Issued:: 2025-06-24
Updated:: 2025-06-24

RHSA-2025:9506 - Red Hat OpenShift GitOps security update

Synopsis

Red Hat OpenShift GitOps security update

Type/Severity

Security Advisory Moderate

Topic

Red Hat OpenShift GitOps v1.16.2 release

Description

An update is now available for Red Hat OpenShift GitOps. Security Fix(es):

openshift-gitops-operator-container: Namespace Isolation Break gitops-1.16 Bug Fix(es):
Gitops operator is not accepting regular expression in sourceNamespaces - Application in non-controlplane namespaces (GITOPS-6675)
gitops-plugin Pods should comply with the Pod Security restricted policy (GITOPS-6777)
Missing ArgoCD commit ID in UI (GITOPS-6896)

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258

Affected Products

Product	Version	Arch
Red Hat OpenShift GitOps	1.16	x86_64

Fixes

(none)

CVEs

(none)

References

https://access.redhat.com/security/cve/CVE-2024-13484

Additional information

The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.