Red Hat Security Advisory 2024-8563-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8563.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: buildah security updateAdvisory ID:        RHSA-2024:8563-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8563Issue date:         2024-10-30Revision:           03CVE Names:          CVE-2024-9675====================================================================Summary: An update for buildah is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Security Fix(es):* buildah: Buildah allows arbitrary directory mount (CVE-2024-9675)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-9675References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2317458

Red Hat Security Advisory 2024-8563-03

Red Hat Security Advisory 2024-8546-03 - Red Hat Advanced Cluster Management for Kubernetes 2.9.5 General Availability release images, which fix bugs and update container images.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8546.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: Red Hat Advanced Cluster Management 2.9.5 bug fixes and container updates  
Advisory ID:        RHSA-2024:8546-03  
Product:            Red Hat ACM  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8546  
Issue date:         2024-10-30  
Revision:           03  
CVE Names:          CVE-2024-42459  
====================================================================

Summary: 

Red Hat Advanced Cluster Management for Kubernetes 2.9.5 General  
Availability release images, which fix bugs and update container images.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.

Description:

Red Hat Advanced Cluster Management for Kubernetes 2.9.5 images

Red Hat Advanced Cluster Management for Kubernetes provides the  
capabilities to address common challenges that administrators and site  
reliability engineers face as they work across a range of public and  
private cloud environments. Clusters and applications are all visible and  
managed from a single console, with security policy built in.

This advisory contains the container images for Red Hat Advanced Cluster  
Management for Kubernetes, which fix several bugs. See the following  
Release Notes documentation, which will be updated for this  
release, for additional details:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.9/html/release_notes/

Security fix(es):  
nodejs/elliptic: EDDSA signature malleability occurs because there is a missing signature length check, and thus zero-valued bytes can be removed or appended (CVE-2024-42459)  
nodejs/elliptic: ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and s is zero (CVE-2024-42460)  
nodejs/elliptic: ECDSA implementation malleability due to BER-enconded signatures being allowed (CVE-2024-42461)  
Missing Validation in Elliptic's EDDSA Signature Verification (CVE-2024-48949)

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-42459

References:

https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.9/html/release_notes/

Red Hat Security Advisory 2024-8546-03

Red Hat Security Advisory 2024-8543-03 - An update for the pki-core:10.6 and pki-deps:10.6 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8543.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: pki-core:10.6 and pki-deps:10.6 security updateAdvisory ID:        RHSA-2024:8543-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8543Issue date:         2024-10-30Revision:           03CVE Names:          CVE-2024-38286====================================================================Summary: An update for the pki-core:10.6 and pki-deps:10.6 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.Security Fix(es):* tomcat: Denial of Service in Tomcat (CVE-2024-38286)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-38286References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2314686

Red Hat Security Advisory 2024-8543-03

Red Hat Security Advisory 2024-8534-03 - An update is now available for Red Hat Ansible Automation Platform 2.5. Issues addressed include cross site scripting and memory exhaustion vulnerabilities.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8534.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: Red Hat Ansible Automation Platform 2.5 Product Release UpdateAdvisory ID:        RHSA-2024:8534-03Product:            Red Hat Ansible Automation PlatformAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8534Issue date:         2024-10-30Revision:           03CVE Names:          CVE-2024-10033====================================================================Summary: An update is now available for Red Hat Ansible Automation Platform 2.5Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.Security Fix(es):* automation-controller: Django: Memory exhaustion in django.utils.numberformat.floatformat() (CVE-2024-41989)* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-45230)* automation-gateway: XSS on automation-gateway (CVE-2024-10033)* receptor: quic-go: memory exhaustion attack against QUIC's connection ID mechanism (CVE-2024-22189)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Updates and fixes included:* With this update, upgrades from Ansible Automation Platform 2.4 to 2.5 are supported for RPM and Operator-based deployments for Automation controller and Automation hub. For more information on how to upgrade, refer to the Upgrading section of the AAP landing page. (ANSTRAT-809)Container-based Ansible Automation Platform* The TLS Certificate Authority private key can now use a passphrase. (AAP-33594)* Automation hub is populated with container images (decision and execution environments) and Ansible collections. (AAP-33759)* The Automation controller, Event-Driven Ansible, and automation hub legacy UIs now display a redirect page to the Platform UI rather than a blank page. (AAP-33794)* Fixed the uninstall playbook execution when the environment was already uninstalled. (AAP-32981)* containerized installer setup has been updated to 2.5-3RPM-based Ansible Automation Platform* Added platform Redis to RPM-based Ansible Automation Platform. This allows a 6 node cluster for a Redis high availability (HA) deployment. (AAP-33773)* Removed the variable aap_caching_mtls and replaced it with redis_disable_tls and redis_disable_mtls which are boolean flags that disable Redis server TLS and Redis client certificate authentication. (AAP-33773)* An informative redirect page is now shown when going to automation controller, Event-Driven Ansible, or automation hub URL. (AAP-33827)* ansible-automation-platform-installer and installer setup have been updated to 2.5-4Additional changes:* automation-controller has been updated to 4.6.2* automation-eda-controller has been updated to 1.1.2* automation-gateway has been updated to 2.5.3* automation-hub/python3.11-galaxy-ng has been updated to 4.10.1* python3.11-django-ansible-base has been updated to 2.5.3* receptor has been updated to 1.4.9Solution:CVEs:CVE-2024-10033References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2273513https://bugzilla.redhat.com/show_bug.cgi?id=2302433https://bugzilla.redhat.com/show_bug.cgi?id=2314485https://bugzilla.redhat.com/show_bug.cgi?id=2319162

Red Hat Security Advisory 2024-8534-03

Red Hat Security Advisory 2024-8533-03 - Multicluster Engine for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8533.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: Multicluster Engine for Kubernetes 2.4.6 security updates and bug fixes  
Advisory ID:        RHSA-2024:8533-03  
Product:            multicluster engine for Kubernetes  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8533  
Issue date:         2024-10-30  
Revision:           03  
CVE Names:          CVE-2024-42459  
====================================================================

Summary: 

Multicluster Engine for Kubernetes 2.4.6 General Availability release images,   
which fix bugs and update container images.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.

Description:

Multicluster engine for Kubernetes v2.4.6 images

Multicluster engine for Kubernetes provides the foundational components  
that are necessary for the centralized management of multiple  
Kubernetes-based clusters across data centers, public clouds, and private  
clouds.

You can use the engine to create new Red Hat OpenShift Container Platform  
clusters or to bring existing Kubernetes-based clusters under management by  
importing them. After the clusters are managed, you can use the APIs that  
are provided by the engine to distribute configuration based on placement  
policy.

nodejs/elliptic: EDDSA signature malleability occurs because there is a missing signature length check, and thus zero-valued bytes can be removed or appended (CVE-2024-42459)  
nodejs/elliptic: ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and s is zero (CVE-2024-42460)  
nodejs/elliptic: ECDSA implementation malleability due to BER-enconded signatures being allowed (CVE-2024-42461)  
Missing Validation in Elliptic's EDDSA Signature Verification(CVE-2024-48949)

Solution:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.9/html/clusters/install_upgrade/installing-while-connected-online-mce

CVEs:

CVE-2024-42459

References:

https://access.redhat.com/security/updates/classification/#important

Red Hat Security Advisory 2024-8533-03

Red Hat Security Advisory 2024-8528-03 - An update for pki-servlet-engine is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8528.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: pki-servlet-engine security updateAdvisory ID:        RHSA-2024:8528-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:8528Issue date:         2024-10-30Revision:           03CVE Names:          CVE-2024-38286====================================================================Summary: An update for pki-servlet-engine is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Tomcat is the servlet engine that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process.  Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world.Security Fix(es):* tomcat: Denial of Service in Tomcat (CVE-2024-38286)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-38286References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2314686

Red Hat Security Advisory 2024-8528-03

Red Hat Security Advisory 2024-8317-03 - Logging for Red Hat OpenShift - 5.8.14.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8317.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: Logging for Red Hat OpenShift - 5.8.14  
Advisory ID:        RHSA-2024:8317-03  
Product:            logging for Red Hat OpenShift  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8317  
Issue date:         2024-10-29  
Revision:           03  
CVE Names:          CVE-2024-24791  
====================================================================

Summary: 

Logging for Red Hat OpenShift - 5.8.14

Description:

Logging for Red Hat OpenShift - 5.8.14

Solution:

https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html

https://docs.openshift.com/container-platform/4.13/logging/cluster-logging-upgrading.html

CVEs:

CVE-2024-24791

References:

https://access.redhat.com/security/updates/classification/#important  
https://issues.redhat.com/browse/LOG-4671  
https://issues.redhat.com/browse/LOG-6182  
https://issues.redhat.com/browse/LOG-6184  
https://issues.redhat.com/browse/LOG-6266

Red Hat Security Advisory 2024-8317-03

Red Hat Security Advisory 2024-8315-03 - Logging for Red Hat OpenShift - 5.9.8.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8315.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: Logging for Red Hat OpenShift - 5.9.8  
Advisory ID:        RHSA-2024:8315-03  
Product:            logging for Red Hat OpenShift  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8315  
Issue date:         2024-10-29  
Revision:           03  
CVE Names:          CVE-2024-24791  
====================================================================

Summary: 

Logging for Red Hat OpenShift - 5.9.8

Description:

Logging for Red Hat OpenShift - 5.9.8

Solution:

https://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html

https://docs.openshift.com/container-platform/4.14/logging/cluster-logging-upgrading.html

CVEs:

CVE-2024-24791

References:

https://access.redhat.com/security/updates/classification/#important  
https://issues.redhat.com/browse/LOG-6159  
https://issues.redhat.com/browse/LOG-6169  
https://issues.redhat.com/browse/LOG-6181  
https://issues.redhat.com/browse/LOG-6183  
https://issues.redhat.com/browse/LOG-6206  
https://issues.redhat.com/browse/LOG-6214

Red Hat Security Advisory 2024-8315-03

Red Hat Security Advisory 2024-8314-03 - Logging for Red Hat OpenShift - 6.0.1.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8314.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: Logging for Red Hat OpenShift - 6.0.1  
Advisory ID:        RHSA-2024:8314-03  
Product:            logging for Red Hat OpenShift  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8314  
Issue date:         2024-10-29  
Revision:           03  
CVE Names:          CVE-2024-6104  
====================================================================

Summary: 

Logging for Red Hat OpenShift - 6.0.1

Description:

Logging for Red Hat OpenShift - 6.0.1

Solution:

https://docs.openshift.com/container-platform/4.16/release_notes/ocp-4-16-release-notes.html

https://docs.openshift.com/container-platform/4.16/observability/logging/logging-6.0/log6x-upgrading-to-6.html

CVEs:

CVE-2024-6104

References:

https://access.redhat.com/security/updates/classification/#important  
https://issues.redhat.com/browse/LOG-6129  
https://issues.redhat.com/browse/LOG-6151  
https://issues.redhat.com/browse/LOG-6180  
https://issues.redhat.com/browse/LOG-6202

Red Hat Security Advisory 2024-8314-03

Red Hat Security Advisory 2024-8235-03 - Red Hat OpenShift Container Platform release 4.14.39 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution, denial of service, and out of bounds write vulnerabilities.

The following advisory data is extracted from:

https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8235.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: OpenShift Container Platform 4.14.39 security update  
Advisory ID:        RHSA-2024:8235-03  
Product:            Red Hat OpenShift Enterprise  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:8235  
Issue date:         2024-10-28  
Revision:           03  
CVE Names:          CVE-2023-29401  
====================================================================

Summary: 

Red Hat OpenShift Container Platform release 4.14.39 is now available with updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.14.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container Platform 4.14.39. See the following advisory for the RPM packages for this release:

https://access.redhat.com/errata/RHSA-2024:8238

Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html

Security Fix(es):

* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames  
causes DoS (CVE-2023-45288)  
* glibc: Out of bounds write in iconv may lead to remote code execution  
(CVE-2024-2961)  
* openstack-ironic: Specially crafted image may allow authenticated users  
to gain access to potentially sensitive data (CVE-2024-44082)  
* golang-github-gin-gonic-gin: Gin Web Framework does not properly sanitize  
filename parameter of Context.FileAttachment function (CVE-2023-29401)  
* opentelemetry-go-contrib: DoS vulnerability in otelgrpc due to unbound  
cardinality metrics (CVE-2023-47108)  
* ssh: Prefix truncation attack on Binary Packet Protocol (BPP)  
(CVE-2023-48795)  
* jose-go: improper handling of highly compressed data (CVE-2024-28180)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.  
All OpenShift Container Platform 4.14 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html

Solution:

CVEs:

CVE-2023-29401

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2216957  
https://bugzilla.redhat.com/show_bug.cgi?id=2251198  
https://bugzilla.redhat.com/show_bug.cgi?id=2254210  
https://bugzilla.redhat.com/show_bug.cgi?id=2268273  
https://bugzilla.redhat.com/show_bug.cgi?id=2268854  
https://bugzilla.redhat.com/show_bug.cgi?id=2273404  
https://bugzilla.redhat.com/show_bug.cgi?id=2309331  
https://issues.redhat.com/browse/OCPBUGS-25727  
https://issues.redhat.com/browse/OCPBUGS-32266  
https://issues.redhat.com/browse/OCPBUGS-37353  
https://issues.redhat.com/browse/OCPBUGS-37552  
https://issues.redhat.com/browse/OCPBUGS-39019  
https://issues.redhat.com/browse/OCPBUGS-41246  
https://issues.redhat.com/browse/OCPBUGS-41836  
https://issues.redhat.com/browse/OCPBUGS-41918  
https://issues.redhat.com/browse/OCPBUGS-42517  
https://issues.redhat.com/browse/OCPBUGS-42518  
https://issues.redhat.com/browse/OCPBUGS-42533  
https://issues.redhat.com/browse/OCPBUGS-42567  
https://issues.redhat.com/browse/OCPBUGS-42603  
https://issues.redhat.com/browse/OCPBUGS-42757  
https://issues.redhat.com/browse/OCPBUGS-42828  
https://issues.redhat.com/browse/OCPBUGS-42986

Tag

#red_hat