Issued:: 2025-06-04
Updated:: 2025-06-04

RHSA-2025:8544 - Security Advisory

Overview
Updated Images

Synopsis

Important: Red Hat OpenShift Data Foundation 4.15.14 Bug Fix Update

Type/Severity

Security Advisory: Important

Topic

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.15.14 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.

Description

Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3 compatible API.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat OpenShift Data Foundation 4 for RHEL 9 x86_64
Red Hat OpenShift Data Foundation for IBM Power, little endian 4 for RHEL 9 ppc64le
Red Hat OpenShift Data Foundation for IBM Z and LinuxONE 4 for RHEL 9 s390x
Red Hat OpenShift Data Foundation for RHEL 9 ARM 4 aarch64

Fixes

BZ - 2270863 - CVE-2024-29180 webpack-dev-middleware: lack of URL validation may lead to file leak
BZ - 2290901 - CVE-2024-29041 express: cause malformed URLs to be evaluated
BZ - 2292777 - CVE-2024-37890 nodejs-ws: denial of service when handling a request with many HTTP headers
BZ - 2295035 - CVE-2024-39249 nodejs-async: Regular expression denial of service while parsing function in autoinject
BZ - 2311171 - CVE-2024-45590 body-parser: Denial of Service Vulnerability in body-parser
BZ - 2312579 - CVE-2024-11831 npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript
BZ - 2319884 - CVE-2024-21536 http-proxy-middleware: Denial of Service
BZ - 2322949 - CVE-2024-48910 dompurify: DOMPurify vulnerable to tampering by prototype pollution
BZ - 2324550 - CVE-2024-21538 cross-spawn: regular expression denial of service
BZ - 2333122 - CVE-2024-45338 golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html
BZ - 2348366 - CVE-2025-22868 golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws
BZ - 2354195 - CVE-2025-30204 golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing
DFBUGS-1034 - [2313424] [4.15] [GSS] MDSCacheUsageHigh alert firing
DFBUGS-2604 - [Critical] Upgrade ceph version to RHCEPH-7.1z4 at ODF-4.15.14

References

https://access.redhat.com/security/updates/classification/#important

aarch64

odf4/mcg-core-rhel9@sha256:6dad7882970e02ae4305a5b67b2baac56010c752628a69b45758c6ce290b0221

odf4/mcg-rhel9-operator@sha256:16ce19df455cdabaf4ea4b46d04bd5545fd48afb7461ca0a1eae93b397a93e7c

odf4/ocs-client-rhel9-operator@sha256:23eaa0055fe21575f001b289b218528299be0758bbc81dc7c96ad8881e575c93

odf4/ocs-rhel9-operator@sha256:1f178dec0859af50f07223570bb6c593bc05b4714106db7be7e4d93b543bb680

odf4/odf-cli-rhel9@sha256:1428888e36d590f31719c289900b934d4c74dbaad92b2eb9cf115a0d52736be9

odf4/odf-csi-addons-rhel9-operator@sha256:301b4a210fae01b67b48ab51c5aca6d86925f9d6bc1d1da918d23af3bb247be5

odf4/odf-csi-addons-sidecar-rhel9@sha256:af8c9287053cffb1dc7e44b8f756ae4caa79d0e79823123d9aa23b13ad5a3807

odf4/odf-multicluster-rhel9-operator@sha256:afb38cf456c0cd89d79cef4aa32309d0ec9a9ab1509e9d0bb765f2cdd45e153d

odf4/odf-must-gather-rhel9@sha256:44292b6abb12a9998c77d895fa93ea46e9a5078a105933606c0bdba0e20bb160

odf4/odf-rhel9-operator@sha256:aedc8ff3c78050768b31f155c8e8deae30d24c5c41436ce9922aa18b2cc6ccfd

odf4/odr-rhel9-operator@sha256:cfc7dbe7046457f7969368c7dc2d18db5d8b1dc04588e3378cdfe7711c077d45

ppc64le

odf4/cephcsi-rhel9@sha256:21b8cf141ecf150fc0810a008c8e38e370ba688c3cd6f3457c3e6fc3ee52b4d6

