diff --git a/datastore/postgres/migrations/matcher/14-delete-rhcc-vulns.sql b/datastore/postgres/migrations/matcher/14-delete-rhcc-vulns.sql new file mode 100644 index 000000000..45e9af10d --- /dev/null +++ b/datastore/postgres/migrations/matcher/14-delete-rhcc-vulns.sql @@ -0,0 +1,4 @@ +-- The rhel-vex updater will now be responsible for RHCC advisories so we have +-- to delete the existing RHCC vulnerabilities. +DELETE FROM update_operation WHERE updater = 'rhel-container-updater'; +DELETE FROM vuln where updater = 'rhel-container-updater'; diff --git a/datastore/postgres/migrations/migrations.go b/datastore/postgres/migrations/migrations.go index 3b7e1e02e..9dbe7c72e 100644 --- a/datastore/postgres/migrations/migrations.go +++ b/datastore/postgres/migrations/migrations.go @@ -112,4 +112,8 @@ var MatcherMigrations = []migrate.Migration{ ID: 13, Up: runFile("matcher/13-delete-rhel-oval.sql"), }, + { + ID: 14, + Up: runFile("matcher/14-delete-rhcc-vulns.sql"), + }, } diff --git a/pkg/rhctag/version_test.go b/pkg/rhctag/version_test.go index 4fdf5ed78..37ae846c1 100644 --- a/pkg/rhctag/version_test.go +++ b/pkg/rhctag/version_test.go @@ -172,3 +172,54 @@ func TestOrdering(t *testing.T) { t.Run(tc.Name, tc.Run) } } + +type renderTestcase struct { + name string + versionIn string + min bool + expectedVersionString string +} + +func (tc renderTestcase) Run(t *testing.T) { + v, err := Parse(tc.versionIn) + if err != nil { + t.Fatal(err) + } + ccVer := v.Version(tc.min) + rv := &ccVer + if rv.String() != tc.expectedVersionString { + t.Errorf("unexpected version %s but expected %s", rv.String(), tc.expectedVersionString) + } +} + +func TestRendering(t *testing.T) { + testcases := []renderTestcase{ + { + name: "no_min", + min: false, + versionIn: "1.9.0-9", + expectedVersionString: "1!9.2147483647", + }, + { + name: "with_min", + min: true, + versionIn: "1.9.0-9", + expectedVersionString: "1!9", + }, + { + name: "with_v", + min: true, + versionIn: "v3.4.0-2", + expectedVersionString: "3!4", + }, + { + name: "check_minor", + min: true, + versionIn: "v3.5.7-8", + expectedVersionString: "3!5", + }, + } + for _, tc := range testcases { + t.Run(tc.name, tc.Run) + } +} diff --git a/rhel/rhcc/coalescer_test.go b/rhel/rhcc/coalescer_test.go index bc5ce91c9..21c2cbe7a 100644 --- a/rhel/rhcc/coalescer_test.go +++ b/rhel/rhcc/coalescer_test.go @@ -21,7 +21,7 @@ func TestCoalescer(t *testing.T) { // Mark them as if they came from this package's package scanner p.RepositoryHint = `rhcc` } - repo := []*claircore.Repository{&goldRepo} + repo := []*claircore.Repository{&GoldRepo} layerArtifacts := []*indexer.LayerArtifacts{ { Hash: test.RandomSHA256Digest(t), @@ -67,7 +67,7 @@ func TestCoalescer(t *testing.T) { } for _, id := range e.RepositoryIDs { r := ir.Repositories[id] - if got, want := r.Name, goldRepo.Name; got != want { + if got, want := r.Name, GoldRepo.Name; got != want { t.Errorf("got: %q, want: %q", got, want) } } diff --git a/rhel/rhcc/fetcher_test.go b/rhel/rhcc/fetcher_test.go deleted file mode 100644 index fc7f1bf8c..000000000 --- a/rhel/rhcc/fetcher_test.go +++ /dev/null @@ -1,51 +0,0 @@ -package rhcc - -import ( - "context" - "fmt" - "net/http" - "net/http/httptest" - "os" - "testing" - - "github.com/quay/zlog" - - "github.com/quay/claircore/libvuln/driver" -) - -func TestFetcher(t *testing.T) { - t.Parallel() - const serveFile = "testdata/cve-2021-3762.xml" - ctx := zlog.Test(context.Background(), t) - - fi, err := os.Stat(serveFile) - if err != nil { - t.Fatal(err) - } - tag := fmt.Sprintf(`"%d"`, fi.ModTime().UnixNano()) - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.Header.Get("if-none-match") == tag { - w.WriteHeader(http.StatusNotModified) - return - } - w.Header().Set("etag", tag) - http.ServeFile(w, r, serveFile) - })) - defer srv.Close() - - u := &updater{ - url: srv.URL, - client: srv.Client(), - } - rd, hint, err := u.Fetch(ctx, "") - if err != nil { - t.Error(err) - } - if rd != nil { - rd.Close() - } - _, _, err = u.Fetch(ctx, driver.Fingerprint(hint)) - if got, want := err, driver.Unchanged; got != want { - t.Errorf("got: %v, want: %v", got, want) - } -} diff --git a/rhel/rhcc/matcher.go b/rhel/rhcc/matcher.go index dd761ec0c..054859c2c 100644 --- a/rhel/rhcc/matcher.go +++ b/rhel/rhcc/matcher.go @@ -26,7 +26,7 @@ func (*matcher) Name() string { return "rhel-container-matcher" } // Filter implements [driver.Matcher]. func (*matcher) Filter(r *claircore.IndexRecord) bool { return r.Repository != nil && - r.Repository.Name == goldRepo.Name + r.Repository.Name == GoldRepo.Name } // Query implements [driver.Matcher]. diff --git a/rhel/rhcc/parser_test.go b/rhel/rhcc/parser_test.go deleted file mode 100644 index eab81c2b4..000000000 --- a/rhel/rhcc/parser_test.go +++ /dev/null @@ -1,274 +0,0 @@ -package rhcc - -import ( - "context" - "math" - "os" - "sort" - "testing" - "time" - - "github.com/google/go-cmp/cmp" - "github.com/quay/zlog" - - "github.com/quay/claircore" - "github.com/quay/claircore/toolkit/types/cpe" -) - -func TestDB(t *testing.T) { - t.Parallel() - cve20213762issued, _ := time.Parse(time.RFC3339, "2021-09-28T00:00:00Z") - - date_2021_12_14, _ := time.Parse(time.RFC3339, "2021-12-14T00:00:00Z") - date_2021_12_16, _ := time.Parse(time.RFC3339, "2021-12-16T00:00:00Z") - date_2021_05_19, _ := time.Parse(time.RFC3339, "2021-05-19T00:00:00Z") - date_2021_08_03, _ := time.Parse(time.RFC3339, "2021-08-03T00:00:00Z") - - tt := []dbTestcase{ - { - Name: "Clair", - File: "testdata/cve-2021-3762.xml", - Want: []*claircore.Vulnerability{ - { - Name: "RHSA-2021:3665", - Description: "A directory traversal vulnerability was found in the ClairCore engine of Clair. An attacker can exploit this by supplying a crafted container image which, when scanned by Clair, allows for arbitrary file write on the filesystem, potentially allowing for remote code execution.", - Package: &claircore.Package{Name: "quay/clair-rhel8", Kind: claircore.BINARY}, - Updater: "rhel-container-updater", - Issued: cve20213762issued, - Severity: "Important", - Links: "https://access.redhat.com/errata/RHSA-2021:3665 https://access.redhat.com/security/cve/CVE-2021-3762", - NormalizedSeverity: claircore.High, - FixedInVersion: "v3.5.7-8", - Repo: &goldRepo, - Range: &claircore.Range{ - Lower: claircore.Version{ - Kind: "rhctag", - V: [10]int32{}, - }, - Upper: claircore.Version{ - Kind: "rhctag", - V: [10]int32{ - 3, - 5, - math.MaxInt32, - }, - }, - }, - }, - }, - }, - { - Name: "Hive", - File: "testdata/cve-2021-44228-ose-metering-hive.xml", - Want: []*claircore.Vulnerability{ - { - Name: "RHSA-2021:5106", - Description: "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.", - Package: &claircore.Package{Name: "openshift4/ose-metering-hive", Kind: claircore.BINARY}, - Updater: "rhel-container-updater", - Issued: date_2021_12_16, - Severity: "Moderate", - Links: "https://access.redhat.com/errata/RHSA-2021:5106 https://access.redhat.com/security/cve/CVE-2021-44228", - NormalizedSeverity: claircore.Medium, - Range: &claircore.Range{ - Lower: claircore.Version{ - Kind: "rhctag", - V: [10]int32{}, - }, - Upper: claircore.Version{ - Kind: "rhctag", - V: [10]int32{4, 6, math.MaxInt32}, - }, - }, - FixedInVersion: "v4.6.0-202112140546.p0.g8b9da97.assembly.stream", - Repo: &goldRepo, - }, - { - Name: "RHSA-2021:5107", - Description: "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.", - Package: &claircore.Package{Name: "openshift4/ose-metering-hive", Kind: claircore.BINARY}, - Updater: "rhel-container-updater", - Issued: date_2021_12_16, - Severity: "Critical", - Links: "https://access.redhat.com/errata/RHSA-2021:5107 https://access.redhat.com/security/cve/CVE-2021-44228", - NormalizedSeverity: claircore.Critical, - Range: &claircore.Range{ - Lower: claircore.Version{ - Kind: "rhctag", - V: [10]int32{4, 7}, - }, - Upper: claircore.Version{ - Kind: "rhctag", - V: [10]int32{4, 7, math.MaxInt32}, - }, - }, - FixedInVersion: "v4.7.0-202112140553.p0.g091bb99.assembly.stream", - Repo: &goldRepo, - }, - { - Name: "RHSA-2021:5108", - Description: "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.", - Package: &claircore.Package{Name: "openshift4/ose-metering-hive", Kind: claircore.BINARY}, - Updater: "rhel-container-updater", - Issued: date_2021_12_14, - Severity: "Critical", - Links: "https://access.redhat.com/errata/RHSA-2021:5108 https://access.redhat.com/security/cve/CVE-2021-44228", - NormalizedSeverity: claircore.Critical, - Range: &claircore.Range{ - Lower: claircore.Version{ - Kind: "rhctag", - V: [10]int32{4, 8}, - }, - Upper: claircore.Version{ - Kind: "rhctag", - V: [10]int32{4, 8, math.MaxInt32}, - }, - }, - FixedInVersion: "v4.8.0-202112132154.p0.g57dd03a.assembly.stream", - Repo: &goldRepo, - }, - }, - }, - { - Name: "Logging", - File: "testdata/cve-2021-44228-openshift-logging.xml", - Want: []*claircore.Vulnerability{ - { - Name: "RHSA-2021:5129", - Description: "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.", - Package: &claircore.Package{Name: "openshift-logging/elasticsearch6-rhel8", Kind: claircore.BINARY}, - Updater: "rhel-container-updater", - Issued: date_2021_12_14, - Severity: "Critical", - NormalizedSeverity: claircore.Critical, - Links: "https://access.redhat.com/errata/RHSA-2021:5129 https://access.redhat.com/security/cve/CVE-2021-44228", - Range: &claircore.Range{ - Lower: claircore.Version{ - Kind: "rhctag", - V: [10]int32{6, 8}, - }, - Upper: claircore.Version{ - Kind: "rhctag", - V: [10]int32{6, 8, math.MaxInt32}, - }, - }, - FixedInVersion: "v6.8.1-65", - Repo: &goldRepo, - }, - { - Name: "RHSA-2021:5137", - Description: "A flaw was found in the Apache Log4j logging library in versions from 2.0.0 and before 2.15.0. A remote attacker who can control log messages or log message parameters, can execute arbitrary code on the server via JNDI LDAP endpoint.", - Package: &claircore.Package{Name: "openshift-logging/elasticsearch6-rhel8", Kind: claircore.BINARY}, - Updater: "rhel-container-updater", - Issued: date_2021_12_14, - Severity: "Moderate", - Links: "https://access.redhat.com/errata/RHSA-2021:5137 https://access.redhat.com/security/cve/CVE-2021-44228", - NormalizedSeverity: claircore.Medium, - Range: &claircore.Range{ - Lower: claircore.Version{ - Kind: "rhctag", - V: [10]int32{}, - }, - Upper: claircore.Version{ - Kind: "rhctag", - V: [10]int32{5, 0, math.MaxInt32}, - }, - }, - FixedInVersion: "v5.0.10-1", - Repo: &goldRepo, - }, - }, - }, - { - Name: "Kubernetes", - File: "testdata/cve-2020-8565.xml", - Want: []*claircore.Vulnerability{ - { - Name: "RHBA-2021:3003", - Description: "A flaw was found in kubernetes. In Kubernetes, if the logging level is to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like `kubectl`. Previously, CVE-2019-11250 was assigned for the same issue for logging levels of at least 4.", - Package: &claircore.Package{Name: "ocs4/rook-ceph-rhel8-operator", Kind: claircore.BINARY}, - Updater: "rhel-container-updater", - Issued: date_2021_08_03, - Severity: "Moderate", - NormalizedSeverity: claircore.Medium, - Links: "https://access.redhat.com/errata/RHBA-2021:3003 https://access.redhat.com/security/cve/CVE-2020-8565", - Range: &claircore.Range{ - Lower: claircore.Version{ - Kind: "rhctag", - V: [10]int32{4, 8}, - }, - Upper: claircore.Version{ - Kind: "rhctag", - V: [10]int32{4, 8, math.MaxInt32}, - }, - }, - FixedInVersion: "4.8-167.9a9db5f.release_4.8", - Repo: &goldRepo, - }, - { - Name: "RHSA-2021:2041", - Description: "A flaw was found in kubernetes. In Kubernetes, if the logging level is to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like `kubectl`. Previously, CVE-2019-11250 was assigned for the same issue for logging levels of at least 4.", - Package: &claircore.Package{Name: "ocs4/rook-ceph-rhel8-operator", Kind: claircore.BINARY}, - Updater: "rhel-container-updater", - Issued: date_2021_05_19, - Severity: "Moderate", - Links: "https://access.redhat.com/errata/RHSA-2021:2041 https://access.redhat.com/security/cve/CVE-2020-8565", - NormalizedSeverity: claircore.Medium, - Range: &claircore.Range{ - Lower: claircore.Version{ - Kind: "rhctag", - V: [10]int32{}, - }, - Upper: claircore.Version{ - Kind: "rhctag", - V: [10]int32{4, 7, math.MaxInt32}, - }, - }, - FixedInVersion: "4.7-140.49a6fcf.release_4.7", - Repo: &goldRepo, - }, - }, - }, - } - - for _, tc := range tt { - t.Run(tc.Name, tc.Run) - } -} - -type dbTestcase struct { - Name string - File string - Want []*claircore.Vulnerability -} - -func cpeUnbind(cpeValue string) cpe.WFN { - wfn, _ := cpe.Unbind(cpeValue) - return wfn -} - -func (tc dbTestcase) Run(t *testing.T) { - ctx := zlog.Test(context.Background(), t) - - f, err := os.Open(tc.File) - if err != nil { - t.Fatal(err) - } - defer f.Close() - - u := &updater{} - got, err := u.Parse(ctx, f) - if err != nil { - t.Fatal(err) - } - t.Logf("found %d vulnerabilities", len(got)) - if len(got) != len(tc.Want) { - t.Fatalf("got: %d vulnerabilities, want %d vulnerabilities", len(got), len(tc.Want)) - } - // Sort for the comparison, because the Vulnerabilities method can return - // the slice in any order. - sort.SliceStable(got, func(i, j int) bool { return got[i].Name < got[j].Name }) - if !cmp.Equal(tc.Want, got) { - t.Error(cmp.Diff(tc.Want, got)) - } -} diff --git a/rhel/rhcc/rhcc.go b/rhel/rhcc/rhcc.go index 4656a677b..ccc0ce9d4 100644 --- a/rhel/rhcc/rhcc.go +++ b/rhel/rhcc/rhcc.go @@ -5,111 +5,12 @@ package rhcc import ( - "encoding/xml" - "strings" - "time" - "github.com/quay/claircore" - "github.com/quay/claircore/pkg/rhctag" - "github.com/quay/claircore/toolkit/types/cpe" ) -var goldRepo = claircore.Repository{ +// GoldRepo is the claircore.Repository that every RHCC index record is associated with. +// It is also the claircore.Repository that is associated with OCI VEX vulnerabilities. +var GoldRepo = claircore.Repository{ Name: "Red Hat Container Catalog", URI: `https://catalog.redhat.com/software/containers/explore`, } - -type cveMap struct { - XMLName xml.Name `xml:"cvemap"` - RedHatVulnerabilities []redHatVulnerability `xml:"Vulnerability"` -} - -type redHatVulnerability struct { - XMLName xml.Name `xml:"Vulnerability"` - Name string `xml:"name,attr"` - ThreatSeverity string `xml:"ThreatSeverity"` - AffectedReleases []affectedRelease `xml:"AffectedRelease"` - Details []details `xml:"Details"` -} - -type affectedRelease struct { - XMLName xml.Name `xml:"AffectedRelease"` - Cpe string `xml:"cpe,attr"` - ReleaseDate customTime `xml:"ReleaseDate"` - Package string `xml:"Package"` - Impact string `xml:"impact,attr"` - Advisory advisory `xml:"Advisory"` -} - -type advisory struct { - XMLName xml.Name `xml:"Advisory"` - Text string `xml:",cdata"` - URL string `xml:"url,attr"` -} - -type details struct { - XMLName xml.Name `xml:"Details"` - Text string `xml:",cdata"` - Source string `xml:"source,attr"` -} - -type customTime struct { - time time.Time -} - -type consolidatedRelease struct { - Issued time.Time - FixedInVersions *rhctag.Versions - Severity string - AdvisoryLink string - AdvisoryName string - Cpe cpe.WFN -} - -func (c *customTime) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error { - const shortForm = "2006-01-02" - var v string - d.DecodeElement(&v, &start) - date := strings.Split(v, "T") - parse, err := time.Parse(shortForm, date[0]) - if