===================================================================== CERT-Renater Note d'Information No. 2024/VULN152 _____________________________________________________________________ DATE : 27/03/2024 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Red Hat OpenShift GitOps versions prior to 1.10.2, 1.9.4. ===================================================================== https://access.redhat.com/errata/RHSA-2024:0692 https://access.redhat.com/errata/RHSA-2024:0691 _____________________________________________________________________ ===================================================================== Red Hat Security Advisory Synopsis: Critical: Errata Advisory for Red Hat OpenShift GitOps 1.10.2 security update Advisory ID: RHSA-2024:0692 Product: Red Hat OpenShift GitOps 1.10 Advisory URL: https://access.redhat.com/errata/RHSA-2024:0692 Issue date: 2024-02-05 CVE Names: CVE-2023-49568 CVE-2023-49569 CVE-2024-22424 ===================================================================== 1. Summary: An update is now available for Red Hat OpenShift GitOps v1.10.2. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenShift GitOps 1.10 - amd64, arm64, ppc64le, s390x 3. Description: RErrata Advisory for Red Hat OpenShift GitOps v1.10.2. Security Fix(es): * argo-cd: vulnerable to a cross-server request forgery (CSRF) attack (CVE-2024-22424) * go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients (CVE-2023-49569) * go-git: Maliciously crafted Git server replies can cause DoS on go-git clients (CVE-2023-49568) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2258165 - CVE-2023-49568 - go-git: Maliciously crafted Git server replies can cause DoS on go-git clients 2258143 - CVE-2023-49569 - go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients 2259105 - CVE-2024-22424 - argo-cd: vulnerable to a cross-server request forgery (CSRF) attack 6. Package List: Red Hat OpenShift GitOps 1.10 10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23 a108fd3f6ea8d1bd36c6566181d9dcd8a_s390x: openshift-gitops-1/argo-rollouts-rhel8@sha256:0d7f359ac63b8a4409990cfe083ca23a10 8fd3f6ea8d1bd36c6566181d9dcd8a_s390x.rpm 10:openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771 bbb773c45b4831db097baf3f9ee6fbfea_amd64: openshift-gitops-1/argo-rollouts-rhel8@sha256:0f7bfd12844a8a085389f1e83710771bbb 773c45b4831db097baf3f9ee6fbfea_amd64.rpm 10:openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d 86db1e8e04c2b696fdba1f2bf38607ba2_arm64: openshift-gitops-1/argo-rollouts-rhel8@sha256:176051467cd043fb8be19f955774b7d86d b1e8e04c2b696fdba1f2bf38607ba2_arm64.rpm 10:openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc 594dd2ba7735e4b87164307d49826b06d_ppc64le: openshift-gitops-1/argo-rollouts-rhel8@sha256:e01da16ac5214203a64214949fc6cfc594 dd2ba7735e4b87164307d49826b06d_ppc64le.rpm 10:openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40 c63cc26340cf134fd6f27bbf2f_ppc64le: openshift-gitops-1/argocd-rhel8@sha256:1e6c0ade5679cef406fa40d60dbe33d43cee40c63 cc26340cf134fd6f27bbf2f_ppc64le.rpm 10:openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399 b2f95000ec25b79e15cb3d2488_s390x: openshift-gitops-1/argocd-rhel8@sha256:5533770b712f4be8cbeb9e9333d6ca965f3399b2f 95000ec25b79e15cb3d2488_s390x.rpm 10:openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6 719c6293c928427551032ea39f_amd64: openshift-gitops-1/argocd-rhel8@sha256:553cce4966543b941e25502d6bd6f206e16ff6719 c6293c928427551032ea39f_amd64.rpm 10:openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3 f9d80c0e37d2b8a65a3f6b7c94_arm64: openshift-gitops-1/argocd-rhel8@sha256:6a5b94652937a1e328f2a696ec16a9f6cd46e3f9d 80c0e37d2b8a65a3f6b7c94_arm64.rpm 10:openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf82 7d26d57c2e92985ab173523fafd29d43d9_arm64: openshift-gitops-1/console-plugin-rhel8@sha256:1cee897edd81a6074b9f419830bf827d2 6d57c2e92985ab173523fafd29d43d9_arm64.rpm 10:openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964c e32c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le: openshift-gitops-1/console-plugin-rhel8@sha256:6bc125652fcbe50f1a4e6b575e964ce32 c79cdab0f2ac2f67e9823c99b5bb8cc_ppc64le.rpm 10:openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3 bbe2908e6976c9c326ca3895c5e28a26ef_amd64: openshift-gitops-1/console-plugin-rhel8@sha256:b7fa6ddd7db480c140c0915e2eace3bbe 2908e6976c9c326ca3895c5e28a26ef_amd64.rpm 10:openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556 944c05701a6f8a1c128fb7613b6998b15c_s390x: openshift-gitops-1/console-plugin-rhel8@sha256:d409129e5af678a5a8073b8a973556944 c05701a6f8a1c128fb7613b6998b15c_s390x.rpm 10:openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e906 15ac464aef0bd004c023e35_arm64: openshift-gitops-1/dex-rhel8@sha256:07a4fa68489c0c0a9146a86d459467b572701e90615a c464aef0bd004c023e35_arm64.rpm 10:openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf940 9e99e32ca9138750f0a03b3_s390x: openshift-gitops-1/dex-rhel8@sha256:84974ed36e68173fc02e18159240b019cc0fbf9409e9 9e32ca9138750f0a03b3_s390x.rpm 10:openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff7 7de69da5ea09041f6d986fe_ppc64le: openshift-gitops-1/dex-rhel8@sha256:897dd9a0a82aa69f2f199133d2e2c02c3b3572ff77de 69da5ea09041f6d986fe_ppc64le.rpm 10:openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599 ea2ee3eecfb5a8b36c7cf28_amd64: openshift-gitops-1/dex-rhel8@sha256:ef48a70c736ca8e34f47ed22faea4661dbbee4599ea2 ee3eecfb5a8b36c7cf28_amd64.rpm 10:openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f9660 65cec1abb8b8f291f147a02d932f151bd5bd_amd64: openshift-gitops-1/gitops-operator-bundle@sha256:068284fc4f37d48851394b4f966065c ec1abb8b8f291f147a02d932f151bd5bd_amd64.rpm 10:openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a9 52480eef95191a7042acf3bd2d5acaba1a4_s390x: openshift-gitops-1/gitops-rhel8-operator@sha256:24957afa1e02946318a742bd0d8a9524 80eef95191a7042acf3bd2d5acaba1a4_s390x.rpm 10:openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b 01377f5a3d504a23f0e4d797a41589ee5d5_amd64: openshift-gitops-1/gitops-rhel8-operator@sha256:3effdb2fffcce607ceca00b06198b013 77f5a3d504a23f0e4d797a41589ee5d5_amd64.rpm 10:openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed89 6ebda71e0a95f84eefa0513131e4fc7be13_arm64: openshift-gitops-1/gitops-rhel8-operator@sha256:4b9fabb5a3b6dca56f224e949ed896eb da71e0a95f84eefa0513131e4fc7be13_arm64.rpm 10:openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f 0dae4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le: openshift-gitops-1/gitops-rhel8-operator@sha256:7a459bb0e75f6fa50dad469f3cc4f0da e4f47c49aa30c7c5db7cd5d866dd3bbd_ppc64le.rpm 10:openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e 83e50862a2f9afa5d68502df45_arm64: openshift-gitops-1/gitops-rhel8@sha256:1cd5828e815804cd263b03943845d86b50af6e83e 50862a2f9afa5d68502df45_arm64.rpm 10:openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647f a260d1d8ffb615c10ed96e9823_s390x: openshift-gitops-1/gitops-rhel8@sha256:62982ae8c97406319475b6ecac08405103647fa26 0d1d8ffb615c10ed96e9823_s390x.rpm 10:openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1 017e0a4f188ce3361ded6289ea_amd64: openshift-gitops-1/gitops-rhel8@sha256:736e44bfa058eb2daa436d657def53198269b1017 e0a4f188ce3361ded6289ea_amd64.rpm 10:openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86 b85ba377e800f8381ed283391e_ppc64le: openshift-gitops-1/gitops-rhel8@sha256:84b7f4574e1b0dd6df243c0d0f2cb0fbee7c86b85 ba377e800f8381ed283391e_ppc64le.rpm 10:openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f3675 