odf4/mcg-core-rhel9@sha256:a56aca673c704e876691dd83498943f3f8db6c0253de88bb2c0bf548b0fa7d38

odf4/mcg-operator-bundle@sha256:726df27ad9d432f1fa7f6c75266e6f562fe629284fe1511f94d2a4a38c6c1645

odf4/mcg-rhel9-operator@sha256:766a960eacb7eda308dc93bb19b8562a732dc07a6af6e444c728d215f61329d1

odf4/ocs-client-console-rhel9@sha256:2ddceee0eb1df73ed31f43c255ff2a0909182cc65ffb8d5b3a8c12b799353308

odf4/ocs-client-operator-bundle@sha256:c27dd90be2061ff149347f708dee2e98a9253e9c354e987abe956ed1fe4c9506

odf4/ocs-client-rhel9-operator@sha256:5987d7027a35dc683f5f12111dc0ade483019ebf4879244746c2aef783930fa9

odf4/ocs-metrics-exporter-rhel9@sha256:0b21eff1f4effc630145bb027c228d08fa46a685f87d8dae4a2f7a10b73a9950

odf4/ocs-operator-bundle@sha256:4c711bfecd9bdd055508a8ee96b3215d808a82d18e69ef221bec3a3734567751

odf4/ocs-rhel9-operator@sha256:2877b4ca6ce26d87d4d70d81b3213ad35a1e08d6db082c424584d2178ab87f1e

odf4/odf-cli-rhel9@sha256:ed8d6fdcce3974d7e63ebc11f4d65630e43d5cd8e4ac0913d7e133312f38a955

odf4/odf-console-rhel9@sha256:0c97fb4f66806d76d077f7a98740e48c4bf2d41c49a063f26608844e18dcd4e8

odf4/odf-cosi-sidecar-rhel9@sha256:4f3e899a1bf0b9a44dff11747a238d418995fb64014e7f5c3d7d59718071db1d

odf4/odf-csi-addons-operator-bundle@sha256:ac520c9d7f87c9a4b38c2aa74abea553c92de657ef2b2327dcc363db75c38ceb

odf4/odf-csi-addons-rhel9-operator@sha256:67b18a7d7dde56f313d29f7a06eabc0e102c38a6433ae742e7639678d34c1de1

odf4/odf-csi-addons-sidecar-rhel9@sha256:8eb437d871ba4ca8bdb084ed45999d3659b51948fe3fd66cc7f926cef9355a1b

odf4/odf-multicluster-console-rhel9@sha256:3cb02185bcfb8f51b014d03cd8c67f056d3207f7a219f31f7c461b3ae7d972ea

odf4/odf-multicluster-operator-bundle@sha256:e44b46e633f81c7e5bb86d479b458bb6a08432aa9d3a8388f609477263ff40a2

odf4/odf-multicluster-rhel9-operator@sha256:17a689023ae55ca9862ea26aba58df9943a4eb8dcd39c1a7b089f8039c40a796

odf4/odf-must-gather-rhel9@sha256:1d7d22b0924ac4ee67f23499785df33630d1388b7e4460d581032707a3b16b80

odf4/odf-operator-bundle@sha256:57013a61d4644f9188e7c59b002a0e2c26a730bff081713ae9b658ea52664022

odf4/odf-rhel9-operator@sha256:03468974f18be943dba537991a3aa0db1fc665776f986012685c0c09ef0a7ab3

odf4/odr-cluster-operator-bundle@sha256:088ff30f99f9087586b4d2eae59d15606e51b497b3bdbb08d860aa87c248d552

odf4/odr-hub-operator-bundle@sha256:85f961a9eb4832dd5e74e4abb864d57bb56355f24f806dee2026e992c01b1e92

odf4/odr-rhel9-operator@sha256:37e4c96774444d44094174d61cdbcd6af117dfbcecc7e064c505ae93c4520d86

odf4/rook-ceph-rhel9-operator@sha256:d8fc74f4bb786e247250b0bbc103d3de3e6090531ca68fbdea4034926f78a760

s390x

odf4/cephcsi-rhel9@sha256:22d3683f9aeda98b9ffc78e56e4fda94c94f2b238fdbb4571544e1389c8c780c