err != nil { - return err - } - *c = customTime{parse} - return nil -} - -func parseContainerPackage(p string) (bool, string, string) { - parts := strings.Split(p, ":") - if len(parts) != 2 { - return false, "", "" - } - if !strings.ContainsAny(parts[0], "/") { - return false, "", "" - } - return true, parts[0], parts[1] -} - -// Prefer Red Hat descriptions over MITRE ones -func getDescription(ds []details) string { - rhDetailsIdx := -1 - mitreDetailsIdx := -1 - result := "" - for idx, d := range ds { - if d.Source == "Red Hat" { - rhDetailsIdx = idx - break - } else if d.Source == "Mitre" { - mitreDetailsIdx = idx - } - } - if rhDetailsIdx != -1 { - result = ds[rhDetailsIdx].Text - return strings.TrimSpace(result) - } - if mitreDetailsIdx != -1 { - result = ds[mitreDetailsIdx].Text - return strings.TrimSpace(result) - } - return strings.TrimSpace(result) -} diff --git a/rhel/rhcc/scanner.go b/rhel/rhcc/scanner.go index 93ded471a..e3d95d4fc 100644 --- a/rhel/rhcc/scanner.go +++ b/rhel/rhcc/scanner.go @@ -299,5 +299,5 @@ func (s *reposcanner) Scan(ctx context.Context, l *claircore.Layer) ([]*claircor } zlog.Debug(ctx). Msg("found buildinfo Dockerfile") - return []*claircore.Repository{&goldRepo}, nil + return []*claircore.Repository{&GoldRepo}, nil } diff --git a/rhel/rhcc/updater.go b/rhel/rhcc/updater.go deleted file mode 100644 index 7637ca06a..000000000 --- a/rhel/rhcc/updater.go +++ /dev/null @@ -1,304 +0,0 @@ -package rhcc - -import ( - "compress/bzip2" - "context" - "encoding/xml" - "fmt" - "io" - "net/http" - "sort" - - "github.com/quay/zlog" - "golang.org/x/text/cases" - "golang.org/x/text/language" - - "github.com/quay/claircore" - "github.com/quay/claircore/internal/xmlutil" - "github.com/quay/claircore/libvuln/driver" - "github.com/quay/claircore/pkg/rhctag" - "github.com/quay/claircore/pkg/tmp" - "github.com/quay/claircore/rhel/internal/common" - "github.com/quay/claircore/toolkit/types/cpe" -) - -//doc:url updater -const ( - dbURL = "https://security.access.redhat.com/data/metrics/cvemap.xml" - cveURL = "https://access.redhat.com/security/cve/" -) - -var ( - _ driver.Updater = (*updater)(nil) - _ driver.Configurable = (*updater)(nil) -) - -// updater fetches and parses cvemap.xml -type updater struct { - client *http.Client - url string - bzipped bool -} - -// UpdaterConfig is the configuration for the container catalog's updater. -// -// By convention, this is in a "rhel-container-updater" key. -type UpdaterConfig struct { - // URL is the URL to a "cvemap.xml" file. - // - // The Updater's configuration hook will check for a version with an - // additional ".bz2" extension. - URL string `json:"url" yaml:"url"` -} - -const updaterName = "rhel-container-updater" - -func (*updater) Name() string { - return updaterName -} - -// UpdaterSet returns the rhcc UpdaterSet. -func UpdaterSet(_ context.Context) (driver.UpdaterSet, error) { - us := driver.NewUpdaterSet() - if err := us.Add(&updater{}); err != nil { - return us, err - } - return us, nil -} - -// Configure implements [driver.Configurable]. -func (u *updater) Configure(ctx context.Context, f driver.ConfigUnmarshaler, c *http.Client) error { - u.url = dbURL - u.client = c - var cfg UpdaterConfig - if err := f(&cfg); err != nil { - return err - } - if cfg.URL != "" { - u.url = cfg.URL - } - - // This could check the reported content type perhaps, but just relying on - // the extension is quicker and we have inside information that it's - // correct. - tryURL := cfg.URL + ".bz2" - req, err := http.NewRequestWithContext(ctx, http.MethodHead, tryURL, nil) - if err != nil { - // WTF? - return err - } - res, err := u.client.Do(req) - if err == nil { // NB swapped conditional - res.Body.Close() - if res.StatusCode == http.StatusOK { - u.url = tryURL - u.bzipped = true - } - } - return nil -} - -// Fetch implements [driver.Updater]. -func (u *updater) Fetch(ctx context.Context, hint driver.Fingerprint) (io.ReadCloser, driver.Fingerprint, error) { - ctx = zlog.ContextWithValues(ctx, "component", "rhel/rhcc/Updater.Fetch") - - zlog.Info(ctx).Str("database", u.url).Msg("starting fetch") - req, err := http.NewRequestWithContext(ctx, http.MethodGet, u.url, nil) - if err != nil { - return nil, hint, fmt.Errorf("rhcc: unable to construct request: %w", err) - } - - if hint != "" { - zlog.Debug(ctx). - Str("hint", string(hint)). - Msg("using hint") - req.Header.Set("if-none-match", string(hint)) - } - - res, err := u.client.Do(req) - if err != nil { - return nil, hint, fmt.Errorf("rhcc: error making request: %w", err) - } - defer res.Body.Close() - - switch res.StatusCode { - case http.StatusOK: - if t := string(hint); t == "" || t != res.Header.Get("etag") { - break - } - fallthrough - case http.StatusNotModified: - zlog.Info(ctx).Msg("database unchanged since last fetch") - return nil, hint, driver.Unchanged - default: - return nil, hint, fmt.Errorf("rhcc: http response error: %s %d", res.Status, res.StatusCode) - } - zlog.Debug(ctx).Msg("successfully requested database") - - tf, err := tmp.NewFile("", updaterName+".") - if err != nil { - return nil, hint, fmt.Errorf("rhcc: unable to open tempfile: %w", err) - } - zlog.Debug(ctx). - Str("name", tf.Name()). - Msg("created tempfile") - var success bool - defer func() { - if !success { - if err := tf.Close(); err != nil { - zlog.Warn(ctx).Err(err).Msg("unable to close spool") - } - } - }() - - var r io.Reader = res.Body - if u.bzipped { - // No cleanup/pooling. - r = bzip2.NewReader(res.Body) - } - if _, err := io.Copy(tf, r); err != nil { - return nil, hint, fmt.Errorf("rhcc: unable to copy resp body to tempfile: %w", err) - } - if n, err := tf.Seek(0, io.SeekStart); err != nil || n != 0 { - return nil, hint, fmt.Errorf("rhcc: unable to seek database to start: %w", err) - } - zlog.Debug(ctx).Msg("decompressed and buffered database") - - success = true - hint = driver.Fingerprint(res.Header.Get("etag")) - zlog.Debug(ctx). - Str("hint", string(hint)). - Msg("using new hint") - - return tf, hint, nil -} - -// Parse implements [driver.Updater]. -func (u *updater) Parse(ctx context.Context, r io.ReadCloser) ([]*claircore.Vulnerability, error) { - ctx = zlog.ContextWithValues(ctx, "component", "rhel/rhcc/Updater.Parse") - zlog.Info(ctx).Msg("parse start") - defer r.Close() - defer zlog.Info(ctx).Msg("parse done") - - var cvemap cveMap - dec := xml.NewDecoder(r) - dec.CharsetReader = xmlutil.CharsetReader - if err := dec.Decode(&cvemap); err != nil { - return nil, fmt.Errorf("rhel: unable to decode cvemap: %w", err) - } - zlog.Debug(ctx).Msg("xml decoded") - - zlog.Debug(ctx). - Int("count", len(cvemap.RedHatVulnerabilities)).Msg("found raw entries") - - vs := []*claircore.Vulnerability{} - for _, vuln := range cvemap.RedHatVulnerabilities { - description := getDescription(vuln.Details) - versionsByContainer := make(map[string]map[rhctag.Version]*consolidatedRelease) - for _, release := range vuln.AffectedReleases { - match, packageName, version := parseContainerPackage(release.Package) - if !match { - continue - } - // parse version - v, err := rhctag.Parse(version) - if err != nil { - zlog.Debug(ctx). - Str("package", packageName). - Str("version", version). - Err(err). - Msgf("tag parse error") - continue - } - // parse severity - var severity string - if release.Impact != "" { - severity = release.Impact - } else { - severity = vuln.ThreatSeverity - } - titleCase := cases.Title(language.Und) - severity = titleCase.String(severity) - // parse cpe - cpe, err := cpe.Unbind(release.Cpe) - if err != nil { - zlog.Warn(ctx). - Err(err). - Str("cpe", release.Cpe). - Msg("could not unbind cpe") - continue - } - // collect minor keys - minorKey := v.MinorStart() - // initialize and update the minorKey to consolidated release map - if versionsByContainer[packageName] == nil { - versionsByContainer[packageName] = make(map[rhctag.Version]*consolidatedRelease) - } - versionsByContainer[packageName][minorKey] = &consolidatedRelease{ - Cpe: cpe, - Issued: release.ReleaseDate.time, - Severity: severity, - AdvisoryLink: release.Advisory.URL, - AdvisoryName: release.Advisory.Text, - } - // initialize and update the fixed in versions slice - if versionsByContainer[packageName][minorKey].FixedInVersions == nil { - vs := make(rhctag.Versions, 0) - versionsByContainer[packageName][minorKey].FixedInVersions = &vs - } - newVersions := versionsByContainer[packageName][minorKey].FixedInVersions.Append(v) - versionsByContainer[packageName][minorKey].FixedInVersions = &newVersions - } - - // Build the Vulnerability slice - for pkg, releasesByMinor := range versionsByContainer { - p := &claircore.Package{ - Name: pkg, - Kind: claircore.BINARY, - } - // sort minor keys - minorKeys := make(rhctag.Versions, 0) - for k := range releasesByMinor { - minorKeys = append(minorKeys, k) - } - sort.Sort(minorKeys) - // iterate minor key map in order - for idx, minor := range minorKeys { - // sort the fixed in versions - sort.Sort(releasesByMinor[minor].FixedInVersions) - // The first minor version range should match all previous versions - start := minor - if idx == 0 { - start = rhctag.Version{} - } - // For containers such as openshift-logging/elasticsearch6-rhel8 we need to match - // the first Fixed in Version here. - // Most of the time this will return the only Fixed In Version for minor version - firstPatch, _ := releasesByMinor[minor].FixedInVersions.First() - r := &claircore.Range{ - Lower: start.Version(true), - Upper: firstPatch.Version(false), - } - links := fmt.Sprintf("%s %s%s", releasesByMinor[minor].AdvisoryLink, cveURL, vuln.Name) - v := &claircore.Vulnerability{ - Updater: updaterName, - Name: releasesByMinor[minor].AdvisoryName, - Description: description, - Issued: releasesByMinor[minor].Issued, - Severity: releasesByMinor[minor].Severity, - NormalizedSeverity: common.NormalizeSeverity(releasesByMinor[minor].Severity), - Package: p, - Repo: &goldRepo, - Links: links, - FixedInVersion: firstPatch.Original, - Range: r, - } - vs = append(vs, v) - } - } - } - zlog.Debug(ctx). - Int("count", len(vs)). - Msg("found vulnerabilities") - return vs, nil -} diff --git a/rhel/vex/fetcher_test.go b/rhel/vex/fetcher_test.go index 8fd921c17..85021cf0f 100644 --- a/rhel/vex/fetcher_test.go +++ b/rhel/vex/fetcher_test.go @@ -4,87 +4,18 @@ import ( "bufio" "bytes" "context" - "io" - "net/http" - "net/http/httptest" - "net/textproto" - "os" - "path/filepath" "testing" "github.com/klauspost/compress/snappy" "github.com/quay/zlog" - "golang.org/x/tools/txtar" "github.com/quay/claircore/libvuln/driver" "github.com/quay/claircore/toolkit/types/csaf" ) -func parseFilenameHeaders(data []byte) (string, http.Header, error) { - pf, h, _ := bytes.Cut(data, []byte{' '}) - compressedFilepath := bytes.TrimSuffix(pf, []byte{'\n'}) - h = bytes.ReplaceAll(h, []byte(`\n`), []byte{'\n'}) - // Do headers - tp := textproto.NewReader(bufio.NewReader(bytes.NewReader(h))) - hdr, err := tp.ReadMIMEHeader() - if err != nil && err != io.EOF { - return "", nil, err - } - return string(compressedFilepath), http.Header(hdr), nil -} - -func serveSecDB(t *testing.T, txtarFile string) (string, *http.Client) { - mux := http.NewServeMux() - archive, err := txtar.ParseFile(txtarFile) - if err != nil { - t.Fatal(err) - } - relFilepath, headers, err := parseFilenameHeaders(archive.Comment) - if err != nil { - t.Fatal(err) - } - filename := filepath.Base(relFilepath) - mux.HandleFunc("/"+filename, func(w http.ResponseWriter, r *http.Request) { - for k, v := range headers { - w.Header().Set(k, v[0]) - } - switch r.Method { - case http.MethodHead: - case http.MethodGet: - f, err := os.Open("testdata/" + relFilepath) - if err != nil { - t.Fatal(err) - } - if _, err := io.Copy(w, f); err != nil { - t.Fatal(err) - } - } - }) - for _, f := range archive.Files { - urlPath, headers, err := parseFilenameHeaders([]byte(f.Name)) - if err != nil { - t.Fatal(err) - } - fi := f - mux.HandleFunc(urlPath, func(w http.ResponseWriter, _ *http.Request) { - for k, v := range headers { - w.Header().Set(k, v[0]) - } - _, err := w.Write(bytes.TrimSuffix(fi.Data, []byte{'\n'})) - if err != nil { - t.Fatal(err) - } - }) - } - - srv := httptest.NewServer(mux) - t.Cleanup(srv.Close) - return srv.URL, srv.Client() -} - func TestFactory(t *testing.T) { ctx := zlog.Test(context.Background(), t) - root, c := serveSecDB(t, "testdata/server.txt") + root, c := ServeSecDB(t, "testdata/server.txtar") fac := &Factory{} err := fac.Configure(ctx, func(v interface{}) error { cf := v.(*FactoryConfig) diff --git a/rhel/vex/parser.go b/rhel/vex/parser.go index 8667f73fe..7dd8e27f7 100644 --- a/rhel/vex/parser.go +++ b/rhel/vex/parser.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "io" + "math" "strings" "github.com/klauspost/compress/snappy" @@ -14,7 +15,9 @@ import ( "github.com/quay/zlog" "github.com/quay/claircore" + "github.com/quay/claircore/pkg/rhctag" "github.com/quay/claircore/rhel/internal/common" + "github.com/quay/claircore/rhel/rhcc" "github.com/quay/claircore/toolkit/types/cpe" "github.com/quay/claircore/toolkit/types/csaf" "github.com/quay/claircore/toolkit/types/cvss" @@ -237,6 +240,7 @@ func extractProductNames(prodRef, relatesToProdRef string, comps []string, c *cs // KnownAffectedVulnerabilities processes the "known_affected" array of products // in the VEX object. func (c *creator) knownAffectedVulnerabilities(ctx context.Context, v csaf.Vulnerability, protoVulnFunc func() *claircore.Vulnerability) ([]*claircore.Vulnerability, error) { + ranger := newRanger() unrelatedProductIDs := []string{} debugEnabled := zlog.Debug(ctx).Enabled() out := []*claircore.Vulnerability{} @@ -292,28 +296,52 @@ func (c *creator) knownAffectedVulnerabilities(ctx context.Context, v csaf.Vulne Msg("could not find package in product tree") continue } + vuln := protoVulnFunc() + + ch := escapeCPE(cpeHelper) + wfn, err := cpe.Unbind(ch) + if err != nil { + return nil, fmt.Errorf("could not unbind cpe: %s %w", ch, err) + } + vuln.Repo = c.rc.Get(wfn) // It is possible that we will not find a pURL, in that case // the package.Name will be reported as-is. purlHelper, ok := compProd.IdentificationHelper["purl"] if ok { purl, err := packageurl.FromString(purlHelper) - switch { - case err != nil: + if err != nil { zlog.Warn(ctx). - Str("purl", purlHelper). + Str("purlHelper", purlHelper). Err(err). Msg("could not parse PURL") - default: - pkgName = purl.Name + continue } - if purl.Type != packageurl.TypeRPM || purl.Namespace != "redhat" { - // Just ingest advisories that are Red Hat RPMs, this will - // probably change down the line when we consolidate updaters. + if !checkPURL(purl) { continue } + if pn, err := extractPackageName(purl); err != nil { + zlog.Warn(ctx). + Str("purl", purl.String()). + Err(err). + Msg("could not extract package name from pURL") + } else { + pkgName = pn + } + + if purl.Type == packageurl.TypeOCI { + // Override repo if we're dealing with a container image + vuln.Repo = &rhcc.GoldRepo + vuln.Range, err = ranger.add(pkgName, vuln.FixedInVersion) + if err != nil { + zlog.Warn(ctx). + Str("FixedInVersion", vuln.FixedInVersion). + Err(err). + Msg("could not parse version into range") + continue + } + } } - vuln := protoVulnFunc() // What is the deal here? Just stick the package name in and f-it? // That's the plan