rhsa-2024_1557
Vulnerability from csaf_redhat
Published
2024-03-28 05:31
Modified
2024-11-06 15:19
Summary
Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift Builds 1.0.1
Notes
Topic
An update is now available for Red Hat OpenShift Builds 1.0.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Builds 1.0.
Security Fix(es):
* CVE-2023-48795 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
* CVE-2023-49569 go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients
* CVE-2023-49568 go-git: Maliciously crafted Git server replies can cause DoS on go-git clients
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat OpenShift Builds 1.0.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Builds 1.0.\n\nSecurity Fix(es):\n\n* CVE-2023-48795 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)\n* CVE-2023-49569 go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients\n* CVE-2023-49568 go-git: Maliciously crafted Git server replies can cause DoS on go-git clients\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:1557", "url": "https://access.redhat.com/errata/RHSA-2024:1557" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "2258143", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258143" }, { "category": "external", "summary": "2258165", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1557.json" } ], "title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift Builds 1.0.1", "tracking": { "current_release_date": "2024-11-06T15:19:12+00:00", "generator": { "date": "2024-11-06T15:19:12+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2024:1557", "initial_release_date": "2024-03-28T05:31:12+00:00", "revision_history": [ { "date": "2024-03-28T05:31:12+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-03-28T05:31:12+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T15:19:12+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Builds for Red Hat OpenShift 1.0", "product": { "name": "Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_builds:1.0::el8" } } } ], "category": "product_family", "name": "Builds for Red Hat OpenShift" }, { "branches": [ { "category": "product_version", "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "product": { "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "product": { "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "product": { "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "product": { "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "product": { "name": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "product": { "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "product": { "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "product": { "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "product": { "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "product": { "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "product": { "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "product": { "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "product": { "name": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "product": { "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "product": { "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "product": { "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "product": { "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "product": { "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "product": { "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "product": { "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "product": { "name": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "product": { "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "product": { "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64", "product": { "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64", "product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4" } } } ], "category": "architecture", "name": "arm64" }, { "branches": [ { "category": "product_version", "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "product": { "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "product": { "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "product": { "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "product": { "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "product": { "name": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "product": { "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "product": { "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4" } } }, { "category": "product_version", "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "product": { "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x" }, "product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64" }, "product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le" }, "product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64" }, "product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64" }, "product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le" }, "product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64" }, "product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x" }, "product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le" }, "product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64" }, "product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x" }, "product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64" }, "product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64" }, "product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x" }, "product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64" }, "product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le" }, "product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le" }, "product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64" }, "product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x" }, "product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64" }, "product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64" }, "product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64" }, "product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le" }, "product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x" }, "product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64" }, "product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x" }, "product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64" }, "product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le" }, "product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64" }, "product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le" }, "product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x" }, "product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64 as a component of Builds for Red Hat OpenShift 1.0", "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64" }, "product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64", "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "discovery_date": "2023-12-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2254210" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)", "title": "Vulnerability summary" }, { "category": "other", "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-48795" }, { "category": "external", "summary": "RHBZ#2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795", "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795" }, { "category": "external", "summary": "https://access.redhat.com/solutions/7071748", "url": "https://access.redhat.com/solutions/7071748" }, { "category": "external", "summary": "https://terrapin-attack.com/", "url": "https://terrapin-attack.com/" } ], "release_date": "2023-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-28T05:31:12+00:00", "details": "For details on how to apply this update, which includes the changes described in\nthis advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1557" }, { "category": "workaround", "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748", "product_ids": [ "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)" }, { "cve": "CVE-2023-49568", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2258165" } ], "notes": [ { "category": "description", "text": "A denial of service (DoS) vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients.", "title": "Vulnerability description" }, { "category": "summary", "text": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients", "title": "Vulnerability summary" }, { "category": "other", "text": "This problem only affects the go implementation and not the original git cli code. Applications using only in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-49568" }, { "category": "external", "summary": "RHBZ#2258165", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-49568", "url": "https://www.cve.org/CVERecord?id=CVE-2023-49568" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568" }, { "category": "external", "summary": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r", "url": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r" } ], "release_date": "2023-12-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-28T05:31:12+00:00", "details": "For details on how to apply this update, which includes the changes described in\nthis advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1557" }, { "category": "workaround", "details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.", "product_ids": [ "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients" }, { "cve": "CVE-2023-49569", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2024-01-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2258143" } ], "notes": [ { "category": "description", "text": "A path traversal vulnerability was discovered in the go library go-git. This issue may allow an attacker to create and amend files across the filesystem when applications are using the default ChrootOS, potentially allowing remote code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients", "title": "Vulnerability summary" }, { "category": "other", "text": "This problem only affects the go implementation and not the original git cli code. Applications using BoundOS or in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.\n\nIn OpenShift Container Platform (OCP) the vulnerable github.com/go-git/go-git/v5 Go package is used as a dependency in many components where the vulnerable function is not used, hence the impact by this vulnerability is reduced to Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-49569" }, { "category": "external", "summary": "RHBZ#2258143", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258143" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-49569", "url": "https://www.cve.org/CVERecord?id=CVE-2023-49569" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49569", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49569" }, { "category": "external", "summary": "https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88", "url": "https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88" } ], "release_date": "2024-01-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-28T05:31:12+00:00", "details": "For details on how to apply this update, which includes the changes described in\nthis advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1557" }, { "category": "workaround", "details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.", "product_ids": [ "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x", "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.