61356bc0f1a9dd08452e4e8b23d4d046_s390x: openshift-gitops-1/kam-delivery-rhel8@sha256:194c7209f7423288d0a7d219165f3675613 56bc0f1a9dd08452e4e8b23d4d046_s390x.rpm 10:openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77 162c6c601248b82ee4e688dfb76b1949_amd64: openshift-gitops-1/kam-delivery-rhel8@sha256:1cf22055695a55462fd1701f61fdea77162 c6c601248b82ee4e688dfb76b1949_amd64.rpm 10:openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa8 07f4943ad74b6c5d005db441166290b0_ppc64le: openshift-gitops-1/kam-delivery-rhel8@sha256:32c8bf92454a20f6e0f7458f781acaa807f 4943ad74b6c5d005db441166290b0_ppc64le.rpm 10:openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed8 0c7ce3a614a65f1b0d67b6820edc09de_arm64: openshift-gitops-1/kam-delivery-rhel8@sha256:9426722272fa084e9a65218e11b70ed80c7 ce3a614a65f1b0d67b6820edc09de_arm64.rpm 10:openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356 e529f3317495ac724a75e4012ed387b_s390x: openshift-gitops-1/must-gather-rhel8@sha256:1f7304d7790306cabf52a938573f4d356e52 9f3317495ac724a75e4012ed387b_s390x.rpm 10:openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d2 1a6bf5632263719c488803bfaa261c4_ppc64le: openshift-gitops-1/must-gather-rhel8@sha256:34659d09f4fa02893009641926ae256d21a6 bf5632263719c488803bfaa261c4_ppc64le.rpm 10:openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e3 4a8283980744984ec4105460515bd81_arm64: openshift-gitops-1/must-gather-rhel8@sha256:595524a658d71e31dca3a58d0b88769e34a8 283980744984ec4105460515bd81_arm64.rpm 10:openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948 c98ecdc0e568b9c6f8c3d8bc31eb1ae_amd64: openshift-gitops-1/must-gather-rhel8@sha256:ee1aec3cfa415a2135797d4beb1795948c98 ecdc0e568b9c6f8c3d8bc31eb1ae_amd64.rpm 7. References: https://access.redhat.com/security/cve/CVE-2023-49568 https://access.redhat.com/security/cve/CVE-2023-49569 https://access.redhat.com/security/cve/CVE-2024-22424 https://access.redhat.com/security/updates/classification/#critical https://docs.openshift.com/gitops/1.10/understanding_openshift_gitops/about-redhat-openshift-gitops.html _____________________________________________________________________ ===================================================================== Red Hat Security Advisory Synopsis: Critical: Errata Advisory for Red Hat OpenShift GitOps v1.9.4 security update Advisory ID: RHSA-2024:0691 Product: Red Hat OpenShift GitOps 1.9 Advisory URL: https://access.redhat.com/errata/RHSA-2024:0691 Issue date: 2024-02-05 CVE Names: CVE-2023-49568 CVE-2024-22424 ===================================================================== 1. Summary: An update is now available for Red Hat OpenShift GitOps v1.9.4. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenShift GitOps 1.9 - arm64, s390x, amd64, ppc64le 3. Description: Errata Advisory for Red Hat OpenShift GitOps v1.9.4. Security Fix(es): * TRIAGE CVE-2024-22424 openshift-gitops-operator-container: argo-cd: vulnerable to a cross-server request forgery (CSRF) attack [gitops-1.9] * CVE-2023-49568 openshift-gitops-container: go-git: Maliciously crafted Git server replies can cause DoS on go-git clients [gitops-1.9] * CVE-2023-49569 openshift-gitops-container: go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients [gitops-1.9] * CVE-2023-49568 openshift-gitops-argocd-container: go-git: Maliciously crafted Git server replies can cause DoS on go-git clients [gitops-1.9] For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2258165 - CVE-2023-49568 - go-git: Maliciously crafted Git server replies can cause DoS on go-git clients 2259105 - CVE-2024-22424 - argo-cd: vulnerable to a cross-server request forgery (CSRF) attack 6. Package List: Red Hat OpenShift GitOps 1.9 9:openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a7 