odf4/mcg-core-rhel9@sha256:c8c4143f46151064487a1e412fe36686392e114e49fd1bb17f9c625fa4b97754

odf4/mcg-operator-bundle@sha256:7aeae4a434a1db77c1461d904227075a3d9174cea6ebcebcb2cd6d15c6ee36ce

odf4/mcg-rhel9-operator@sha256:51c3b61adbaa32a71ea88fe696d244cf7211d3f0f4338c04409cf034c0d3e648

odf4/ocs-client-console-rhel9@sha256:991cf5cf098a76ded35e375b0d6cb18e7031ccde28b15293c0d180d66161dee9

odf4/ocs-client-operator-bundle@sha256:86e618756adc5c11c7d6c93ac4ef98254573f33974bd40bd9437047bdaaab064

odf4/ocs-client-rhel9-operator@sha256:4119ffdae2af4343e69647c8832ad7059f050f25586ebbaf9f4f117c711e32a4

odf4/ocs-metrics-exporter-rhel9@sha256:5a5a0aaba3369479e18693adf7cc7acb1cbb65c6dc170db882ea244aa33ed52f

odf4/ocs-operator-bundle@sha256:30acb6b8840fd5e433441507c00d215a9d6ed2f02a39b0891392fb9eefe375bf

odf4/ocs-rhel9-operator@sha256:2f946ab9bfbc108a3211f03d0779a37534d282ce280732e884a33230a910f1c7

odf4/odf-cli-rhel9@sha256:59f64f89532b858cd92a6bf7ab85a960afcbf6ad3b5d7914d14498b05414f58d

odf4/odf-console-rhel9@sha256:9f74cbf964d3b30b70a84c17fbc0a90f8a897bcf6edfa16f9628a68c2302ee4a

odf4/odf-cosi-sidecar-rhel9@sha256:b71fe1ca49135313acd474aa08fabe8f8ca06e21179c4d28c73f198788fa8f73

odf4/odf-csi-addons-operator-bundle@sha256:14a4d0b508924107d9a0032953beab7d852f39f2e8519a6c7b44c8c5b1b12402

odf4/odf-csi-addons-rhel9-operator@sha256:e5cd342bed146c8b08d20da7447274f9ba73e1b045177750b6246ad808eb4d32

odf4/odf-csi-addons-sidecar-rhel9@sha256:f30fa2308b93c0b15bbb0ddffe4947ec13a7166b16f8588a9a0f21d3655fd992

odf4/odf-multicluster-console-rhel9@sha256:4d6bf475732731602198de12f9280baeea1dd8c413187d89faa69bdc0b625fd1

odf4/odf-multicluster-operator-bundle@sha256:1f69a5e3db2bece304ad0ec30b4e322fe6fb00f014e209269f21a6f5ee9fd5bd

odf4/odf-multicluster-rhel9-operator@sha256:27bf98ba209ef8c833906802210105bf4968d2f51f19ebe218237fdf0e693a1b

odf4/odf-must-gather-rhel9@sha256:991d0c0f35abf8cd54f89639f0328f12eb2caaa94c7df7ebe099ea53ef4e983a

odf4/odf-operator-bundle@sha256:b8829d392cf76da0b89a21d2d7b11c10be5f8e44f4d8a01c4fc35fd5b2f48ad3

odf4/odf-rhel9-operator@sha256:72c8a1d9078ef76c43a86ce8f5d5507a7f123a0718b34f2a0dd2baf515320fcb

odf4/odr-cluster-operator-bundle@sha256:8ac95c2369b8b914d4782819f38b02c651a678727a000405f3923e03f4552b6c

odf4/odr-hub-operator-bundle@sha256:efafbcd837deb9d0e61699380fa3cc7f2089ea32498d2197ffe6facf9f2b67f2

odf4/odr-rhel9-operator@sha256:154a478191dd82e195c6bf68659ebeb54675d8d89e6e0d1ae920d45c00cba38d

odf4/rook-ceph-rhel9-operator@sha256:815f8ddedee55c58af96f936ebbe4d252de77e73df19c9784db14280ffce748b

