Issued:
2025-07-23
Updated:
2025-07-23

RHSA-2025:11636 - Moderate: Red Hat Single Sign-On 7.6.12 for OpenShift image security update

Synopsis

Moderate: Red Hat Single Sign-On 7.6.12 for OpenShift image security update

Type/Severity

Security Advisory Moderate

Topic

A new image is available for Red Hat Single Sign-On 7.6.12, running on OpenShift Container Platform 3.10 and 3.11, and 4.3.

Description

Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services.

This erratum releases a new image for Red Hat Single Sign-On 7.6.12 for use within the OpenShift Container Platform 3.10, OpenShift Container Platform 3.11, and within the OpenShift Container Platform 4.3 cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments, aligning with the standalone product release. This security update has moderate impact.

Security fixes:

  • org.wildfly.core/wildfly-core-management-client: Wildfly vulnerable to Cross-Site Scripting (XSS) (CVE-2024-10234)

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

ProductVersionArch
Red Hat OpenShift Container Platform4.12x86_64
Red Hat OpenShift Container Platform4.11x86_64
Red Hat OpenShift Container Platform for Power4.9ppc64le
Red Hat OpenShift Container Platform for Power4.10ppc64le
Red Hat OpenShift Container Platform for IBM Z and LinuxONE4.9s390x
Red Hat OpenShift Container Platform for IBM Z and LinuxONE4.10s390x

Fixes

CVEs

References

Additional information