so far as there's no PURL product ID helper. vuln.Package = &claircore.Package{ @@ -321,14 +349,9 @@ func (c *creator) knownAffectedVulnerabilities(ctx context.Context, v csaf.Vulne Kind: claircore.SOURCE, Module: modName, } - ch := escapeCPE(cpeHelper) - wfn, err := cpe.Unbind(ch) - if err != nil { - return nil, fmt.Errorf("could not unbind cpe: %s %w", ch, err) - } - vuln.Repo = c.rc.Get(wfn) sc := c.c.FindScore(pc) if sc != nil { + var err error vuln.Severity, err = cvssVectorFromScore(sc) if err != nil { return nil, fmt.Errorf("could not parse CVSS score: %w, file: %s", err, c.vulnLink) @@ -344,6 +367,7 @@ func (c *creator) knownAffectedVulnerabilities(ctx context.Context, v csaf.Vulne } out = append(out, vuln) } + ranger.resetLowest() if len(unrelatedProductIDs) > 0 { zlog.Debug(ctx). Strs("product_ids", unrelatedProductIDs). @@ -368,9 +392,58 @@ func (c *creator) lookupVulnerability(vulnKey string, protoVulnFunc func() *clai return &c.fixedVulns[idx], ok } +type ranger struct { + lowest map[string]*claircore.Range +} + +func newRanger() *ranger { + return &ranger{ + lowest: map[string]*claircore.Range{}, + } +} + +// Add takes a packageName and a fixedInVersion and returns a *claircore.Range relating +// to the fixedInVersion. Add also saves the lowest range per packageName that it's seen. +// This allows resetLowest() to zero out the lowest values we saw per packageName. +func (r *ranger) add(packageName, fixedInVersion string) (*claircore.Range, error) { + var rng = &claircore.Range{} + + if fixedInVersion == "" { + zeroVer := &rhctag.Version{} + rng.Lower = zeroVer.Version(true) + highestVer := rhctag.Version{ + Major: math.MaxInt32, // Everything is vulnerable + } + rng.Upper = highestVer.Version(true) + } else { + firstPatch, err := rhctag.Parse(fixedInVersion) + if err != nil { + return nil, err + } + rng.Upper = firstPatch.Version(false) + rng.Lower = firstPatch.Version(true) + } + curLow := r.lowest[packageName] + if curLow == nil || rng.Lower.Compare(&curLow.Lower) == -1 { + // If the vulns version is less than our current lower for that package, switch it. + r.lowest[packageName] = rng + } + + return rng, nil +} + +// ResetLowest Zeros out all the lowest versions' lower bounds +func (r *ranger) resetLowest() { + zeroVer := &rhctag.Version{} + for _, r := range r.lowest { + r.Lower = zeroVer.Version(true) + } +} + // FixedVulnerabilities processes the "fixed" array of products in the // VEX object. func (c *creator) fixedVulnerabilities(ctx context.Context, v csaf.Vulnerability, protoVulnFunc func() *claircore.Vulnerability) ([]*claircore.Vulnerability, error) { + ranger := newRanger() unrelatedProductIDs := []string{} debugEnabled := zlog.Debug(ctx).Enabled() for _, pc := range v.ProductStatus["fixed"] { @@ -434,27 +507,34 @@ func (c *creator) fixedVulnerabilities(ctx context.Context, v csaf.Vulnerability Msg("could not parse PURL") continue } - if strings.HasPrefix(purl.Name, "kernel") { - // We don't want to ingest kernel advisories as - // containers have no say in the kernel. + if !checkPURL(purl) { continue } - if purl.Type != packageurl.TypeRPM || purl.Namespace != "redhat" { - // Just ingest advisories that are Red Hat RPMs, this will - // probably change down the line when we consolidate updaters. + fixedIn, err := extractFixedInVersion(purl) + if err != nil { + zlog.Warn(ctx). + Str("purl", purl.String()). + Err(err). + Msg("error extracting fixed_in version from pURL") + continue + } + packageName, err := extractPackageName(purl) + if err != nil { + zlog.Warn(ctx). + Str("purl", purl.String()). + Err(err). + Msg("error extracting package name from pURL") continue } - - fixedIn := epochVersion(&purl) vulnKey := createPackageKey(repoName, modName, purl.Name, fixedIn) - arch := purl.Qualifiers.Map()["arch"] + arch := extractArch(purl) if vuln, ok := c.lookupVulnerability(vulnKey, protoVulnFunc); ok && arch != "" { // We've already found this package, just append the arch vuln.Package.Arch = vuln.Package.Arch + "|" + arch } else { vuln.FixedInVersion = fixedIn vuln.Package = &claircore.Package{ - Name: purl.Name, + Name: packageName, Kind: claircore.BINARY, Module: modName, } @@ -463,13 +543,28 @@ func (c *creator) fixedVulnerabilities(ctx context.Context, v csaf.Vulnerability vuln.Package.Arch = arch vuln.ArchOperation = claircore.OpPatternMatch } - - ch := escapeCPE(cpeHelper) - wfn, err := cpe.Unbind(ch) - if err != nil { - return nil, fmt.Errorf("could not unbind cpe: %s %w", ch, err) + switch purl.Type { + case packageurl.TypeRPM: + ch := escapeCPE(cpeHelper) + wfn, err := cpe.Unbind(ch) + if err != nil { + return nil, fmt.Errorf("could not unbind cpe: %s %w", cpeHelper, err) + } + vuln.Repo = c.rc.Get(wfn) + case packageurl.TypeOCI: + vuln.Repo = &rhcc.GoldRepo + vuln.Range, err = ranger.add(packageName, vuln.FixedInVersion) + if err != nil { + zlog.Warn(ctx). + Str("FixedInVersion", vuln.FixedInVersion). + Err(err). + Msg("could not parse version into range") + continue + } + default: + continue } - vuln.Repo = c.rc.Get(wfn) + // Find remediations and add RHSA URL to links rem := c.c.FindRemediation(pc) if rem != nil { @@ -492,6 +587,7 @@ func (c *creator) fixedVulnerabilities(ctx context.Context, v csaf.Vulnerability } } } + ranger.resetLowest() if len(unrelatedProductIDs) > 0 { zlog.Debug(ctx). Strs("product_ids", unrelatedProductIDs). @@ -587,12 +683,91 @@ func createPackageModule(p *csaf.Product) (string, error) { return modName, nil } -func epochVersion(purl *packageurl.PackageURL) string { - epoch := "0" - if e, ok := purl.Qualifiers.Map()["epoch"]; ok { - epoch = e +// ExtractFixedInVersion deals with 2 pURL types, TypeRPM and TypeOCI +// - TypeOCI: return the tag qualifier. +// - TypeRPM: check for an epoch qualifier and prepend it to the purl.Version. +// If no epoch qualifier, default to 0. +func extractFixedInVersion(purl packageurl.PackageURL) (string, error) { + switch purl.Type { + case packageurl.TypeOCI: + t, ok := purl.Qualifiers.Map()["tag"] + if !ok { + return "", fmt.Errorf("could not find tag qualifier for OCI purl type %s", purl.String()) + } + return t, nil + case packageurl.TypeRPM: + epoch := "0" + if e, ok := purl.Qualifiers.Map()["epoch"]; ok { + epoch = e + } + return epoch + ":" + purl.Version, nil + default: + return "", fmt.Errorf("unexpected purl type %s", purl.Type) + } +} + +// ExtractPackageName deals with 2 pURL types, TypeRPM and TypeOCI +// - TypeOCI: check if there is Namespace and Name i.e. rhel7/rhel-atomic +// and return that, if not, check for a repository_url qualifier. If the +// repository_url exists then use the namespace/name part, if not, use +// the purl.Name. +// - TypeRPM: Just return the purl.Name. +func extractPackageName(purl packageurl.PackageURL) (string, error) { + switch purl.Type { + case packageurl.TypeOCI: + if purl.Namespace != "" { + return purl.Namespace + "/" + purl.Name, nil + } + // Try finding an image name from the tag qualifier + ru, ok := purl.Qualifiers.Map()["repository_url"] + if !ok { + return purl.Name, nil + } + _, image, found := strings.Cut(ru, "/") + if !found { + return "", fmt.Errorf("invalid repository_url for OCI pURL type %s", purl.String()) + } + return image, nil + case packageurl.TypeRPM: + return purl.Name, nil + default: + return "", fmt.Errorf("unexpected purl type %s", purl.Type) + } +} + +var acceptedTypes = map[string]bool{ + packageurl.TypeOCI: true, + packageurl.TypeRPM: true, +} + +// CheckPURL checks if purl is something we're interested in. +// 1. Check the purl.Type is in the accetable types. +// 2. Check if an advisory related to the kernel. +// 3. Check that all RPMs are in the "redhat" namespace. +func checkPURL(purl packageurl.PackageURL) bool { + if ok := acceptedTypes[purl.Type]; !ok { + return false + } + if strings.HasPrefix(purl.Name, "kernel") { + // We don't want to ingest kernel advisories as + // containers have no say in the kernel. + return false + } + if purl.Type == packageurl.TypeRPM && purl.Namespace != "redhat" { + // Not Red Hat rpm content. + return false + } + return true +} + +func extractArch(purl packageurl.PackageURL) string { + arch := purl.Qualifiers.Map()["arch"] + switch arch { + case "amd64", "x86_64": + return "amd64|x86_64" + default: + return arch } - return epoch + ":" + purl.Version } func escapeCPE(ch string) string { diff --git a/rhel/vex/parser_test.go b/rhel/vex/parser_test.go index c1b7614dd..e1bc7c359 100644 --- a/rhel/vex/parser_test.go +++ b/rhel/vex/parser_test.go @@ -3,6 +3,7 @@ package vex import ( "bytes" "context" + "errors" "io" "net/http" "net/url" @@ -10,7 +11,7 @@ import ( "testing" "github.com/klauspost/compress/snappy" - + "github.com/package-url/packageurl-go" "github.com/quay/zlog" "github.com/quay/claircore/toolkit/types/csaf" @@ -315,19 +316,19 @@ func TestParse(t *testing.T) { { name: "cve-2022-1705", filename: "testdata/cve-2022-1705.jsonl", - expectedVulns: 736, + expectedVulns: 1069, expectedDeleted: 0, }, { name: "cve-2024-24786", filename: "testdata/cve-2024-24786.jsonl", - expectedVulns: 246, + expectedVulns: 610, expectedDeleted: 0, }, { name: "cve-2022-38752", filename: "testdata/cve-2022-38752.jsonl", - expectedVulns: 40, + expectedVulns: 47, expectedDeleted: 0, }, { @@ -373,7 +374,7 @@ func TestParse(t *testing.T) { t.Fatalf("failed to parse CSAF JSON: %v", err) } if len(vulns) != tc.expectedVulns { - t.Fatalf("expected %d vulns but got %d", tc.expectedVulns, len(vulns)) + t.Errorf("expected %d vulns but got %d", tc.expectedVulns, len(vulns)) } if len(deleted) != tc.expectedDeleted { t.Fatalf("expected %d deleted but got %d", tc.expectedDeleted, len(deleted)) @@ -381,3 +382,204 @@ func TestParse(t *testing.T) { }) } } + +func TestExtractVersion(t *testing.T) { + testcases := []struct { + name string + purl packageurl.PackageURL + expectedErr bool + want string + }{ + { + name: "rpm_with_epoch", + purl: packageurl.PackageURL{ + Type: packageurl.TypeRPM, + Namespace: "redhat", + Name: "buildah-debugsource", + Version: "1.24.6-5.module+el8.8.0+18083+cd85596b", + Qualifiers: packageurl.QualifiersFromMap(map[string]string{ + "arch": "ppc64le", + "epoch": "1", + }), + }, + want: "1:1.24.6-5.module+el8.8.0+18083+cd85596b", + }, + { + name: "rpm_without_epoch", + purl: packageurl.PackageURL{ + Type: packageurl.TypeRPM, + Namespace: "redhat", + Name: "buildah-debugsource", + Version: "1.24.6-5.module+el8.8.0+18083+cd85596b", + Qualifiers: packageurl.QualifiersFromMap(map[string]string{ + "arch": "ppc64le", + }), + }, + want: "0:1.24.6-5.module+el8.8.0+18083+cd85596b", + }, + { + name: "oci_with_tag", + purl: packageurl.PackageURL{ + Type: packageurl.TypeOCI, + Namespace: "", + Name: "keepalived-rhel9", + Version: "sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22", + Qualifiers: packageurl.QualifiersFromMap(map[string]string{ + "arch": "ppc64le", + "repository_url": "registry.redhat.io/rhceph/keepalived-rhel9", + "tag": "2.2.4-3", + }), + }, + want: "2.2.4-3", + }, + { + name: "oci_without_tag", + purl: packageurl.PackageURL{ + Type: packageurl.TypeOCI, + Namespace: "", + Name: "keepalived-rhel9", + Version: "sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22", + Qualifiers: packageurl.QualifiersFromMap(map[string]string{ + "arch": "ppc64le", + "repository_url": "registry.redhat.io/rhceph/keepalived-rhel9", + }), + }, + expectedErr: true, + }, + + { + name: "unsupported_type", + purl: packageurl.PackageURL{ + Type: packageurl.TypeApk, + Namespace: "", + Name: "nice APK", + Version: "v1.1.1", + Qualifiers: packageurl.QualifiersFromMap(map[string]string{ + "arch": "ppc64le", + }), + }, + expectedErr: true, + }, + } + for _, tc := range testcases { + t.Run(tc.name, func(t *testing.T) { + v, err := extractFixedInVersion(tc.purl) + if !errors.Is(err, nil) && !tc.expectedErr { + t.Fatalf("expected no err but got %v", err) + } + if errors.Is(err, nil) && tc.expectedErr { + t.Fatal("expected err but got none") + } + if v != tc.want { + t.Fatalf("expected version %v but got %v", tc.want, v) + } + }) + } +} + +func TestExtractPackageName(t *testing.T) { + testcases := []struct { + name string + purl packageurl.PackageURL + expectedErr bool + want string + }{ + { + name: "rpm_simple", + purl: packageurl.PackageURL{ + Type: packageurl.TypeRPM, + Namespace: "redhat", + Name: "buildah-debugsource", + Version: "1.24.6-5.module+el8.8.0+18083+cd85596b", + Qualifiers: packageurl.QualifiersFromMap(map[string]string{ + "arch": "ppc64le", + "epoch": "1", + }), + }, + want: "buildah-debugsource", + }, + { + name: "oci_with_repository_url", + purl: packageurl.PackageURL{ + Type: packageurl.TypeOCI, + Namespace: "", + Name: "keepalived-rhel9", + Version: "sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22", + Qualifiers: packageurl.QualifiersFromMap(map[string]string{ + "arch": "ppc64le", + "repository_url": "registry.redhat.io/rhceph/keepalived-rhel9", + "tag": "2.2.4-3", + }), + }, + want: "rhceph/keepalived-rhel9", + }, + { + name: "oci_without_repository_url", + purl: packageurl.PackageURL{ + Type: packageurl.TypeOCI, + Namespace: "", + Name: "keepalived-rhel9", + Version: "sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22", + Qualifiers: packageurl.QualifiersFromMap(map[string]string{ + "arch": "ppc64le", + }), + }, + want: "keepalived-rhel9", + }, + { + name: "oci_invalid_repository_url", + purl: packageurl.PackageURL{ + Type: packageurl.TypeOCI, + Namespace: "", + Name: "keepalived-rhel9", + Version: "sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22", + Qualifiers: packageurl.QualifiersFromMap(map[string]string{ + "arch": "ppc64le", + "repository_url": "registry.redhat.iorhcephkeepalived-rhel9", + }), + }, + expectedErr: true, + }, + { + name: "repository_url_with_namespace", + purl: packageurl.PackageURL{ + Type: packageurl.TypeOCI, + Namespace: "something", + Name: "keepalived-rhel9", + Version: "sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22", + Qualifiers: packageurl.QualifiersFromMap(map[string]string{ + "arch": "ppc64le", + "repository_url": "registry.redhat.io/rhceph/keepalived-rhel9", + }), + }, + want: "something/keepalived-rhel9", + }, + { + name: "unsupported_type", + purl: packageurl.PackageURL{ + Type: packageurl.TypeApk, + Namespace: "", + Name: "nice APK", + Version: "v1.1.1", + Qualifiers: packageurl.QualifiersFromMap(map[string]string{ + "arch": "ppc64le", + }), + }, + expectedErr: true, + }, + } + for _, tc := range testcases { + t.Run(tc.name, func(t *testing.T) { + v, err := extractPackageName(tc.purl) + if !errors.Is(err, nil) && !tc.expectedErr { + t.Fatalf("expected no err but got %v", err) + } + if errors.Is(err, nil) && tc.expectedErr { + t.Fatal("expected err but got none") + } + if v != tc.want { + t.Fatalf("expected name %v but got %v", tc.want, v) + } + }) + } +} diff --git a/rhel/vex/test_common.go b/rhel/vex/test_common.go new file mode 100644 index 000000000..60542431d --- /dev/null +++ b/rhel/vex/test_common.go @@ -0,0 +1,78 @@ +package vex + +import ( + "bufio" + "bytes" + "io" + "net/http" + "net/http/httptest" + "net/textproto" + "os" + "path/filepath" + "testing" + + "golang.org/x/tools/txtar" +) + +func parseFilenameHeaders(data []byte) (string, http.Header, error) { + pf, h, _ := bytes.Cut(data, []byte{' '}) + compressedFilepath := bytes.TrimSuffix(pf, []byte{'\n'}) + h = bytes.ReplaceAll(h, []byte(`\n`), []byte{'\n'}) + // Do headers + tp := textproto.NewReader(bufio.NewReader(bytes.NewReader(h))) + hdr, err := tp.ReadMIMEHeader() + if err != nil && err != io.EOF { + return "", nil, err + } + return string(compressedFilepath), http.Header(hdr), nil +} + +func ServeSecDB(t *testing.T, txtarFile string) (string, *http.Client) { + mux := http.NewServeMux() + archive, err := txtar.ParseFile(txtarFile) + if err != nil { + t.Fatal(err) + } + relFilepath, headers, err := parseFilenameHeaders(archive.Comment) + if err != nil { + t.Fatal(err) + } + filename := filepath.Base(relFilepath) + mux.HandleFunc("/"+filename, func(w http.ResponseWriter, r *http.Request) { + for k, v := range headers { + w.Header().Set(k, v[0]) + } + + switch r.Method { + case http.MethodHead: + case http.MethodGet: + f, err := os.Open("testdata/" + relFilepath) + if err != nil { + t.Fatal(err) + } + if _, err := io.Copy(w, f); err != nil { + t.Fatal(err) + } + } + }) + for _, f := range archive.Files { + urlPath, headers, err := parseFilenameHeaders([]byte(f.Name)) + if err != nil { + t.Fatal(err) + } + fi := f + mux.HandleFunc(urlPath, func(w http.ResponseWriter, _ *http.Request) { + for k, v := range headers { + w.Header().Set(k, v[0]) + } + _, err := w.Write(bytes.TrimSuffix(fi.Data, []byte{'\n'})) + if err != nil { + t.Fatal(err) + } + }) + } + + srv := httptest.NewServer(mux) + t.Cleanup(srv.Close) + return srv.URL, srv.Client() +} diff --git a/rhel/vex/testdata/server.txt b/rhel/vex/testdata/server.txtar similarity index 100% rename from rhel/vex/testdata/server.txt rename to rhel/vex/testdata/server.txtar diff --git a/rhel/rhcc/matcher_integration_test.go b/test/rhel/rhcc_matcher_integration_test.go similarity index 50% rename from rhel/rhcc/matcher_integration_test.go rename to test/rhel/rhcc_matcher_integration_test.go index 4ff1cc172..84730bd82 100644 --- a/rhel/rhcc/matcher_integration_test.go +++ b/test/rhel/rhcc_matcher_integration_test.go @@ -1,12 +1,10 @@ -package rhcc +package rhel import ( "context" "encoding/json" "fmt" "io" - "net/http" - "net/http/httptest" "os" "path/filepath" "testing" @@ -19,6 +17,8 @@ import ( "github.com/quay/claircore/libvuln/driver" "github.com/quay/claircore/libvuln/updates" "github.com/quay/claircore/pkg/ctxlock" + "github.com/quay/claircore/rhel/rhcc" + "github.com/quay/claircore/rhel/vex" "github.com/quay/claircore/test/integration" testpostgres "github.com/quay/claircore/test/postgres" ) @@ -35,7 +35,6 @@ func TestMatcherIntegration(t *testing.T) { type testcase struct { Name string - cvemap string indexReport string cveID string match bool @@ -43,85 +42,67 @@ func TestMatcherIntegration(t *testing.T) { table := []testcase{ { Name: "Clair", - cvemap: "cve-2021-3762", indexReport: "clair-rhel8-v3.5.5-4", - cveID: "RHSA-2021:3665", + cveID: "CVE-2021-3762", match: true, }, { Name: "Rook4.6", - cvemap: "cve-2020-8565", indexReport: "rook-ceph-operator-container-4.6-115.d1788e1.release_4.6", - cveID: "RHSA-2021:2041", + cveID: "CVE-2020-8565", match: true, }, { Name: "Rook4.7", - cvemap: "cve-2020-8565", indexReport: "rook-ceph-operator-container-4.7-159.76b9b11.release_4.7", - cveID: "RHSA-2021:2041", + cveID: "CVE-2020-8565", match: false, }, } - for i := range table { - tt := &table[i] - t.Run(tt.Name, func(t *testing.T) { - t.Parallel() - integration.NeedDB(t) - ctx := zlog.Test(context.Background(), t) - pool := testpostgres.TestMatcherDB(ctx, t) - store := postgres.NewMatcherStore(pool) - m := &matcher{} + integration.NeedDB(t) + ctx := zlog.Test(context.Background(), t) + pool := testpostgres.TestMatcherDB(ctx, t) + store := postgres.NewMatcherStore(pool) + locks, err := ctxlock.New(ctx, pool) + if err != nil { + t.Error(err) + } + defer locks.Close(ctx) - serveFile := filepath.Join("testdata", tt.cvemap+".xml") - fi, err := os.Stat(serveFile) - if err != nil { - t.Fatal(err) - } - tag := fmt.Sprintf(`"%d"`, fi.ModTime().UnixNano()) - srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - switch r.URL.Path { - case "/cvemap.xml": - w.Header().Set("etag", tag) - http.ServeFile(w, r, serveFile) - case "/cvemap.xml.bz2": - http.Error(w, "no bz2", http.StatusNotFound) - default: - t.Errorf("unexpected request: %s", r.URL) - http.Error(w, "???", http.StatusNotImplemented) - } - })) - defer srv.Close() - s := driver.NewUpdaterSet() - if err := s.Add(new(updater)); err != nil { - t.Error(err) - } - cfg := updates.Configs{ - updaterName: func(v any) error { - cfg := v.(*UpdaterConfig) - cfg.URL = srv.URL + "/cvemap.xml" - return nil - }, - } + root, c := vex.ServeSecDB(t, "testdata/server.txtar") + fac := &vex.Factory{} + cfg := updates.Configs{ + "rhel-vex": func(v any) error { + cfg := v.(*vex.UpdaterConfig) + cfg.URL = root + "/" + return nil + }, + } - locks, err := ctxlock.New(ctx, pool) - if err != nil { - t.Error(err) - } - defer locks.Close(ctx) + s, err := fac.UpdaterSet(ctx) + if err != nil { + t.Error(err) + } + if len(s.Updaters()) != 1 { + t.Errorf("expected 1 updater in the updaterset but got %d", len(s.Updaters())) + } - facs := make(map[string]driver.UpdaterSetFactory, 1) - facs[updaterName] = driver.StaticSet(s) - mgr, err := updates.NewManager(ctx, store, locks, srv.Client(), updates.WithFactories(facs), updates.WithConfigs(cfg)) - if err != nil { - t.Error(err) - } + facs := map[string]driver.UpdaterSetFactory{"rhel-vex-fac": fac} + mgr, err := updates.NewManager(ctx, store, locks, c, updates.WithFactories(facs), updates.WithConfigs(cfg)) + if err != nil { + t.Error(err) + } - // force update - if err := mgr.Run(ctx); err != nil { - t.Error(err) - } + // force update + if err := mgr.Run(ctx); err != nil { + t.Error(err) + } + + for _, tt := range table { + t.Run(tt.Name, func(t *testing.T) { + t.Parallel() + m := rhcc.Matcher f, err := os.Open(filepath.Join("testdata", fmt.Sprintf("%s-indexreport.json", tt.indexReport))) if err != nil { @@ -145,7 +126,7 @@ func TestMatcherIntegration(t *testing.T) { } } if found != tt.match { - t.Fatalf("Expected to find %s in vulnerability report", tt.cveID) + t.Fatalf("Expected to find (or not) %s in vulnerability report and didn't (or did)", tt.cveID) } if err := json.NewEncoder(io.Discard).Encode(&vr); err != nil { t.Fatalf("failed to marshal VR: %v", err) diff --git a/rhel/rhcc/testdata/clair-rhel8-v3.5.5-4-indexreport.json b/test/rhel/testdata/clair-rhel8-v3.5.5-4-indexreport.json similarity index 100% rename from rhel/rhcc/testdata/clair-rhel8-v3.5.5-4-indexreport.json rename to test/rhel/testdata/clair-rhel8-v3.5.5-4-indexreport.json diff --git a/rhel/rhcc/testdata/rook-ceph-operator-container-4.6-115.d1788e1.release_4.6-indexreport.json b/test/rhel/testdata/rook-ceph-operator-container-4.6-115.d1788e1.release_4.6-indexreport.json similarity index 100% rename from rhel/rhcc/testdata/rook-ceph-operator-container-4.6-115.d1788e1.release_4.6-indexreport.json rename to test/rhel/testdata/rook-ceph-operator-container-4.6-115.d1788e1.release_4.6-indexreport.json diff --git a/rhel/rhcc/testdata/rook-ceph-operator-container-4.7-159.76b9b11.release_4.7-indexreport.json b/test/rhel/testdata/rook-ceph-operator-container-4.7-159.76b9b11.release_4.7-indexreport.json similarity index 100% rename from rhel/rhcc/testdata/rook-ceph-operator-container-4.7-159.76b9b11.release_4.7-indexreport.json rename to test/rhel/testdata/rook-ceph-operator-container-4.7-159.76b9b11.release_4.7-indexreport.json diff --git a/test/rhel/testdata/server.txtar b/test/rhel/testdata/server.txtar new file mode 100644 index 000000000..1232eef60 --- /dev/null +++ b/test/rhel/testdata/server.txtar @@ -0,0 +1,3252 @@ +server/empty_archive.tar.zst last-modified:Mon, 11 Dec 2023 00:00:00 GMT\nanother:header +-- /archive_latest.txt -- +empty_archive.tar.zst +-- /changes.csv etag:something -- +"2021/cve-2021-3762.json","2023-12-12T00:00:00+00:00" +"2020/cve-2020-8565.json","2023-12-12T00:00:00+00:00" +-- /deletions.csv etag: somethingelse -- +-- /2021/cve-2021-3762.json -- +{ + "document": { + "aggregate_severity": { + "namespace": "https://access.redhat.com/security/updates/classification/", + "text": "critical" + }, + "category": "csaf_vex", + "csaf_version": "2.0", + "distribution": { + "text": "Copyright © Red Hat, Inc. All rights reserved.", + "tlp": { + "label": "WHITE", + "url": "https://www.first.org/tlp/" + } + }, + "lang": "en", + "notes": [ + { + "category": "legal_disclaimer", + "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", + "title": "Terms of Use" + } + ], + "publisher": { + "category": "vendor", + "contact_details": "https://access.redhat.com/security/team/contact/", + "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", + "name": "Red Hat Product Security", + "namespace": "https://www.redhat.com" + }, + "references": [ + { + "category": "self", + "summary": "Canonical URL", + "url": "https://access.redhat.com/security/data/csaf/beta/vex/2021/cve-2021-3762.json" + } + ], + "title": "quay/claircore: directory traversal when scanning crafted container image layer allows for arbitrary file write", + "tracking": { + "current_release_date": "2024-06-13T23:33:35+00:00", + "generator": { + "date": "2024-06-13T23:33:35+00:00", + "engine": { + "name": "Red Hat SDEngine", + "version": "3.30.1" + } + }, + "id": "CVE-2021-3762", + "initial_release_date": "2021-09-28T12:00:00+00:00", + "revision_history": [ + { + "date": "2021-09-28T12:00:00+00:00", + "number": "1", + "summary": "Initial version" + }, + { + "date": "2023-02-02T04:48:30+00:00", + "number": "2", + "summary": "Current version" + }, + { + "date": "2024-06-13T23:33:35+00:00", + "number": "3", + "summary": "Last generated version" + } + ], + "status": "final", + "version": "3" + } + }, + "product_tree": { + "branches": [ + { + "branches": [ + { + "branches": [ + { + "category": "product_name", + "name": "Quay v3", + "product": { + "name": "Quay v3", + "product_id": "8Base-Quay-3", + "product_identification_helper": { + "cpe": "cpe:/a:redhat:quay:3::el8" + } + } + } + ], + "category": "product_family", + "name": "Red Hat Quay" + }, + { + "branches": [ + { + "category": "product_version", + "name": "quay/quay-bridge-operator-bundle@sha256:6c2ab763239f6e5a2a72890120bf1f20f6277850cec59a7e11cea2b6a06f12e8_amd64", + "product": { + "name": "quay/quay-bridge-operator-bundle@sha256:6c2ab763239f6e5a2a72890120bf1f20f6277850cec59a7e11cea2b6a06f12e8_amd64", + "product_id": "quay/quay-bridge-operator-bundle@sha256:6c2ab763239f6e5a2a72890120bf1f20f6277850cec59a7e11cea2b6a06f12e8_amd64", + "product_identification_helper": { + "purl": "pkg:oci/quay-bridge-operator-bundle@sha256:6c2ab763239f6e5a2a72890120bf1f20f6277850cec59a7e11cea2b6a06f12e8?arch=amd64&repository_url=registry.redhat.io/quay/quay-bridge-operator-bundle&tag=v3.5.7-7" + } + } + }, + { + "category": "product_version", + "name": "quay/quay-bridge-operator-rhel8@sha256:ccd53fb4b31b792175cfece28ae0b6a9956090eb273e82998444fc6c7f312e20_amd64", + "product": { + "name": "quay/quay-bridge-operator-rhel8@sha256:ccd53fb4b31b792175cfece28ae0b6a9956090eb273e82998444fc6c7f312e20_amd64", + "product_id": "quay/quay-bridge-operator-rhel8@sha256:ccd53fb4b31b792175cfece28ae0b6a9956090eb273e82998444fc6c7f312e20_amd64", + "product_identification_helper": { + "purl": "pkg:oci/quay-bridge-operator-rhel8@sha256:ccd53fb4b31b792175cfece28ae0b6a9956090eb273e82998444fc6c7f312e20?arch=amd64&repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8&tag=v3.5.7-11" + } + } + }, + { + "category": "product_version", + "name": "quay/quay-builder-rhel8@sha256:76b5e1deb371d2514f2feb59b750ded7e1f76f48b35a532ad806f921f4a4e722_amd64", + "product": { + "name": "quay/quay-builder-rhel8@sha256:76b5e1deb371d2514f2feb59b750ded7e1f76f48b35a532ad806f921f4a4e722_amd64", + "product_id": "quay/quay-builder-rhel8@sha256:76b5e1deb371d2514f2feb59b750ded7e1f76f48b35a532ad806f921f4a4e722_amd64", + "product_identification_helper": { + "purl": "pkg:oci/quay-builder-rhel8@sha256:76b5e1deb371d2514f2feb59b750ded7e1f76f48b35a532ad806f921f4a4e722?arch=amd64&repository_url=registry.redhat.io/quay/quay-builder-rhel8&tag=v3.5.7-8" + } + } + }, + { + "category": "product_version", + "name": "quay/quay-builder-qemu-rhcos-rhel8@sha256:d0448bd89653695c1089dfcd12e2bcf4169ac732b1830c6c9cbb9909181778ed_amd64", + "product": { + "name": "quay/quay-builder-qemu-rhcos-rhel8@sha256:d0448bd89653695c1089dfcd12e2bcf4169ac732b1830c6c9cbb9909181778ed_amd64", + "product_id": "quay/quay-builder-qemu-rhcos-rhel8@sha256:d0448bd89653695c1089dfcd12e2bcf4169ac732b1830c6c9cbb9909181778ed_amd64", + "product_identification_helper": { + "purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256:d0448bd89653695c1089dfcd12e2bcf4169ac732b1830c6c9cbb9909181778ed?arch=amd64&repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8&tag=v3.5.7-8" + } + } + }, + { + "category": "product_version", + "name": "quay/clair-rhel8@sha256:bbfe6e82c9c01fb6f4d8c67e1af5a1e3e00486f902efc14a4e2fe22e5fcad65d_amd64", + "product": { + "name": "quay/clair-rhel8@sha256:bbfe6e82c9c01fb6f4d8c67e1af5a1e3e00486f902efc14a4e2fe22e5fcad65d_amd64", + "product_id": "quay/clair-rhel8@sha256:bbfe6e82c9c01fb6f4d8c67e1af5a1e3e00486f902efc14a4e2fe22e5fcad65d_amd64", + "product_identification_helper": { + "purl": "pkg:oci/clair-rhel8@sha256:bbfe6e82c9c01fb6f4d8c67e1af5a1e3e00486f902efc14a4e2fe22e5fcad65d?arch=amd64&repository_url=registry.redhat.io/quay/clair-rhel8&tag=v3.5.7-8" + } + } + }, + { + "category": "product_version", + "name": "quay/quay-container-security-operator-bundle@sha256:68e766235bdcd8f3335e2ab6e09942d98b183b3e498abb65acab6481664d46ed_amd64", + "product": { + "name": "quay/quay-container-security-operator-bundle@sha256:68e766235bdcd8f3335e2ab6e09942d98b183b3e498abb65acab6481664d46ed_amd64", + "product_id": "quay/quay-container-security-operator-bundle@sha256:68e766235bdcd8f3335e2ab6e09942d98b183b3e498abb65acab6481664d46ed_amd64", + "product_identification_helper": { + "purl": "pkg:oci/quay-container-security-operator-bundle@sha256:68e766235bdcd8f3335e2ab6e09942d98b183b3e498abb65acab6481664d46ed?arch=amd64&repository_url=registry.redhat.io/quay/quay-container-security-operator-bundle&tag=v3.5.7-7" + } + } + }, + { + "category": "product_version", + "name": "quay/quay-container-security-operator-rhel8@sha256:1ebb1f1ec3e413984cab04bd605afa4e1ae17375bfb7fc835c1272320900b42b_amd64", + "product": { + "name": "quay/quay-container-security-operator-rhel8@sha256:1ebb1f1ec3e413984cab04bd605afa4e1ae17375bfb7fc835c1272320900b42b_amd64", + "product_id": "quay/quay-container-security-operator-rhel8@sha256:1ebb1f1ec3e413984cab04bd605afa4e1ae17375bfb7fc835c1272320900b42b_amd64", + "product_identification_helper": { + "purl": "pkg:oci/quay-container-security-operator-rhel8@sha256:1ebb1f1ec3e413984cab04bd605afa4e1ae17375bfb7fc835c1272320900b42b?arch=amd64&repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel8&tag=v3.5.7-8" + } + } + }, + { + "category": "product_version", + "name": "quay/quay-operator-bundle@sha256:722cf3c05eb5663a737cb1385b971b6d1f0c8b2595d5ac425f7b100c25e2fd26_amd64", + "product": { + "name": "quay/quay-operator-bundle@sha256:722cf3c05eb5663a737cb1385b971b6d1f0c8b2595d5ac425f7b100c25e2fd26_amd64", + "product_id": "quay/quay-operator-bundle@sha256:722cf3c05eb5663a737cb1385b971b6d1f0c8b2595d5ac425f7b100c25e2fd26_amd64", + "product_identification_helper": { + "purl": "pkg:oci/quay-operator-bundle@sha256:722cf3c05eb5663a737cb1385b971b6d1f0c8b2595d5ac425f7b100c25e2fd26?arch=amd64&repository_url=registry.redhat.io/quay/quay-operator-bundle&tag=v3.5.7-6" + } + } + }, + { + "category": "product_version", + "name": "quay/quay-operator-rhel8@sha256:bca072adf2d667291fbc11a466f8c3e07ba2ba50495038b54c75e2633986b839_amd64", + "product": { + "name": "quay/quay-operator-rhel8@sha256:bca072adf2d667291fbc11a466f8c3e07ba2ba50495038b54c75e2633986b839_amd64", + "product_id": "quay/quay-operator-rhel8@sha256:bca072adf2d667291fbc11a466f8c3e07ba2ba50495038b54c75e2633986b839_amd64", + "product_identification_helper": { + "purl": "pkg:oci/quay-operator-rhel8@sha256:bca072adf2d667291fbc11a466f8c3e07ba2ba50495038b54c75e2633986b839?arch=amd64&repository_url=registry.redhat.io/quay/quay-operator-rhel8&tag=v3.5.7-6" + } + } + }, + { + "category": "product_version", + "name": "quay/quay-rhel8@sha256:dc4f2c32b41edf2ee79bb424ce0fbeaed7f53108e0c568b7e9808d8ce3ed36b3_amd64", + "product": { + "name": "quay/quay-rhel8@sha256:dc4f2c32b41edf2ee79bb424ce0fbeaed7f53108e0c568b7e9808d8ce3ed36b3_amd64", + "product_id": "quay/quay-rhel8@sha256:dc4f2c32b41edf2ee79bb424ce0fbeaed7f53108e0c568b7e9808d8ce3ed36b3_amd64", + "product_identification_helper": { + "purl": "pkg:oci/quay-rhel8@sha256:dc4f2c32b41edf2ee79bb424ce0fbeaed7f53108e0c568b7e9808d8ce3ed36b3?arch=amd64&repository_url=registry.redhat.io/quay/quay-rhel8&tag=v3.5.7-8" + } + } + } + ], + "category": "architecture", + "name": "amd64" + } + ], + "category": "vendor", + "name": "Red Hat" + } + ], + "relationships": [ + { + "category": "default_component_of", + "full_product_name": { + "name": "quay/clair-rhel8@sha256:bbfe6e82c9c01fb6f4d8c67e1af5a1e3e00486f902efc14a4e2fe22e5fcad65d_amd64 as a component of Quay v3", + "product_id": "8Base-Quay-3:quay/clair-rhel8@sha256:bbfe6e82c9c01fb6f4d8c67e1af5a1e3e00486f902efc14a4e2fe22e5fcad65d_amd64" + }, + "product_reference": "quay/clair-rhel8@sha256:bbfe6e82c9c01fb6f4d8c67e1af5a1e3e00486f902efc14a4e2fe22e5fcad65d_amd64", + "relates_to_product_reference": "8Base-Quay-3" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "quay/quay-bridge-operator-bundle@sha256:6c2ab763239f6e5a2a72890120bf1f20f6277850cec59a7e11cea2b6a06f12e8_amd64 as a component of Quay v3", + "product_id": "8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:6c2ab763239f6e5a2a72890120bf1f20f6277850cec59a7e11cea2b6a06f12e8_amd64" + }, + "product_reference": "quay/quay-bridge-operator-bundle@sha256:6c2ab763239f6e5a2a72890120bf1f20f6277850cec59a7e11cea2b6a06f12e8_amd64", + "relates_to_product_reference": "8Base-Quay-3" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "quay/quay-bridge-operator-rhel8@sha256:ccd53fb4b31b792175cfece28ae0b6a9956090eb273e82998444fc6c7f312e20_amd64 as a component of Quay v3", + "product_id": "8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:ccd53fb4b31b792175cfece28ae0b6a9956090eb273e82998444fc6c7f312e20_amd64" + }, + "product_reference": "quay/quay-bridge-operator-rhel8@sha256:ccd53fb4b31b792175cfece28ae0b6a9956090eb273e82998444fc6c7f312e20_amd64", + "relates_to_product_reference": "8Base-Quay-3" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "quay/quay-builder-qemu-rhcos-rhel8@sha256:d0448bd89653695c1089dfcd12e2bcf4169ac732b1830c6c9cbb9909181778ed_amd64 as a component of Quay v3", + "product_id": "8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:d0448bd89653695c1089dfcd12e2bcf4169ac732b1830c6c9cbb9909181778ed_amd64" + }, + "product_reference": "quay/quay-builder-qemu-rhcos-rhel8@sha256:d0448bd89653695c1089dfcd12e2bcf4169ac732b1830c6c9cbb9909181778ed_amd64", + "relates_to_product_reference": "8Base-Quay-3" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "quay/quay-builder-rhel8@sha256:76b5e1deb371d2514f2feb59b750ded7e1f76f48b35a532ad806f921f4a4e722_amd64 as a component of Quay v3", + "product_id": "8Base-Quay-3:quay/quay-builder-rhel8@sha256:76b5e1deb371d2514f2feb59b750ded7e1f76f48b35a532ad806f921f4a4e722_amd64" + }, + "product_reference": "quay/quay-builder-rhel8@sha256:76b5e1deb371d2514f2feb59b750ded7e1f76f48b35a532ad806f921f4a4e722_amd64", + "relates_to_product_reference": "8Base-Quay-3" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "quay/quay-container-security-operator-bundle@sha256:68e766235bdcd8f3335e2ab6e09942d98b183b3e498abb65acab6481664d46ed_amd64 as a component of Quay v3", + "product_id": "8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:68e766235bdcd8f3335e2ab6e09942d98b183b3e498abb65acab6481664d46ed_amd64" + }, + "product_reference": "quay/quay-container-security-operator-bundle@sha256:68e766235bdcd8f3335e2ab6e09942d98b183b3e498abb65acab6481664d46ed_amd64", + "relates_to_product_reference": "8Base-Quay-3" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "quay/quay-container-security-operator-rhel8@sha256:1ebb1f1ec3e413984cab04bd605afa4e1ae17375bfb7fc835c1272320900b42b_amd64 as a component of Quay v3", + "product_id": "8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:1ebb1f1ec3e413984cab04bd605afa4e1ae17375bfb7fc835c1272320900b42b_amd64" + }, + "product_reference": "quay/quay-container-security-operator-rhel8@sha256:1ebb1f1ec3e413984cab04bd605afa4e1ae17375bfb7fc835c1272320900b42b_amd64", + "relates_to_product_reference": "8Base-Quay-3" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "quay/quay-operator-bundle@sha256:722cf3c05eb5663a737cb1385b971b6d1f0c8b2595d5ac425f7b100c25e2fd26_amd64 as a component of Quay v3", + "product_id": "8Base-Quay-3:quay/quay-operator-bundle@sha256:722cf3c05eb5663a737cb1385b971b6d1f0c8b2595d5ac425f7b100c25e2fd26_amd64" + }, + "product_reference": "quay/quay-operator-bundle@sha256:722cf3c05eb5663a737cb1385b971b6d1f0c8b2595d5ac425f7b100c25e2fd26_amd64", + "relates_to_product_reference": "8Base-Quay-3" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "quay/quay-operator-rhel8@sha256:bca072adf2d667291fbc11a466f8c3e07ba2ba50495038b54c75e2633986b839_amd64 as a component of Quay v3", + "product_id": "8Base-Quay-3:quay/quay-operator-rhel8@sha256:bca072adf2d667291fbc11a466f8c3e07ba2ba50495038b54c75e2633986b839_amd64" + }, + "product_reference": "quay/quay-operator-rhel8@sha256:bca072adf2d667291fbc11a466f8c3e07ba2ba50495038b54c75e2633986b839_amd64", + "relates_to_product_reference": "8Base-Quay-3" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "quay/quay-rhel8@sha256:dc4f2c32b41edf2ee79bb424ce0fbeaed7f53108e0c568b7e9808d8ce3ed36b3_amd64 as a component of Quay v3", + "product_id": "8Base-Quay-3:quay/quay-rhel8@sha256:dc4f2c32b41edf2ee79bb424ce0fbeaed7f53108e0c568b7e9808d8ce3ed36b3_amd64" + }, + "product_reference": "quay/quay-rhel8@sha256:dc4f2c32b41edf2ee79bb424ce0fbeaed7f53108e0c568b7e9808d8ce3ed36b3_amd64", + "relates_to_product_reference": "8Base-Quay-3" + } + ] + }, + "vulnerabilities": [ + { + "acknowledgments": [ + { + "names": [ + "Yanir Tsarimi" + ], + "organization": "Orca Security" + } + ], + "cve": "CVE-2021-3762", + "cwe": { + "id": "CWE-22", + "name": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + }, + "discovery_date": "2021-09-02T00:00:00+00:00", + "flags": [ + { + "label": "vulnerable_code_not_present", + "product_ids": [ + "8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:6c2ab763239f6e5a2a72890120bf1f20f6277850cec59a7e11cea2b6a06f12e8_amd64", + "8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:ccd53fb4b31b792175cfece28ae0b6a9956090eb273e82998444fc6c7f312e20_amd64", + "8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:d0448bd89653695c1089dfcd12e2bcf4169ac732b1830c6c9cbb9909181778ed_amd64", + "8Base-Quay-3:quay/quay-builder-rhel8@sha256:76b5e1deb371d2514f2feb59b750ded7e1f76f48b35a532ad806f921f4a4e722_amd64", + "8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:68e766235bdcd8f3335e2ab6e09942d98b183b3e498abb65acab6481664d46ed_amd64", + "8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:1ebb1f1ec3e413984cab04bd605afa4e1ae17375bfb7fc835c1272320900b42b_amd64", + "8Base-Quay-3:quay/quay-operator-bundle@sha256:722cf3c05eb5663a737cb1385b971b6d1f0c8b2595d5ac425f7b100c25e2fd26_amd64", + "8Base-Quay-3:quay/quay-operator-rhel8@sha256:bca072adf2d667291fbc11a466f8c3e07ba2ba50495038b54c75e2633986b839_amd64", + "8Base-Quay-3:quay/quay-rhel8@sha256:dc4f2c32b41edf2ee79bb424ce0fbeaed7f53108e0c568b7e9808d8ce3ed36b3_amd64" + ] + } + ], + "ids": [ + { + "system_name": "Red Hat Bugzilla ID", + "text": "2000795" + } + ], + "notes": [ + { + "category": "description", + "text": "A directory traversal vulnerability was found in the ClairCore engine of Clair. An attacker can exploit this by supplying a crafted container image which, when scanned by Clair, allows for arbitrary file write on the filesystem, potentially allowing for remote code execution.", + "title": "Vulnerability description" + }, + { + "category": "summary", + "text": "quay/claircore: directory traversal when scanning crafted container image layer allows for arbitrary file write", + "title": "Vulnerability summary" + }, + { + "category": "other", + "text": "Only a single version of Red Hat Quay, 3.5.6 is affected by this vulnerability. All previous released versions of Red Hat Quay are not affected by this vulnerability.\n\nThe overall vulnerability is rated as Critical for the ClairCore engine, but only rated Important for the Red Hat Quay product. In Red Hat Quay, Clair runs as the 'nobody' user in an unprivileged container, limiting the impact to modification of non-sensitives files in that container.\n\nRed Hat Advanced Cluster Security is not affected by this vulnerability.\n\nQuay.io is not affected by this vulnerability.", + "title": "Statement" + }, + { + "category": "general", + "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", + "title": "CVSS score applicability" + } + ], + "product_status": { + "fixed": [ + "8Base-Quay-3:quay/clair-rhel8@sha256:bbfe6e82c9c01fb6f4d8c67e1af5a1e3e00486f902efc14a4e2fe22e5fcad65d_amd64" + ], + "known_not_affected": [ + "8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:6c2ab763239f6e5a2a72890120bf1f20f6277850cec59a7e11cea2b6a06f12e8_amd64", + "8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:ccd53fb4b31b792175cfece28ae0b6a9956090eb273e82998444fc6c7f312e20_amd64", + "8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:d0448bd89653695c1089dfcd12e2bcf4169ac732b1830c6c9cbb9909181778ed_amd64", + "8Base-Quay-3:quay/quay-builder-rhel8@sha256:76b5e1deb371d2514f2feb59b750ded7e1f76f48b35a532ad806f921f4a4e722_amd64", + "8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:68e766235bdcd8f3335e2ab6e09942d98b183b3e498abb65acab6481664d46ed_amd64", + "8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:1ebb1f1ec3e413984cab04bd605afa4e1ae17375bfb7fc835c1272320900b42b_amd64", + "8Base-Quay-3:quay/quay-operator-bundle@sha256:722cf3c05eb5663a737cb1385b971b6d1f0c8b2595d5ac425f7b100c25e2fd26_amd64", + "8Base-Quay-3:quay/quay-operator-rhel8@sha256:bca072adf2d667291fbc11a466f8c3e07ba2ba50495038b54c75e2633986b839_amd64", + "8Base-Quay-3:quay/quay-rhel8@sha256:dc4f2c32b41edf2ee79bb424ce0fbeaed7f53108e0c568b7e9808d8ce3ed36b3_amd64" + ] + }, + "references": [ + { + "category": "self", + "summary": "Canonical URL", + "url": "https://access.redhat.com/security/cve/CVE-2021-3762" + }, + { + "category": "external", + "summary": "RHBZ#2000795", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000795" + }, + { + "category": "external", + "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3762", + "url": "https://www.cve.org/CVERecord?id=CVE-2021-3762" + }, + { + "category": "external", + "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3762", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3762" + } + ], + "release_date": "2021-09-28T12:00:00+00:00", + "remediations": [ + { + "category": "vendor_fix", + "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", + "product_ids": [ + "8Base-Quay-3:quay/clair-rhel8@sha256:bbfe6e82c9c01fb6f4d8c67e1af5a1e3e00486f902efc14a4e2fe22e5fcad65d_amd64" + ], + "url": "https://access.redhat.com/errata/RHSA-2021:3665" + }, + { + "category": "workaround", + "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", + "product_ids": [ + "8Base-Quay-3:quay/clair-rhel8@sha256:bbfe6e82c9c01fb6f4d8c67e1af5a1e3e00486f902efc14a4e2fe22e5fcad65d_amd64", + "8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:6c2ab763239f6e5a2a72890120bf1f20f6277850cec59a7e11cea2b6a06f12e8_amd64", + "8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:ccd53fb4b31b792175cfece28ae0b6a9956090eb273e82998444fc6c7f312e20_amd64", + "8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:d0448bd89653695c1089dfcd12e2bcf4169ac732b1830c6c9cbb9909181778ed_amd64", + "8Base-Quay-3:quay/quay-builder-rhel8@sha256:76b5e1deb371d2514f2feb59b750ded7e1f76f48b35a532ad806f921f4a4e722_amd64", + "8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:68e766235bdcd8f3335e2ab6e09942d98b183b3e498abb65acab6481664d46ed_amd64", + "8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:1ebb1f1ec3e413984cab04bd605afa4e1ae17375bfb7fc835c1272320900b42b_amd64", + "8Base-Quay-3:quay/quay-operator-bundle@sha256:722cf3c05eb5663a737cb1385b971b6d1f0c8b2595d5ac425f7b100c25e2fd26_amd64", + "8Base-Quay-3:quay/quay-operator-rhel8@sha256:bca072adf2d667291fbc11a466f8c3e07ba2ba50495038b54c75e2633986b839_amd64", + "8Base-Quay-3:quay/quay-rhel8@sha256:dc4f2c32b41edf2ee79bb424ce0fbeaed7f53108e0c568b7e9808d8ce3ed36b3_amd64" + ] + } + ], + "scores": [ + { + "cvss_v3": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "version": "3.1" + }, + "products": [ + "8Base-Quay-3:quay/clair-rhel8@sha256:bbfe6e82c9c01fb6f4d8c67e1af5a1e3e00486f902efc14a4e2fe22e5fcad65d_amd64" + ] + } + ], + "threats": [ + { + "category": "impact", + "details": "Important", + "product_ids": [ + "8Base-Quay-3:quay/clair-rhel8@sha256:bbfe6e82c9c01fb6f4d8c67e1af5a1e3e00486f902efc14a4e2fe22e5fcad65d_amd64" + ] + } + ], + "title": "quay/claircore: directory traversal when scanning crafted container image layer allows for arbitrary file write" + } + ] +} +-- /2020/cve-2020-8565.json -- +{ + "document": { + "aggregate_severity": { + "namespace": "https://access.redhat.com/security/updates/classification/", + "text": "moderate" + }, + "category": "csaf_vex", + "csaf_version": "2.0", + "distribution": { + "text": "Copyright © Red Hat, Inc. All rights reserved.", + "tlp": { + "label": "WHITE", + "url": "https://www.first.org/tlp/" + } + }, + "lang": "en", + "notes": [ + { + "category": "legal_disclaimer", + "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", + "title": "Terms of Use" + } + ], + "publisher": { + "category": "vendor", + "contact_details": "https://access.redhat.com/security/team/contact/", + "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", + "name": "Red Hat Product Security", + "namespace": "https://www.redhat.com" + }, + "references": [ + { + "category": "self", + "summary": "Canonical URL", + "url": "https://access.redhat.com/security/data/csaf/beta/vex/2020/cve-2020-8565.json" + } + ], + "title": "kubernetes: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9", + "tracking": { + "current_release_date": "2024-06-14T07:10:37+00:00", + "generator": { + "date": "2024-06-14T07:10:37+00:00", + "engine": { + "name": "Red Hat SDEngine", + "version": "3.30.1" + } + }, + "id": "CVE-2020-8565", + "initial_release_date": "2020-10-14T00:00:00+00:00", + "revision_history": [ + { + "date": "2020-10-14T00:00:00+00:00", + "number": "1", + "summary": "Initial version" + }, + { + "date": "2021-12-13T17:43:55+00:00", + "number": "2", + "summary": "Current version" + }, + { + "date": "2024-06-14T07:10:37+00:00", + "number": "3", + "summary": "Last generated version" + } + ], + "status": "final", + "version": "3" + } + }, + "product_tree": { + "branches": [ + { + "branches": [ + { + "branches": [ + { + "category": "product_name", + "name": "Red Hat OpenShift Container Platform 3.11", + "product": { + "name": "Red Hat OpenShift Container Platform 3.11", + "product_id": "red_hat_openshift_container_platform_3.11", + "product_identification_helper": { + "cpe": "cpe:/a:redhat:openshift:3.11" + } + } + } + ], + "category": "product_family", + "name": "Red Hat OpenShift Container Platform 3.11" + }, + { + "branches": [ + { + "category": "product_name", + "name": "Red Hat OpenShift Container Platform 4", + "product": { + "name": "Red Hat OpenShift Container Platform 4", + "product_id": "red_hat_openshift_container_platform_4", + "product_identification_helper": { + "cpe": "cpe:/a:redhat:openshift:4" + } + } + } + ], + "category": "product_family", + "name": "Red Hat OpenShift Container Platform 4" + }, + { + "branches": [ + { + "category": "product_name", + "name": "Red Hat Openshift Container Storage 4", + "product": { + "name": "Red Hat Openshift Container Storage 4", + "product_id": "red_hat_openshift_container_storage_4", + "product_identification_helper": { + "cpe": "cpe:/a:redhat:openshift_container_storage:4" + } + } + } + ], + "category": "product_family", + "name": "Red Hat Openshift Container Storage 4" + }, + { + "branches": [ + { + "category": "product_name", + "name": "Red Hat Storage 3", + "product": { + "name": "Red Hat Storage 3", + "product_id": "red_hat_storage_3", + "product_identification_helper": { + "cpe": "cpe:/a:redhat:storage:3" + } + } + } + ], + "category": "product_family", + "name": "Red Hat Storage 3" + }, + { + "branches": [ + { + "category": "product_name", + "name": "Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product": { + "name": "Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9", + "product_identification_helper": { + "cpe": "cpe:/a:redhat:openshift_data_foundation:4.9::el8" + } + } + } + ], + "category": "product_family", + "name": "Red Hat OpenShift Data Foundation" + }, + { + "branches": [ + { + "category": "product_name", + "name": "Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product": { + "name": "Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8", + "product_identification_helper": { + "cpe": "cpe:/a:redhat:openshift_container_storage:4.8::el8" + } + } + }, + { + "category": "product_name", + "name": "Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product": { + "name": "Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7", + "product_identification_helper": { + "cpe": "cpe:/a:redhat:openshift_container_storage:4.7::el8" + } + } + } + ], + "category": "product_family", + "name": "Red Hat OpenShift Container Storage" + }, + { + "category": "product_version", + "name": "atomic-openshift", + "product": { + "name": "atomic-openshift", + "product_id": "atomic-openshift", + "product_identification_helper": { + "purl": "pkg:rpm/redhat/atomic-openshift?arch=src" + } + } + }, + { + "category": "product_version", + "name": "openshift", + "product": { + "name": "openshift", + "product_id": "openshift", + "product_identification_helper": { + "purl": "pkg:rpm/redhat/openshift?arch=src" + } + } + }, + { + "category": "product_version", + "name": "openshift4/ose-hyperkube", + "product": { + "name": "openshift4/ose-hyperkube", + "product_id": "openshift4/ose-hyperkube", + "product_identification_helper": { + "purl": "pkg:oci/openshift4/ose-hyperkube" + } + } + }, + { + "category": "product_version", + "name": "openshift-clients", + "product": { + "name": "openshift-clients", + "product_id": "openshift-clients", + "product_identification_helper": { + "purl": "pkg:rpm/redhat/openshift-clients?arch=src" + } + } + }, + { + "category": "product_version", + "name": "mcg", + "product": { + "name": "mcg", + "product_id": "mcg", + "product_identification_helper": { + "purl": "pkg:rpm/redhat/mcg?arch=src" + } + } + }, + { + "category": "product_version", + "name": "heketi", + "product": { + "name": "heketi", + "product_id": "heketi", + "product_identification_helper": { + "purl": "pkg:rpm/redhat/heketi?arch=src" + } + } + }, + { + "category": "product_version", + "name": "rhgs3/rhgs-gluster-block-prov-rhel7", + "product": { + "name": "rhgs3/rhgs-gluster-block-prov-rhel7", + "product_id": "rhgs3/rhgs-gluster-block-prov-rhel7", + "product_identification_helper": { + "purl": "pkg:oci/rhgs3/rhgs-gluster-block-prov-rhel7" + } + } + }, + { + "branches": [ + { + "category": "product_version", + "name": "odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64", + "product": { + "name": "odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64", + "product_id": "odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64", + "product_identification_helper": { + "purl": "pkg:oci/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95?arch=amd64&repository_url=registry.redhat.io/odf4/cephcsi-rhel8&tag=4.9-164.57484e3.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64", + "product": { + "name": "odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64", + "product_id": "odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64", + "product_identification_helper": { + "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8&tag=4.9-257.4181add.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64", + "product": { + "name": "odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64", + "product_id": "odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64", + "product_identification_helper": { + "purl": "pkg:oci/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=4.9.0-5" + } + } + }, + { + "category": "product_version", + "name": "odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64", + "product": { + "name": "odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64", + "product_id": "odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64", + "product_identification_helper": { + "purl": "pkg:oci/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479?arch=amd64&repository_url=registry.redhat.io/odf4/ocs-rhel8-operator&tag=4.9-257.4181add.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64", + "product": { + "name": "odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64", + "product_id": "odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64", + "product_identification_helper": { + "purl": "pkg:oci/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181?arch=amd64&repository_url=registry.redhat.io/odf4/odf-console-rhel8&tag=4.9-39.0f2fa23.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64", + "product": { + "name": "odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64", + "product_id": "odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64", + "product_identification_helper": { + "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=4.9.0-5" + } + } + }, + { + "category": "product_version", + "name": "odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "product": { + "name": "odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "product_id": "odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "product_identification_helper": { + "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d?arch=amd64&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator&tag=4.9-30.007b3d8.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "product": { + "name": "odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "product_id": "odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "product_identification_helper": { + "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d?arch=amd64&repository_url=registry.redhat.io/odf/odf-multicluster-rhel8-operator&tag=4.9-30.007b3d8.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64", + "product": { + "name": "odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64", + "product_id": "odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64", + "product_identification_helper": { + "purl": "pkg:oci/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948?arch=amd64&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=4.9.0-5" + } + } + }, + { + "category": "product_version", + "name": "odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64", + "product": { + "name": "odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64", + "product_id": "odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64", + "product_identification_helper": { + "purl": "pkg:oci/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13?arch=amd64&repository_url=registry.redhat.io/odf4/odf-rhel8-operator&tag=4.9-59.c8bbc1f.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64", + "product": { + "name": "odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64", + "product_id": "odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64", + "product_identification_helper": { + "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5?arch=amd64&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=4.9.0-5" + } + } + }, + { + "category": "product_version", + "name": "odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64", + "product": { + "name": "odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64", + "product_id": "odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64", + "product_identification_helper": { + "purl": "pkg:oci/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16?arch=amd64&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=4.9.0-5" + } + } + }, + { + "category": "product_version", + "name": "odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64", + "product": { + "name": "odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64", + "product_id": "odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64", + "product_identification_helper": { + "purl": "pkg:oci/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d?arch=amd64&repository_url=registry.redhat.io/odf4/odr-rhel8-operator&tag=4.9-27.3d037cc.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64", + "product": { + "name": "odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64", + "product_id": "odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64", + "product_identification_helper": { + "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4?arch=amd64&repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator&tag=4.9-219.c3f67c6.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64", + "product": { + "name": "odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64", + "product_id": "odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64", + "product_identification_helper": { + "purl": "pkg:oci/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336?arch=amd64&repository_url=registry.redhat.io/odf4/volume-replication-rhel8-operator&tag=4.9-28.82f68db.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "ocs4/cephcsi-rhel8@sha256:1819cba5b8d43c37d8b4521ffe5cbd59bd54be42953a08380cd709eb45fa0cd7_amd64", + "product": { + "name": "ocs4/cephcsi-rhel8@sha256:1819cba5b8d43c37d8b4521ffe5cbd59bd54be42953a08380cd709eb45fa0cd7_amd64", + "product_id": "ocs4/cephcsi-rhel8@sha256:1819cba5b8d43c37d8b4521ffe5cbd59bd54be42953a08380cd709eb45fa0cd7_amd64", + "product_identification_helper": { + "purl": "pkg:oci/cephcsi-rhel8@sha256:1819cba5b8d43c37d8b4521ffe5cbd59bd54be42953a08380cd709eb45fa0cd7?arch=amd64&repository_url=registry.redhat.io/ocs4/cephcsi-rhel8&tag=4.8-125.01872cc.release_4.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/mcg-core-rhel8@sha256:3c805f5f71b7fbc3d77f05e0eb04a242ee277ded61121a2f78f58a6f2e3d6239_amd64", + "product": { + "name": "ocs4/mcg-core-rhel8@sha256:3c805f5f71b7fbc3d77f05e0eb04a242ee277ded61121a2f78f58a6f2e3d6239_amd64", + "product_id": "ocs4/mcg-core-rhel8@sha256:3c805f5f71b7fbc3d77f05e0eb04a242ee277ded61121a2f78f58a6f2e3d6239_amd64", + "product_identification_helper": { + "purl": "pkg:oci/mcg-core-rhel8@sha256:3c805f5f71b7fbc3d77f05e0eb04a242ee277ded61121a2f78f58a6f2e3d6239?arch=amd64&repository_url=registry.redhat.io/ocs4/mcg-core-rhel8&tag=5.8.0-38.e060925.5.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/mcg-rhel8-operator@sha256:260bc0e079e4d8e7d29c0480f6a70278709f27a12cd70bb2fb9cbe6334af3333_amd64", + "product": { + "name": "ocs4/mcg-rhel8-operator@sha256:260bc0e079e4d8e7d29c0480f6a70278709f27a12cd70bb2fb9cbe6334af3333_amd64", + "product_id": "ocs4/mcg-rhel8-operator@sha256:260bc0e079e4d8e7d29c0480f6a70278709f27a12cd70bb2fb9cbe6334af3333_amd64", + "product_identification_helper": { + "purl": "pkg:oci/mcg-rhel8-operator@sha256:260bc0e079e4d8e7d29c0480f6a70278709f27a12cd70bb2fb9cbe6334af3333?arch=amd64&repository_url=registry.redhat.io/ocs4/mcg-rhel8-operator&tag=5.8.0-27.4a6ca5f.5.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-must-gather-rhel8@sha256:180ca4c2ca1f8bfd59251ef37dc6f0b0c6f6b651383dad7a34ef67c0374617f5_amd64", + "product": { + "name": "ocs4/ocs-must-gather-rhel8@sha256:180ca4c2ca1f8bfd59251ef37dc6f0b0c6f6b651383dad7a34ef67c0374617f5_amd64", + "product_id": "ocs4/ocs-must-gather-rhel8@sha256:180ca4c2ca1f8bfd59251ef37dc6f0b0c6f6b651383dad7a34ef67c0374617f5_amd64", + "product_identification_helper": { + "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:180ca4c2ca1f8bfd59251ef37dc6f0b0c6f6b651383dad7a34ef67c0374617f5?arch=amd64&repository_url=registry.redhat.io/ocs4/ocs-must-gather-rhel8&tag=4.8-196.a35d7d7.release_4.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-operator-bundle@sha256:91515bf10db2c19a059a16e4df1a331f4b919f2eb1ab11d2a09d054f38fe1fc7_amd64", + "product": { + "name": "ocs4/ocs-operator-bundle@sha256:91515bf10db2c19a059a16e4df1a331f4b919f2eb1ab11d2a09d054f38fe1fc7_amd64", + "product_id": "ocs4/ocs-operator-bundle@sha256:91515bf10db2c19a059a16e4df1a331f4b919f2eb1ab11d2a09d054f38fe1fc7_amd64", + "product_identification_helper": { + "purl": "pkg:oci/ocs-operator-bundle@sha256:91515bf10db2c19a059a16e4df1a331f4b919f2eb1ab11d2a09d054f38fe1fc7?arch=amd64&repository_url=registry.redhat.io/ocs4/ocs-operator-bundle&tag=4.8.0-5" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-rhel8-operator@sha256:8e6d5a070f6be7ee8558d4629483af9bae4259d78fe677d5855b75317939621f_amd64", + "product": { + "name": "ocs4/ocs-rhel8-operator@sha256:8e6d5a070f6be7ee8558d4629483af9bae4259d78fe677d5855b75317939621f_amd64", + "product_id": "ocs4/ocs-rhel8-operator@sha256:8e6d5a070f6be7ee8558d4629483af9bae4259d78fe677d5855b75317939621f_amd64", + "product_identification_helper": { + "purl": "pkg:oci/ocs-rhel8-operator@sha256:8e6d5a070f6be7ee8558d4629483af9bae4259d78fe677d5855b75317939621f?arch=amd64&repository_url=registry.redhat.io/ocs4/ocs-rhel8-operator&tag=4.8-196.a35d7d7.release_4.