Issued:: 2025-09-04
Updated:: 2025-09-04

RHSA-2025:15389 - Red Hat OpenShift GitOps security update

Synopsis

Red Hat OpenShift GitOps security update

Type/Severity

Security Advisory Important

Topic

Red Hat OpenShift GitOps v1.17.1 release

Description

An update is now available for Red Hat OpenShift GitOps.

Security Fix(es): * openshift-gitops-1/argocd-rhel8: Project API Token Exposes Repository Credentials gitops-1.17 * openshift-gitops-1/argocd-rhel9: Project API Token Exposes Repository Credentials gitops-1.17 * openshift-gitops-1/gitops-operator-bundle: Project API Token Exposes Repository Credentials gitops-1.17 * openshift-gitops-1/gitops-rhel8-operator: Project API Token Exposes Repository Credentials gitops-1.17

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258

Affected Products

Product	Version	Arch
Red Hat OpenShift GitOps	1.17	x86_64

Fixes

(none)

CVEs

(none)

References

https://access.redhat.com/security/cve/CVE-2025-55190

Additional information

The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.