(RHSA-2023:4238) Moderate: Red Hat OpenShift Data Foundation 4.11.9 security and bug fix update

2023-07-2015:20:53

access.redhat.com

red hat openshift data foundation

software-defined storage

production-grade persistent storage

stateful applications

multi-cloud data management

s3-compatible api

security fix

bug fix

storage cluster management

ocp

fips mode

cve-2023-3089

backport

kms

vault

storage class encryption

maxopenshiftversion

bz#2209254

bz#2213451

image upgrade.

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.008

Percentile

81.9%

JSON

Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3-compatible API.

Security Fix(es):

openshift: OCP & FIPS mode (CVE-2023-3089)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

[Backport-4.11.z][KMS][VAULT] Storage cluster remains in ‘Progressing’ state during deployment with storage class encryption, despite all pods being up and running. (BZ#2209254)
Set maxOpenShiftVersion to block OpenShift that didn’t upgrade ODF version (BZ#2213451)

All users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.