- Issued:
- 2024-12-02
- Updated:
- 2024-12-02
RHSA-2024:10665 - Low: ACS 4.4 enhancement and security update
Synopsis
Low: ACS 4.4 enhancement and security update
Type/Severity
Security Advisory Low
Topic
Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes a security fix.
Description
This release of ACS 4.4.7 provides the following security fix:
- cross-spawn: Regular expression denial of service (CVE-2024-21538)
Solution
If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.7.
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Advanced Cluster Security for Kubernetes | 4 | x86_64 |
| Red Hat Advanced Cluster Security for Kubernetes for IBM Z and LinuxONE | 4 | s390x |
| Red Hat Advanced Cluster Security for Kubernetes for IBM Power, little endian | 4 | ppc64le |
Fixes
CVEs
References
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.