Advisory Published

RHSA-2025:3607: Red Hat OpenShift distributed tracing platform (Tempo) 3.5.1 release

First published: Fri Apr 04 2025(Updated: )

Release of Red Hat OpenShift distributed tracing provides following security improvements, bug fixes, and new features.<br>The Red Hat OpenShift distributed tracing (Tempo) 3.5.1 is based on the open source link:<a href="https://grafana.com/oss/tempo/" target="_blank">https://grafana.com/oss/tempo/</a>[Grafana Tempo] release 2.7.1.<br>Breaking changes:<br><li> With this update, for a user to create or modify a TempoStack or TempoMonolithic CR with enabled multi-tenancy, the user must have permissions to create a TokenReview and SubjectAccessReview.</li> Deprecations:<br><li> Nothing</li> Technology Preview features:<br><li> Nothing</li> Enhancements:<br><li> Nothing</li> Bug fixes:<br><li> <a href="https://access.redhat.com/security/cve/CVE-2025-2786" target="_blank">https://access.redhat.com/security/cve/CVE-2025-2786</a></li> <li> <a href="https://access.redhat.com/security/cve/CVE-2025-2842" target="_blank">https://access.redhat.com/security/cve/CVE-2025-2842</a></li> Known issues:<br><li> Currently, when the OpenShift tenancy mode is enabled, the ServiceAccount of the gateway component of a TempoStack or TempoMonolithic instance requires the TokenReview and SubjectAccessReview permissions for authorization. Workaround: deploy the instance in a dedicated namespace, and carefully audit which users have permission to read the Secrets in this namespace.</li>

Affected SoftwareAffected VersionHow to fix
Red Hat OpenShift Tempo
Grafana Tempo

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of RHSA-2025:3607?

    RHSA-2025:3607 is classified as a moderate-level security advisory indicating important updates are necessary.

  • How do I fix RHSA-2025:3607?

    To address RHSA-2025:3607, users should update to the latest version of Red Hat OpenShift Tempo and Grafana Tempo.

  • What vulnerabilities are addressed in RHSA-2025:3607?

    RHSA-2025:3607 addresses multiple vulnerabilities including CVE-2025-2786, CVE-2025-2842, and CVE-2025-30204.

  • Who is affected by RHSA-2025:3607?

    RHSA-2025:3607 affects users of Red Hat OpenShift Tempo and Grafana Tempo.

  • When was RHSA-2025:3607 released?

    RHSA-2025:3607 was released to provide security improvements and bug fixes pertinent to various users.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203