Issued:: 2024-07-18
Updated:: 2024-07-18

RHSA-2024:4631 - Important: Red Hat OpenShift Dev Spaces 3.15.0 release

Synopsis

Important: Red Hat OpenShift Dev Spaces 3.15.0 release

Type/Severity

Security Advisory Important

Topic

Red Hat OpenShift Dev Spaces 3.15 has been released.

All containers have been updated to include feature enhancements, bug fixes and CVE fixes.

Following the Red Hat Product Security standards this update is rated as having a security impact of Important. The Common Vulnerability Scoring System (CVSS) base score is available for every fixed CVE in the references section.

Description

Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.

The 3.15 release is based on Eclipse Che 7.88 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.

Users still using the v1 standard should migrate as soon as possible.

Content from devfile.io is not included.https://devfile.io/docs/2.2.0/migrating-to-devfile-v2

Dev Spaces releases support the latest two OpenShift 4 EUS releases. Users are expected to update to newer OpenShift releases in order to continue to get Dev Spaces updates.

https://access.redhat.com/support/policy/updates/openshift#crw

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

Product	Version	Arch
Red Hat OpenShift Dev Spaces	3	x86_64

Fixes

This content is not included.CRW-6593

CVEs

CVE-2020-26555
CVE-2021-35937
CVE-2021-35938
CVE-2021-35939
CVE-2021-46848
CVE-2021-46909
CVE-2021-46972
CVE-2021-47069
CVE-2021-47073
CVE-2021-47236
CVE-2021-47310
CVE-2021-47311
CVE-2021-47353
CVE-2021-47356
CVE-2021-47456
CVE-2021-47495
CVE-2022-1271
CVE-2022-1304
CVE-2022-2509
CVE-2022-3064
CVE-2022-3715
CVE-2022-21698
CVE-2022-27404
CVE-2022-27405
CVE-2022-27406
CVE-2022-28805
CVE-2022-28948
CVE-2022-34903
CVE-2022-36227
CVE-2022-46175
CVE-2022-47629
CVE-2022-48303
CVE-2022-48337
CVE-2022-48338
CVE-2022-48339
CVE-2022-48624
CVE-2023-2491
CVE-2023-2602
CVE-2023-2603
CVE-2023-2953
CVE-2023-3138
CVE-2023-5090
CVE-2023-5363
CVE-2023-6135
CVE-2023-6378
CVE-2023-7104
CVE-2023-27043
CVE-2023-29491
CVE-2023-31486
CVE-2023-32360
CVE-2023-34969
CVE-2023-39325
CVE-2023-41080
CVE-2023-44487
CVE-2023-45288
CVE-2023-45648
CVE-2023-48795
CVE-2023-52425
CVE-2023-52464
CVE-2023-52560
CVE-2023-52615
CVE-2023-52626
CVE-2023-52667
CVE-2023-52669
CVE-2023-52675
CVE-2023-52686
CVE-2023-52700
CVE-2023-52703
CVE-2023-52781
CVE-2023-52813
CVE-2023-52835
CVE-2023-52877
CVE-2023-52878
CVE-2023-52881
CVE-2024-2398
CVE-2024-2961
CVE-2024-3651
CVE-2024-6387
CVE-2024-21011
CVE-2024-21012
CVE-2024-21068
CVE-2024-21085
CVE-2024-21094
CVE-2024-24806
CVE-2024-25062
CVE-2024-26583
CVE-2024-26584
CVE-2024-26585
CVE-2024-26656
CVE-2024-26675
CVE-2024-26735
CVE-2024-26759
CVE-2024-26801
CVE-2024-26804
CVE-2024-26826
CVE-2024-26859
CVE-2024-26906
CVE-2024-26907
CVE-2024-26974
CVE-2024-26982
CVE-2024-27397
CVE-2024-27410
CVE-2024-28182
CVE-2024-28757
CVE-2024-28834
CVE-2024-28835
CVE-2024-30105
CVE-2024-32002
CVE-2024-32004
CVE-2024-32020
CVE-2024-32021
CVE-2024-32465
CVE-2024-32487
CVE-2024-33599
CVE-2024-33600
CVE-2024-33601
CVE-2024-33602
CVE-2024-35235
CVE-2024-35264
CVE-2024-35789
CVE-2024-35835
CVE-2024-35838
CVE-2024-35845
CVE-2024-35852
CVE-2024-35853
CVE-2024-35854
CVE-2024-35855
CVE-2024-35888
CVE-2024-35890
CVE-2024-35958
CVE-2024-35959
CVE-2024-35960
CVE-2024-36004
CVE-2024-36007
CVE-2024-38095

References

Additional information

The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.