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/rook-ceph-rhel8-operator@sha256:19b8b9aa50c96c9b8ee26d3f1778fa3394ec7e042f81a6eef593b003622fa6f8_amd64", + "product": { + "name": "ocs4/rook-ceph-rhel8-operator@sha256:19b8b9aa50c96c9b8ee26d3f1778fa3394ec7e042f81a6eef593b003622fa6f8_amd64", + "product_id": "ocs4/rook-ceph-rhel8-operator@sha256:19b8b9aa50c96c9b8ee26d3f1778fa3394ec7e042f81a6eef593b003622fa6f8_amd64", + "product_identification_helper": { + "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:19b8b9aa50c96c9b8ee26d3f1778fa3394ec7e042f81a6eef593b003622fa6f8?arch=amd64&repository_url=registry.redhat.io/ocs4/rook-ceph-rhel8-operator&tag=4.8-167.9a9db5f.release_4.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/volume-replication-rhel8-operator@sha256:45210e36c8bb62080cb96c7a9aaefffa22e8749bfbe0e2e3f66b7d36e3f40b3f_amd64", + "product": { + "name": "ocs4/volume-replication-rhel8-operator@sha256:45210e36c8bb62080cb96c7a9aaefffa22e8749bfbe0e2e3f66b7d36e3f40b3f_amd64", + "product_id": "ocs4/volume-replication-rhel8-operator@sha256:45210e36c8bb62080cb96c7a9aaefffa22e8749bfbe0e2e3f66b7d36e3f40b3f_amd64", + "product_identification_helper": { + "purl": "pkg:oci/volume-replication-rhel8-operator@sha256:45210e36c8bb62080cb96c7a9aaefffa22e8749bfbe0e2e3f66b7d36e3f40b3f?arch=amd64&repository_url=registry.redhat.io/ocs4/volume-replication-rhel8-operator&tag=4.8-20.ab575a2.release_v0.1" + } + } + }, + { + "category": "product_version", + "name": "ocs4/cephcsi-rhel8@sha256:ac0ed0ba8ef78e3b46dcf6936f7d97ac4c0f85ac596f263880b56a12dac36234_amd64", + "product": { + "name": "ocs4/cephcsi-rhel8@sha256:ac0ed0ba8ef78e3b46dcf6936f7d97ac4c0f85ac596f263880b56a12dac36234_amd64", + "product_id": "ocs4/cephcsi-rhel8@sha256:ac0ed0ba8ef78e3b46dcf6936f7d97ac4c0f85ac596f263880b56a12dac36234_amd64", + "product_identification_helper": { + "purl": "pkg:oci/cephcsi-rhel8@sha256:ac0ed0ba8ef78e3b46dcf6936f7d97ac4c0f85ac596f263880b56a12dac36234?arch=amd64&repository_url=registry.redhat.io/ocs4/cephcsi-rhel8&tag=4.7-102.5c44836.release_4.7" + } + } + }, + { + "category": "product_version", + "name": "ocs4/mcg-core-rhel8@sha256:5b1046b56cd5d7cbde64a3cfce800b76b3bd7fb0f535ac2382e97eb8fc93314c_amd64", + "product": { + "name": "ocs4/mcg-core-rhel8@sha256:5b1046b56cd5d7cbde64a3cfce800b76b3bd7fb0f535ac2382e97eb8fc93314c_amd64", + "product_id": "ocs4/mcg-core-rhel8@sha256:5b1046b56cd5d7cbde64a3cfce800b76b3bd7fb0f535ac2382e97eb8fc93314c_amd64", + "product_identification_helper": { + "purl": "pkg:oci/mcg-core-rhel8@sha256:5b1046b56cd5d7cbde64a3cfce800b76b3bd7fb0f535ac2382e97eb8fc93314c?arch=amd64&repository_url=registry.redhat.io/ocs4/mcg-core-rhel8&tag=5.7.0-60.2c1fdb0.5.7" + } + } + }, + { + "category": "product_version", + "name": "ocs4/mcg-rhel8-operator@sha256:21e57d86bcf007a70bc5e14ff5f0380a1ea26c4d2d2cdf191e9289d04b1f06e7_amd64", + "product": { + "name": "ocs4/mcg-rhel8-operator@sha256:21e57d86bcf007a70bc5e14ff5f0380a1ea26c4d2d2cdf191e9289d04b1f06e7_amd64", + "product_id": "ocs4/mcg-rhel8-operator@sha256:21e57d86bcf007a70bc5e14ff5f0380a1ea26c4d2d2cdf191e9289d04b1f06e7_amd64", + "product_identification_helper": { + "purl": "pkg:oci/mcg-rhel8-operator@sha256:21e57d86bcf007a70bc5e14ff5f0380a1ea26c4d2d2cdf191e9289d04b1f06e7?arch=amd64&repository_url=registry.redhat.io/ocs4/mcg-rhel8-operator&tag=5.7.0-69.85e2026.5.7" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-must-gather-rhel8@sha256:ca93487e2344a02ab4da0eb010608082134c7e136f2b3cfa51a2d04b10313b3c_amd64", + "product": { + "name": "ocs4/ocs-must-gather-rhel8@sha256:ca93487e2344a02ab4da0eb010608082134c7e136f2b3cfa51a2d04b10313b3c_amd64", + "product_id": "ocs4/ocs-must-gather-rhel8@sha256:ca93487e2344a02ab4da0eb010608082134c7e136f2b3cfa51a2d04b10313b3c_amd64", + "product_identification_helper": { + "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:ca93487e2344a02ab4da0eb010608082134c7e136f2b3cfa51a2d04b10313b3c?arch=amd64&repository_url=registry.redhat.io/ocs4/ocs-must-gather-rhel8&tag=4.7-174.7f14177.release_4.7" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-operator-bundle@sha256:70c98f7353bd302c55e6fa2f51cb4385309aafeb4a2901c94b44cee2846679fc_amd64", + "product": { + "name": "ocs4/ocs-operator-bundle@sha256:70c98f7353bd302c55e6fa2f51cb4385309aafeb4a2901c94b44cee2846679fc_amd64", + "product_id": "ocs4/ocs-operator-bundle@sha256:70c98f7353bd302c55e6fa2f51cb4385309aafeb4a2901c94b44cee2846679fc_amd64", + "product_identification_helper": { + "purl": "pkg:oci/ocs-operator-bundle@sha256:70c98f7353bd302c55e6fa2f51cb4385309aafeb4a2901c94b44cee2846679fc?arch=amd64&repository_url=registry.redhat.io/ocs4/ocs-operator-bundle&tag=4.7.0-11" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-rhel8-operator@sha256:f6319e4d6e32109deeaebe4d99cc18fd5a272c0655ba73fe2521ca63981efba6_amd64", + "product": { + "name": "ocs4/ocs-rhel8-operator@sha256:f6319e4d6e32109deeaebe4d99cc18fd5a272c0655ba73fe2521ca63981efba6_amd64", + "product_id": "ocs4/ocs-rhel8-operator@sha256:f6319e4d6e32109deeaebe4d99cc18fd5a272c0655ba73fe2521ca63981efba6_amd64", + "product_identification_helper": { + "purl": "pkg:oci/ocs-rhel8-operator@sha256:f6319e4d6e32109deeaebe4d99cc18fd5a272c0655ba73fe2521ca63981efba6?arch=amd64&repository_url=registry.redhat.io/ocs4/ocs-rhel8-operator&tag=4.7-174.7f14177.release_4.7" + } + } + }, + { + "category": "product_version", + "name": "ocs4/rook-ceph-rhel8-operator@sha256:de99a6b3cefa44dd22c637cfa2fb54c60d2b0e14970466cea19979e2e59668c7_amd64", + "product": { + "name": "ocs4/rook-ceph-rhel8-operator@sha256:de99a6b3cefa44dd22c637cfa2fb54c60d2b0e14970466cea19979e2e59668c7_amd64", + "product_id": "ocs4/rook-ceph-rhel8-operator@sha256:de99a6b3cefa44dd22c637cfa2fb54c60d2b0e14970466cea19979e2e59668c7_amd64", + "product_identification_helper": { + "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:de99a6b3cefa44dd22c637cfa2fb54c60d2b0e14970466cea19979e2e59668c7?arch=amd64&repository_url=registry.redhat.io/ocs4/rook-ceph-rhel8-operator&tag=4.7-140.49a6fcf.release_4.7" + } + } + } + ], + "category": "architecture", + "name": "amd64" + }, + { + "branches": [ + { + "category": "product_version", + "name": "odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le", + "product": { + "name": "odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le", + "product_id": "odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849?arch=ppc64le&repository_url=registry.redhat.io/odf4/cephcsi-rhel8&tag=4.9-164.57484e3.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le", + "product": { + "name": "odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le", + "product_id": "odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8&tag=4.9-257.4181add.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le", + "product": { + "name": "odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le", + "product_id": "odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=4.9.0-5" + } + } + }, + { + "category": "product_version", + "name": "odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le", + "product": { + "name": "odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le", + "product_id": "odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb?arch=ppc64le&repository_url=registry.redhat.io/odf4/ocs-rhel8-operator&tag=4.9-257.4181add.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le", + "product": { + "name": "odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le", + "product_id": "odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-console-rhel8&tag=4.9-39.0f2fa23.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le", + "product": { + "name": "odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le", + "product_id": "odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=4.9.0-5" + } + } + }, + { + "category": "product_version", + "name": "odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "product": { + "name": "odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "product_id": "odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator&tag=4.9-30.007b3d8.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "product": { + "name": "odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "product_id": "odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039?arch=ppc64le&repository_url=registry.redhat.io/odf/odf-multicluster-rhel8-operator&tag=4.9-30.007b3d8.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le", + "product": { + "name": "odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le", + "product_id": "odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=4.9.0-5" + } + } + }, + { + "category": "product_version", + "name": "odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le", + "product": { + "name": "odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le", + "product_id": "odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff?arch=ppc64le&repository_url=registry.redhat.io/odf4/odf-rhel8-operator&tag=4.9-59.c8bbc1f.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le", + "product": { + "name": "odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le", + "product_id": "odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=4.9.0-5" + } + } + }, + { + "category": "product_version", + "name": "odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le", + "product": { + "name": "odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le", + "product_id": "odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=4.9.0-5" + } + } + }, + { + "category": "product_version", + "name": "odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le", + "product": { + "name": "odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le", + "product_id": "odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb?arch=ppc64le&repository_url=registry.redhat.io/odf4/odr-rhel8-operator&tag=4.9-27.3d037cc.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le", + "product": { + "name": "odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le", + "product_id": "odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab?arch=ppc64le&repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator&tag=4.9-219.c3f67c6.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le", + "product": { + "name": "odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le", + "product_id": "odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927?arch=ppc64le&repository_url=registry.redhat.io/odf4/volume-replication-rhel8-operator&tag=4.9-28.82f68db.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "mcg-0:5.9.0-28.61dcf87.5.9.el8.ppc64le", + "product": { + "name": "mcg-0:5.9.0-28.61dcf87.5.9.el8.ppc64le", + "product_id": "mcg-0:5.9.0-28.61dcf87.5.9.el8.ppc64le", + "product_identification_helper": { + "purl": "pkg:rpm/redhat/mcg@5.9.0-28.61dcf87.5.9.el8?arch=ppc64le" + } + } + }, + { + "category": "product_version", + "name": "ocs4/cephcsi-rhel8@sha256:fd09ea1209f059743c68f8c5a6d96bf0d194382e596281b7a79eebc75cae8781_ppc64le", + "product": { + "name": "ocs4/cephcsi-rhel8@sha256:fd09ea1209f059743c68f8c5a6d96bf0d194382e596281b7a79eebc75cae8781_ppc64le", + "product_id": "ocs4/cephcsi-rhel8@sha256:fd09ea1209f059743c68f8c5a6d96bf0d194382e596281b7a79eebc75cae8781_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/cephcsi-rhel8@sha256:fd09ea1209f059743c68f8c5a6d96bf0d194382e596281b7a79eebc75cae8781?arch=ppc64le&repository_url=registry.redhat.io/ocs4/cephcsi-rhel8&tag=4.8-125.01872cc.release_4.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/mcg-core-rhel8@sha256:a35b39d108c85722af235fa856c239a4f9c16a6c60664d91672c680e3fd1e735_ppc64le", + "product": { + "name": "ocs4/mcg-core-rhel8@sha256:a35b39d108c85722af235fa856c239a4f9c16a6c60664d91672c680e3fd1e735_ppc64le", + "product_id": "ocs4/mcg-core-rhel8@sha256:a35b39d108c85722af235fa856c239a4f9c16a6c60664d91672c680e3fd1e735_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/mcg-core-rhel8@sha256:a35b39d108c85722af235fa856c239a4f9c16a6c60664d91672c680e3fd1e735?arch=ppc64le&repository_url=registry.redhat.io/ocs4/mcg-core-rhel8&tag=5.8.0-38.e060925.5.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/mcg-rhel8-operator@sha256:aa285fae19902f0fe3aa80f17024ffeba8b3cff017b4e5c02e220cbd80c06973_ppc64le", + "product": { + "name": "ocs4/mcg-rhel8-operator@sha256:aa285fae19902f0fe3aa80f17024ffeba8b3cff017b4e5c02e220cbd80c06973_ppc64le", + "product_id": "ocs4/mcg-rhel8-operator@sha256:aa285fae19902f0fe3aa80f17024ffeba8b3cff017b4e5c02e220cbd80c06973_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/mcg-rhel8-operator@sha256:aa285fae19902f0fe3aa80f17024ffeba8b3cff017b4e5c02e220cbd80c06973?arch=ppc64le&repository_url=registry.redhat.io/ocs4/mcg-rhel8-operator&tag=5.8.0-27.4a6ca5f.5.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-must-gather-rhel8@sha256:2c24b0616e961f1c95fe84abccc01ab79d91f8cc2add3035c2821c0fd49ee675_ppc64le", + "product": { + "name": "ocs4/ocs-must-gather-rhel8@sha256:2c24b0616e961f1c95fe84abccc01ab79d91f8cc2add3035c2821c0fd49ee675_ppc64le", + "product_id": "ocs4/ocs-must-gather-rhel8@sha256:2c24b0616e961f1c95fe84abccc01ab79d91f8cc2add3035c2821c0fd49ee675_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:2c24b0616e961f1c95fe84abccc01ab79d91f8cc2add3035c2821c0fd49ee675?arch=ppc64le&repository_url=registry.redhat.io/ocs4/ocs-must-gather-rhel8&tag=4.8-196.a35d7d7.release_4.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-operator-bundle@sha256:851d87a64e1e9f4777791b20fc6c7e4252e779f79d3ecc09bd7af3f9395de771_ppc64le", + "product": { + "name": "ocs4/ocs-operator-bundle@sha256:851d87a64e1e9f4777791b20fc6c7e4252e779f79d3ecc09bd7af3f9395de771_ppc64le", + "product_id": "ocs4/ocs-operator-bundle@sha256:851d87a64e1e9f4777791b20fc6c7e4252e779f79d3ecc09bd7af3f9395de771_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/ocs-operator-bundle@sha256:851d87a64e1e9f4777791b20fc6c7e4252e779f79d3ecc09bd7af3f9395de771?arch=ppc64le&repository_url=registry.redhat.io/ocs4/ocs-operator-bundle&tag=4.8.0-5" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-rhel8-operator@sha256:b8f2788c69ac85df91ddc16c9e3d228e638b4deafb5227be521ae343d3010baa_ppc64le", + "product": { + "name": "ocs4/ocs-rhel8-operator@sha256:b8f2788c69ac85df91ddc16c9e3d228e638b4deafb5227be521ae343d3010baa_ppc64le", + "product_id": "ocs4/ocs-rhel8-operator@sha256:b8f2788c69ac85df91ddc16c9e3d228e638b4deafb5227be521ae343d3010baa_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/ocs-rhel8-operator@sha256:b8f2788c69ac85df91ddc16c9e3d228e638b4deafb5227be521ae343d3010baa?arch=ppc64le&repository_url=registry.redhat.io/ocs4/ocs-rhel8-operator&tag=4.8-196.a35d7d7.release_4.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/rook-ceph-rhel8-operator@sha256:ed689445f56e7e50d872f2e0b0d61bdf4c08d4bd34daf246ff49648d3f5a298d_ppc64le", + "product": { + "name": "ocs4/rook-ceph-rhel8-operator@sha256:ed689445f56e7e50d872f2e0b0d61bdf4c08d4bd34daf246ff49648d3f5a298d_ppc64le", + "product_id": "ocs4/rook-ceph-rhel8-operator@sha256:ed689445f56e7e50d872f2e0b0d61bdf4c08d4bd34daf246ff49648d3f5a298d_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:ed689445f56e7e50d872f2e0b0d61bdf4c08d4bd34daf246ff49648d3f5a298d?arch=ppc64le&repository_url=registry.redhat.io/ocs4/rook-ceph-rhel8-operator&tag=4.8-167.9a9db5f.release_4.