Issued:
2024-12-04
Updated:
2024-12-04

RHSA-2024:10775 - Moderate: ACS 4.6 enhancement and security update

Synopsis

Moderate: ACS 4.6 enhancement and security update

Type/Severity

Security Advisory Moderate

Topic

Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes new features and bug fixes.

Description

This release of RHACS 4.6 provides these new features:

  • Support for ARM architecture in secured clusters (Technology Preview)

  • Certifications for Red Hat Advanced Cluster Security Cloud Service

  • Compliance reporting (Technology Preview)

  • API documentation available publicly

  • Visualizing external entities in the network graph (Technology Preview)

  • Microsoft Sentinel notifier

  • Support for backups using non-AWS S3 compatible providers

  • Support for policy as code (Technology Preview)

  • Scanner V4 use of CSAF-VEX for vulnerability data

  • Scanner V4 support for RHCOS (Technology Preview)

  • Vulnerability Management page updates

It includes fixes for the following security issues:

  • micromatch: vulnerable to Regular Expression Denial of Service (CVE-2024-4067).
  • golang: archive/zip: Incorrect handling of certain ZIP files (CVE-2024-24789).
  • golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790).
  • nodejs-async: Regular expression denial of service while parsing function in autoinject (CVE-2024-39249).

For more information, see the release note link in "References."

Solution

If you are using an earlier version of RHACS, you are advised to upgrade to release 4.6.

Affected Products

ProductVersionArch
Red Hat Advanced Cluster Security for Kubernetes4x86_64
Red Hat Advanced Cluster Security for Kubernetes for IBM Z and LinuxONE4s390x
Red Hat Advanced Cluster Security for Kubernetes for IBM Power, little endian4ppc64le
Red Hat Advanced Cluster Security for Kubernetes for ARM4aarch64

Fixes

CVEs

References

Additional information