23283d78add071ff4d36e85a10815e2a_ppc64le: openshift-gitops-1/argo-rollouts-rhel8@sha256:34d14cedc2ecd941f1ad4d38bce019a723 283d78add071ff4d36e85a10815e2a_ppc64le.rpm 9:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f442 5f14937d9117e6f5793d41695e400ebc_arm64: openshift-gitops-1/argo-rollouts-rhel8@sha256:bf88a002fcc9d1780b9a82595181f4425f 14937d9117e6f5793d41695e400ebc_arm64.rpm 9:openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f 8fc254b9f76d18751089028a0ec947ff_s390x: openshift-gitops-1/argo-rollouts-rhel8@sha256:c3d3b382770538d7388bf23a10b1915f8f c254b9f76d18751089028a0ec947ff_s390x.rpm 9:openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49e ee6e8fa60841a4b7398b536a34bea5a9_amd64: openshift-gitops-1/argo-rollouts-rhel8@sha256:e259d73120a0611fbabdc93b4ee9a49eee 6e8fa60841a4b7398b536a34bea5a9_amd64.rpm 9:openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0da d267ad8800b8146cbe7336cc6_s390x: openshift-gitops-1/argocd-rhel8@sha256:1072c8b7c1563b5b7c7eb29119ec97765c3e0dad2 67ad8800b8146cbe7336cc6_s390x.rpm 9:openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e5841242 2cc1f492c2bc515f5905ed516_arm64: openshift-gitops-1/argocd-rhel8@sha256:1cca6eda59e4ed1d409aa0ef039b524e58412422c c1f492c2bc515f5905ed516_arm64.rpm 9:openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e2 703e562e33e3b43a57c81a2e1_ppc64le: openshift-gitops-1/argocd-rhel8@sha256:218da32ea9eb21533976f1d8348b46e64a878e270 3e562e33e3b43a57c81a2e1_ppc64le.rpm 9:openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af5 487de4ecbedba1e818933aebb_amd64: openshift-gitops-1/argocd-rhel8@sha256:e96c6e5d7bf4ffc828a463e4f8f48f661ca8af548 7de4ecbedba1e818933aebb_amd64.rpm 9:openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a87626067601 74aecb0463987bc307e59e0f842dc7976_amd64: openshift-gitops-1/console-plugin-rhel8@sha256:4175e60402edd252b70a8762606760174 aecb0463987bc307e59e0f842dc7976_amd64.rpm 9:openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a 4123b809c03a785d4ed4e20a8efc61e35_s390x: openshift-gitops-1/console-plugin-rhel8@sha256:6a30cc9219b91d00524216523d1c45a41 23b809c03a785d4ed4e20a8efc61e35_s390x.rpm 9:openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0 f51b5d125d212bc341d59242448badec5_ppc64le: openshift-gitops-1/console-plugin-rhel8@sha256:a39ddb1efd87a6d2032b83aa4a0afa0f5 1b5d125d212bc341d59242448badec5_ppc64le.rpm 9:openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e293 5761ad2b1194a8f5797490b01523fa875_arm64: openshift-gitops-1/console-plugin-rhel8@sha256:f4dbcf9637738494a0906ab3da3e29357 61ad2b1194a8f5797490b01523fa875_arm64.rpm 9:openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b 1156333312e5b737bbf381_amd64: openshift-gitops-1/dex-rhel8@sha256:60b93bcaf87c4b277bbfc18a920d246363452e0f5b11 56333312e5b737bbf381_amd64.rpm 9:openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c95 021127c75a7f9f3a64aab0_s390x: openshift-gitops-1/dex-rhel8@sha256:962c98496645544fba458f5862aa4bc8abf43c6c9502 1127c75a7f9f3a64aab0_s390x.rpm 9:openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d 2d08adb6bb79aed39e693c_arm64: openshift-gitops-1/dex-rhel8@sha256:c80e9ddfe27033af92d26aa16da7a2211bdca4a17d2d 08adb6bb79aed39e693c_arm64.rpm 9:openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b 4c32cbe6da56376d9cbb1e_ppc64le: openshift-gitops-1/dex-rhel8@sha256:d87f8baf652171fc9bae7818f9de36412f01bd3c0b4c 32cbe6da56376d9cbb1e_ppc64le.rpm 9:openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b 56108f5f390a6da56afb6ab7a37cb4578e2_amd64: openshift-gitops-1/gitops-operator-bundle@sha256:27efa0ab1d9c69047a924bc1dcd2b56 108f5f390a6da56afb6ab7a37cb4578e2_amd64.rpm 9:openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98 d26c98eadd521cb6c470d8b1b5eb7057e0_amd64: openshift-gitops-1/gitops-rhel8-operator@sha256:3da9453e99b7515c0e23ceab208c98d2 6c98eadd521cb6c470d8b1b5eb7057e0_amd64.rpm 9:openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da21 2af1d133f2945c61f07fff2e45a8a8d068_ppc64le: openshift-gitops-1/gitops-rhel8-operator@sha256:412d9d2eec7c05923183621f62da212a f1d133f2945c61f07fff2e45a8a8d068_ppc64le.rpm 9:openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9 a6a65bb2e563c64f48f58347bd146a2960_s390x: openshift-gitops-1/gitops-rhel8-operator@sha256:b509f44121f29f65da9302ad916df9a6 a65bb2e563c64f48f58347bd146a2960_s390x.rpm 9:openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7 edcbb30e9724f781d43e3529fe0abb4798_arm64: openshift-gitops-1/gitops-rhel8-operator@sha256:fbf6a44ccd0ea12d8d2e069203a5d7ed cbb30e9724f781d43e3529fe0abb4798_arm64.rpm 9:openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c21431158 85dcef479e8e68ac929ae3820_s390x: openshift-gitops-1/gitops-rhel8@sha256:0e589b8414b025e6bcbfba17590341c2143115885 dcef479e8e68ac929ae3820_s390x.rpm 9:openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d552 37b9a7fa5c7ff615def846a61_amd64: openshift-gitops-1/gitops-rhel8@sha256:521c08653c7792317e5872c306b4e276da0d55237 b9a7fa5c7ff615def846a61_amd64.rpm 9:openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8ea a8bf32c6b57e11a8a34dc534e_arm64: openshift-gitops-1/gitops-rhel8@sha256:5a446497a5e9ea9e9ee6501e0664c22b410d8eaa8 bf32c6b57e11a8a34dc534e_arm64.rpm 9:openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5c b491ba83fbe31c203b2c87e58_ppc64le: openshift-gitops-1/gitops-rhel8@sha256:8fc8c324c3f9671dbb6102676fa11c3e5dbab5cb4 91ba83fbe31c203b2c87e58_ppc64le.rpm 9:openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d0 1b972c293b8bfdb768e072cda2d1283_s390x: openshift-gitops-1/kam-delivery-rhel8@sha256:66f047335f44ca1fdd69f38002bceb3d01b 972c293b8bfdb768e072cda2d1283_s390x.rpm 9:openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b 3c818522e17f2bbd7acf99d2613f59a_arm64: openshift-gitops-1/kam-delivery-rhel8@sha256:6751faddc6fad904c7e9b72118fd90b9b3c 818522e17f2bbd7acf99d2613f59a_arm64.rpm 9:openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e85 2e425f743c57b829c1dea170d1840a8_ppc64le: openshift-gitops-1/kam-delivery-rhel8@sha256:7eb085abd98c9e2ea3bea9a31dda02e852e 425f743c57b829c1dea170d1840a8_ppc64le.rpm 9:openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc414974 451ad73f7c93f758a8e98bf487606b4_amd64: openshift-gitops-1/kam-delivery-rhel8@sha256:dd6b5013139815f60509703f6fc41497445 1ad73f7c93f758a8e98bf487606b4_amd64.rpm 9:openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb 7bbdf04cc2c4639590d610f9cf3d38_ppc64le: openshift-gitops-1/must-gather-rhel8@sha256:32b44ea49cb194e826b2532ac3f11e0dcb7b bdf04cc2c4639590d610f9cf3d38_ppc64le.rpm 9:openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ec e5926ba10e62f99678fe103239c124_s390x: openshift-gitops-1/must-gather-rhel8@sha256:623c6f082189daa2b4af5750acaaa856ece5 926ba10e62f99678fe103239c124_s390x.rpm 9:openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2b db84748a2a0ec49477f602b9d2ef99_amd64: openshift-gitops-1/must-gather-rhel8@sha256:793f9cd70553423d340ce703ec639dca2bdb 84748a2a0ec49477f602b9d2ef99_amd64.rpm 9:openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290 b3b471ef298c27c0a890cf6847eab3_arm64: openshift-gitops-1/must-gather-rhel8@sha256:7de4cb6db7d0792022f92af68cb9ea7290b3 b471ef298c27c0a890cf6847eab3_arm64.rpm 7. References: https://access.redhat.com/security/cve/CVE-2023-49568 https://access.redhat.com/security/cve/CVE-2024-22424 https://access.redhat.com/security/updates/classification/#critical https://docs.openshift.com/container-platform/latest/cicd/gitops/understanding-openshift-gitops.html ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================