x86_64

odf4/cephcsi-rhel9@sha256:3c7347793cd8cd257f502c773f9160c9a0206b22b02cf6b38fcda0957df71195

odf4/mcg-core-rhel9@sha256:4bba4ccd15bcac9199e2dd8e303392b4fd0996a4d6b985b542a50e7d6b2969f7

odf4/mcg-operator-bundle@sha256:d5bc11198e1534cbd9ceab7ede95208541199dafa509aceea57ceec565be4263

odf4/mcg-rhel9-operator@sha256:542533139948377f7f070eefb62c1fe385a86b754f506308535790787cf1d279

odf4/ocs-client-console-rhel9@sha256:1882fa5ee99205e6adccf2bb748a8f7556ce24bb0984945ff873ffa28bb8e6cc

odf4/ocs-client-operator-bundle@sha256:88ec58a7da882000b8e6588043889cc04f12cb2ddc22de9ad56beba038265446

odf4/ocs-client-rhel9-operator@sha256:8a2815f90acc846be5cb989be5fac10125d820a927d21c8a26e0982d728bbe24

odf4/ocs-metrics-exporter-rhel9@sha256:e1544c0104c8383b15bf274d5d308bb8b26cf3f7bab693a729f005697852276f

odf4/ocs-operator-bundle@sha256:b8d583770812c2ffc6f35308e5318ef1e6b1691c02063a862fdd1f6d24ed848f

odf4/ocs-rhel9-operator@sha256:f4bf09263bebbb3fa4848e644d677ad554a62108cd13795336b45824b6465cdb

odf4/odf-cli-rhel9@sha256:ff7bafa9dec6e3cf0298dac277c823a89daa123a6fbf2c1a000c37692f9c9427

odf4/odf-console-rhel9@sha256:6bd03505d295a773007151ab44733030d9b571f3370f4da8888f2bc746cd0622

odf4/odf-cosi-sidecar-rhel9@sha256:315f9b3e5e98689a24da2e1ba8a95c24bbdf8b982288204a2ca0192a66e62194

odf4/odf-csi-addons-operator-bundle@sha256:40e7d25cb4a037e7e857ab8dd6b1bdb70d55166b6bdf4e541258d0acacf03923

odf4/odf-csi-addons-rhel9-operator@sha256:250a4f15ad6909c146182c17a56428d1872ce1e36c5d253e6e7e2dde691a46c6

odf4/odf-csi-addons-sidecar-rhel9@sha256:476ae2f48160c9cd9aa87f994b27e248aeb75b9ae73cfa878ff33ea92d943e64

odf4/odf-multicluster-console-rhel9@sha256:4839a33ec8498639110f48ee610b969d394689d711ff97bb94ec647e15122d1b

odf4/odf-multicluster-operator-bundle@sha256:fa3423cfdad00daadbd747be24a08da30b258abaffded92cb6707f1a547a01bf

odf4/odf-multicluster-rhel9-operator@sha256:7e962c217a8aeaf7b376f5bd566a1ed039233989b17575d8017a62437433db32

odf4/odf-must-gather-rhel9@sha256:73f3fc4c68057dc1adcd39409dc8599248fc36e3e8f6fc77008a4474eba08d06

odf4/odf-operator-bundle@sha256:1b9fd8d25a9243cd891435c785809492eb8288b889c96508826e0a2718d3f610

odf4/odf-rhel9-operator@sha256:73ee58162ccee1512d1603a1cb1c0833694d5a8e2441062c51bc9ddc4350c2df

odf4/odr-cluster-operator-bundle@sha256:b6c9efe26ffe767e4f593cb0529d75ae53dde35748e90874e285b426702bb6ea

odf4/odr-hub-operator-bundle@sha256:36a9de5adc07365f5493bd5d97582b42f2c4f03e2aa7931247c69c1a9b7184f3

odf4/odr-rhel9-operator@sha256:ceeea4fa800c67831ad2fc928cc1b1d1c217013012e1b74109fb76e63e2c72f8

odf4/rook-ceph-rhel9-operator@sha256:1900ab3d607d94f33ba79546772a3cda4c23c6a8a985fe88b5131a9b56656621

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation