RHSA-2022:6954: Moderate: Red Hat Advanced Cluster Management 2.5.3 security fixes and bug fixes
First published: Thu Oct 13 2022(Updated: )
Red Hat Advanced Cluster Management for Kubernetes 2.5.3 images<br>Red Hat Advanced Cluster Management for Kubernetes provides the<br>capabilities to address common challenges that administrators and site<br>reliability engineers face as they work across a range of public and<br>private cloud environments. Clusters and applications are all visible and<br>managed from a single console—with security policy built in.<br>This advisory contains the container images for Red Hat Advanced Cluster<br>Management for Kubernetes, which fix security issues and several bugs. See the following Release Notes documentation, which will be updated shortly for this<br>release, for additional details about this release:<br><a href="https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html/release_notes/" target="_blank">https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html/release_notes/</a> Security fix: <br><li> search-api-container: search-api: SQL injection leads to remote denial of service (CVE-2022-2238)</li> Bug fixes:<br><li> search-aggregator pod is continuously getting OOMkilled on the hub (BZ# 2092863)</li> <li> ACM 2.5 cannot create known_hosts file when pulling from ssh git repo (BZ# 2105885)</li> <li> Production RHACM upgrade from v2.4.2 to 2.5.1 (BZ# 2121063)</li> <li> No errors shown for failed helm deployments (BZ# 2124636)</li> <li> In topology, cluster deploy status is shown as not deployed however new project is created on the cluster (BZ# 2125441)</li>
| Affected Software | Affected Version | How to fix |
|---|
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=2092863
- https://bugzilla.redhat.com/show_bug.cgi?id=2101669
- https://bugzilla.redhat.com/show_bug.cgi?id=2105885
- https://bugzilla.redhat.com/show_bug.cgi?id=2121063
- https://bugzilla.redhat.com/show_bug.cgi?id=2124636
- https://bugzilla.redhat.com/show_bug.cgi?id=2125441
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/errata/RHSA-2022:6954 (Advisory)
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2022:6954
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness