests when credentials are supplied in the URL user information component (e.g. `https://username:password@proxy:8080`). **Current vulnerable behavior(s):** 1. HTTP → HTTPS: **leak** 2. HTTPS → HTTP: **no leak** 3. HTTPS → HTTPS: **leak** 4. HTTP → HTTP: **no leak** For HTTP connections sent through the proxy, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` head...

Ubuntu Security Notice USN-6093-1

Ubuntu Security Notice 6093-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2023-3167-01

Red Hat Security Advisory 2023-3167-01 - New Red Hat build of Cryostat 2.3.0 on RHEL 8 container images have been released, adding a variety of features and bug fixes. Issues addressed include a denial of service vulnerability.

Ubuntu Security Notice USN-6091-1

Ubuntu Security Notice 6091-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service.

RHSA-2023:3167: Red Hat Security Advisory: Red Hat build of Cryostat 2.3.0: new RHEL 8 container images

New Red Hat build of Cryostat 2.3.0 on RHEL 8 container images are now availableThis content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition. * CVE-2022-41725: A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption...

Red Hat Security Advisory 2023-1327-01

Red Hat Security Advisory 2023-1327-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.0.

Ubuntu Security Notice USN-6079-1

Ubuntu Security Notice 6079-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service.

CVE-2023-0458

A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 or commit 739790605705ddcf18f21782b9c99ad7d53a8c11

CVE-2023-29469: libxml2 2.10.4 · GNOME / libxml2 · GitLab

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value).

Debian Security Advisory 5391-1

Debian Linux Security Advisory 5391-1 - Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files.

Debian Security Advisory 5391-1

Debian Linux Security Advisory 5391-1 - Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files.

CVE-2023-1998: 🐧🕺

The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The same behavior can be observed on a bare-metal machine when forcing the mitigation to IBRS on boot command line. This happened because when plain IBRS was enabled (not enhanced IBRS), the kernel had some logic that determined that STIBP was not needed. The IBRS bit implicitly protects against cross-thread branch target injection. However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.

Ubuntu Security Notice USN-6033-1

Ubuntu Security Notice 6033-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for thisCVE, kernel support for the TCINDEX classifier has been removed. William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6028-1

Ubuntu Security Notice 6028-1 - It was discovered that lixml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash.

Ubuntu Security Notice USN-6028-1

Ubuntu Security Notice 6028-1 - It was discovered that lixml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash.

Ubuntu Security Notice USN-5962-1

Ubuntu Security Notice 5962-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5950-1

Ubuntu Security Notice 5950-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5941-1

Ubuntu Security Notice 5941-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5938-1

Ubuntu Security Notice 5938-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5935-1

Ubuntu Security Notice 5935-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5929-1

Ubuntu Security Notice 5929-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5911-1

Ubuntu Security Notice 5911-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5912-1

Ubuntu Security Notice 5912-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

CVE-2022-41723

A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.

CVE-2022-45869

A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.