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/volume-replication-rhel8-operator@sha256:c33567da3a51dc79c490f635b201359c41391aae1fcc071ea6b6862f344e6784_ppc64le", + "product": { + "name": "ocs4/volume-replication-rhel8-operator@sha256:c33567da3a51dc79c490f635b201359c41391aae1fcc071ea6b6862f344e6784_ppc64le", + "product_id": "ocs4/volume-replication-rhel8-operator@sha256:c33567da3a51dc79c490f635b201359c41391aae1fcc071ea6b6862f344e6784_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/volume-replication-rhel8-operator@sha256:c33567da3a51dc79c490f635b201359c41391aae1fcc071ea6b6862f344e6784?arch=ppc64le&repository_url=registry.redhat.io/ocs4/volume-replication-rhel8-operator&tag=4.8-20.ab575a2.release_v0.1" + } + } + }, + { + "category": "product_version", + "name": "ocs4/cephcsi-rhel8@sha256:779479e90095b760fdca7da317aaf09f76b453aa262bd3c1ac0f41f7af483a2d_ppc64le", + "product": { + "name": "ocs4/cephcsi-rhel8@sha256:779479e90095b760fdca7da317aaf09f76b453aa262bd3c1ac0f41f7af483a2d_ppc64le", + "product_id": "ocs4/cephcsi-rhel8@sha256:779479e90095b760fdca7da317aaf09f76b453aa262bd3c1ac0f41f7af483a2d_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/cephcsi-rhel8@sha256:779479e90095b760fdca7da317aaf09f76b453aa262bd3c1ac0f41f7af483a2d?arch=ppc64le&repository_url=registry.redhat.io/ocs4/cephcsi-rhel8&tag=4.7-102.5c44836.release_4.7" + } + } + }, + { + "category": "product_version", + "name": "ocs4/mcg-core-rhel8@sha256:22037eb4c589c5ccf921cd15bb3c82d75fac298d2b53344575c2af7c22d5353c_ppc64le", + "product": { + "name": "ocs4/mcg-core-rhel8@sha256:22037eb4c589c5ccf921cd15bb3c82d75fac298d2b53344575c2af7c22d5353c_ppc64le", + "product_id": "ocs4/mcg-core-rhel8@sha256:22037eb4c589c5ccf921cd15bb3c82d75fac298d2b53344575c2af7c22d5353c_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/mcg-core-rhel8@sha256:22037eb4c589c5ccf921cd15bb3c82d75fac298d2b53344575c2af7c22d5353c?arch=ppc64le&repository_url=registry.redhat.io/ocs4/mcg-core-rhel8&tag=5.7.0-60.2c1fdb0.5.7" + } + } + }, + { + "category": "product_version", + "name": "ocs4/mcg-rhel8-operator@sha256:bae35f5a3ac521dedd50d8852920f99a3f1c94d1a31a51856eefa24e94516142_ppc64le", + "product": { + "name": "ocs4/mcg-rhel8-operator@sha256:bae35f5a3ac521dedd50d8852920f99a3f1c94d1a31a51856eefa24e94516142_ppc64le", + "product_id": "ocs4/mcg-rhel8-operator@sha256:bae35f5a3ac521dedd50d8852920f99a3f1c94d1a31a51856eefa24e94516142_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/mcg-rhel8-operator@sha256:bae35f5a3ac521dedd50d8852920f99a3f1c94d1a31a51856eefa24e94516142?arch=ppc64le&repository_url=registry.redhat.io/ocs4/mcg-rhel8-operator&tag=5.7.0-69.85e2026.5.7" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-must-gather-rhel8@sha256:5e4df11fa489a5aa7a03ff3983c9a35143e3a76667ea652c39b499dbacb9a11d_ppc64le", + "product": { + "name": "ocs4/ocs-must-gather-rhel8@sha256:5e4df11fa489a5aa7a03ff3983c9a35143e3a76667ea652c39b499dbacb9a11d_ppc64le", + "product_id": "ocs4/ocs-must-gather-rhel8@sha256:5e4df11fa489a5aa7a03ff3983c9a35143e3a76667ea652c39b499dbacb9a11d_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:5e4df11fa489a5aa7a03ff3983c9a35143e3a76667ea652c39b499dbacb9a11d?arch=ppc64le&repository_url=registry.redhat.io/ocs4/ocs-must-gather-rhel8&tag=4.7-174.7f14177.release_4.7" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-operator-bundle@sha256:97f334a7c2d147e0cfded896355f7406bd2c893783011e345dbcb474850d0047_ppc64le", + "product": { + "name": "ocs4/ocs-operator-bundle@sha256:97f334a7c2d147e0cfded896355f7406bd2c893783011e345dbcb474850d0047_ppc64le", + "product_id": "ocs4/ocs-operator-bundle@sha256:97f334a7c2d147e0cfded896355f7406bd2c893783011e345dbcb474850d0047_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/ocs-operator-bundle@sha256:97f334a7c2d147e0cfded896355f7406bd2c893783011e345dbcb474850d0047?arch=ppc64le&repository_url=registry.redhat.io/ocs4/ocs-operator-bundle&tag=4.7.0-11" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-rhel8-operator@sha256:7dca985a1723e1c2169124a70182fd29a633ac7b9e9fa28ae24635e203003bc6_ppc64le", + "product": { + "name": "ocs4/ocs-rhel8-operator@sha256:7dca985a1723e1c2169124a70182fd29a633ac7b9e9fa28ae24635e203003bc6_ppc64le", + "product_id": "ocs4/ocs-rhel8-operator@sha256:7dca985a1723e1c2169124a70182fd29a633ac7b9e9fa28ae24635e203003bc6_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/ocs-rhel8-operator@sha256:7dca985a1723e1c2169124a70182fd29a633ac7b9e9fa28ae24635e203003bc6?arch=ppc64le&repository_url=registry.redhat.io/ocs4/ocs-rhel8-operator&tag=4.7-174.7f14177.release_4.7" + } + } + }, + { + "category": "product_version", + "name": "ocs4/rook-ceph-rhel8-operator@sha256:e25dc5fd74d37ea3b00898557b71cdefc7d508e748bfb230e18db7c2e3d526f4_ppc64le", + "product": { + "name": "ocs4/rook-ceph-rhel8-operator@sha256:e25dc5fd74d37ea3b00898557b71cdefc7d508e748bfb230e18db7c2e3d526f4_ppc64le", + "product_id": "ocs4/rook-ceph-rhel8-operator@sha256:e25dc5fd74d37ea3b00898557b71cdefc7d508e748bfb230e18db7c2e3d526f4_ppc64le", + "product_identification_helper": { + "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:e25dc5fd74d37ea3b00898557b71cdefc7d508e748bfb230e18db7c2e3d526f4?arch=ppc64le&repository_url=registry.redhat.io/ocs4/rook-ceph-rhel8-operator&tag=4.7-140.49a6fcf.release_4.7" + } + } + } + ], + "category": "architecture", + "name": "ppc64le" + }, + { + "branches": [ + { + "category": "product_version", + "name": "odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x", + "product": { + "name": "odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x", + "product_id": "odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x", + "product_identification_helper": { + "purl": "pkg:oci/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745?arch=s390x&repository_url=registry.redhat.io/odf4/cephcsi-rhel8&tag=4.9-164.57484e3.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x", + "product": { + "name": "odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x", + "product_id": "odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x", + "product_identification_helper": { + "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8&tag=4.9-257.4181add.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x", + "product": { + "name": "odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x", + "product_id": "odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x", + "product_identification_helper": { + "purl": "pkg:oci/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-operator-bundle&tag=4.9.0-5" + } + } + }, + { + "category": "product_version", + "name": "odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x", + "product": { + "name": "odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x", + "product_id": "odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x", + "product_identification_helper": { + "purl": "pkg:oci/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c?arch=s390x&repository_url=registry.redhat.io/odf4/ocs-rhel8-operator&tag=4.9-257.4181add.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x", + "product": { + "name": "odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x", + "product_id": "odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x", + "product_identification_helper": { + "purl": "pkg:oci/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3?arch=s390x&repository_url=registry.redhat.io/odf4/odf-console-rhel8&tag=4.9-39.0f2fa23.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x", + "product": { + "name": "odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x", + "product_id": "odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x", + "product_identification_helper": { + "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle&tag=4.9.0-5" + } + } + }, + { + "category": "product_version", + "name": "odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "product": { + "name": "odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "product_id": "odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "product_identification_helper": { + "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb?arch=s390x&repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator&tag=4.9-30.007b3d8.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "product": { + "name": "odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "product_id": "odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "product_identification_helper": { + "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb?arch=s390x&repository_url=registry.redhat.io/odf/odf-multicluster-rhel8-operator&tag=4.9-30.007b3d8.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x", + "product": { + "name": "odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x", + "product_id": "odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x", + "product_identification_helper": { + "purl": "pkg:oci/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220?arch=s390x&repository_url=registry.redhat.io/odf4/odf-operator-bundle&tag=4.9.0-5" + } + } + }, + { + "category": "product_version", + "name": "odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x", + "product": { + "name": "odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x", + "product_id": "odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x", + "product_identification_helper": { + "purl": "pkg:oci/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e?arch=s390x&repository_url=registry.redhat.io/odf4/odf-rhel8-operator&tag=4.9-59.c8bbc1f.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x", + "product": { + "name": "odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x", + "product_id": "odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x", + "product_identification_helper": { + "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7?arch=s390x&repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle&tag=4.9.0-5" + } + } + }, + { + "category": "product_version", + "name": "odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x", + "product": { + "name": "odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x", + "product_id": "odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x", + "product_identification_helper": { + "purl": "pkg:oci/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db?arch=s390x&repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle&tag=4.9.0-5" + } + } + }, + { + "category": "product_version", + "name": "odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x", + "product": { + "name": "odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x", + "product_id": "odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x", + "product_identification_helper": { + "purl": "pkg:oci/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1?arch=s390x&repository_url=registry.redhat.io/odf4/odr-rhel8-operator&tag=4.9-27.3d037cc.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x", + "product": { + "name": "odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x", + "product_id": "odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x", + "product_identification_helper": { + "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3?arch=s390x&repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator&tag=4.9-219.c3f67c6.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x", + "product": { + "name": "odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x", + "product_id": "odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x", + "product_identification_helper": { + "purl": "pkg:oci/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe?arch=s390x&repository_url=registry.redhat.io/odf4/volume-replication-rhel8-operator&tag=4.9-28.82f68db.release_4.9" + } + } + }, + { + "category": "product_version", + "name": "mcg-0:5.9.0-28.61dcf87.5.9.el8.s390x", + "product": { + "name": "mcg-0:5.9.0-28.61dcf87.5.9.el8.s390x", + "product_id": "mcg-0:5.9.0-28.61dcf87.5.9.el8.s390x", + "product_identification_helper": { + "purl": "pkg:rpm/redhat/mcg@5.9.0-28.61dcf87.5.9.el8?arch=s390x" + } + } + }, + { + "category": "product_version", + "name": "ocs4/cephcsi-rhel8@sha256:a8b8bf6dbc9066e3e0357f2ee2280137fb4071b7410680c92df85ff3f61e3e71_s390x", + "product": { + "name": "ocs4/cephcsi-rhel8@sha256:a8b8bf6dbc9066e3e0357f2ee2280137fb4071b7410680c92df85ff3f61e3e71_s390x", + "product_id": "ocs4/cephcsi-rhel8@sha256:a8b8bf6dbc9066e3e0357f2ee2280137fb4071b7410680c92df85ff3f61e3e71_s390x", + "product_identification_helper": { + "purl": "pkg:oci/cephcsi-rhel8@sha256:a8b8bf6dbc9066e3e0357f2ee2280137fb4071b7410680c92df85ff3f61e3e71?arch=s390x&repository_url=registry.redhat.io/ocs4/cephcsi-rhel8&tag=4.8-125.01872cc.release_4.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/mcg-core-rhel8@sha256:0cb74e8ebd0ec62591a86497e2557e606c1eca91560a2c302442aafdee9d2ba3_s390x", + "product": { + "name": "ocs4/mcg-core-rhel8@sha256:0cb74e8ebd0ec62591a86497e2557e606c1eca91560a2c302442aafdee9d2ba3_s390x", + "product_id": "ocs4/mcg-core-rhel8@sha256:0cb74e8ebd0ec62591a86497e2557e606c1eca91560a2c302442aafdee9d2ba3_s390x", + "product_identification_helper": { + "purl": "pkg:oci/mcg-core-rhel8@sha256:0cb74e8ebd0ec62591a86497e2557e606c1eca91560a2c302442aafdee9d2ba3?arch=s390x&repository_url=registry.redhat.io/ocs4/mcg-core-rhel8&tag=5.8.0-38.e060925.5.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/mcg-rhel8-operator@sha256:76353560ad951875d5a031ccee8ffc13f6424b14f4f477b4ce6bbc71edbadc86_s390x", + "product": { + "name": "ocs4/mcg-rhel8-operator@sha256:76353560ad951875d5a031ccee8ffc13f6424b14f4f477b4ce6bbc71edbadc86_s390x", + "product_id": "ocs4/mcg-rhel8-operator@sha256:76353560ad951875d5a031ccee8ffc13f6424b14f4f477b4ce6bbc71edbadc86_s390x", + "product_identification_helper": { + "purl": "pkg:oci/mcg-rhel8-operator@sha256:76353560ad951875d5a031ccee8ffc13f6424b14f4f477b4ce6bbc71edbadc86?arch=s390x&repository_url=registry.redhat.io/ocs4/mcg-rhel8-operator&tag=5.8.0-27.4a6ca5f.5.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-must-gather-rhel8@sha256:cc4d487f0ed7beb0662489ffb48ed7ee1a7d95a08f2f959af3d2425a082e5d99_s390x", + "product": { + "name": "ocs4/ocs-must-gather-rhel8@sha256:cc4d487f0ed7beb0662489ffb48ed7ee1a7d95a08f2f959af3d2425a082e5d99_s390x", + "product_id": "ocs4/ocs-must-gather-rhel8@sha256:cc4d487f0ed7beb0662489ffb48ed7ee1a7d95a08f2f959af3d2425a082e5d99_s390x", + "product_identification_helper": { + "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:cc4d487f0ed7beb0662489ffb48ed7ee1a7d95a08f2f959af3d2425a082e5d99?arch=s390x&repository_url=registry.redhat.io/ocs4/ocs-must-gather-rhel8&tag=4.8-196.a35d7d7.release_4.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-operator-bundle@sha256:644bf5f6e364ba10268d76ee5919bd8f48a772644dba85612730e3792e0f4ea1_s390x", + "product": { + "name": "ocs4/ocs-operator-bundle@sha256:644bf5f6e364ba10268d76ee5919bd8f48a772644dba85612730e3792e0f4ea1_s390x", + "product_id": "ocs4/ocs-operator-bundle@sha256:644bf5f6e364ba10268d76ee5919bd8f48a772644dba85612730e3792e0f4ea1_s390x", + "product_identification_helper": { + "purl": "pkg:oci/ocs-operator-bundle@sha256:644bf5f6e364ba10268d76ee5919bd8f48a772644dba85612730e3792e0f4ea1?arch=s390x&repository_url=registry.redhat.io/ocs4/ocs-operator-bundle&tag=4.8.0-5" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-rhel8-operator@sha256:f7a29c6ef520ef1728ce6c1caeb84f6a4d7c8e3f2f46daf373403d34543df36f_s390x", + "product": { + "name": "ocs4/ocs-rhel8-operator@sha256:f7a29c6ef520ef1728ce6c1caeb84f6a4d7c8e3f2f46daf373403d34543df36f_s390x", + "product_id": "ocs4/ocs-rhel8-operator@sha256:f7a29c6ef520ef1728ce6c1caeb84f6a4d7c8e3f2f46daf373403d34543df36f_s390x", + "product_identification_helper": { + "purl": "pkg:oci/ocs-rhel8-operator@sha256:f7a29c6ef520ef1728ce6c1caeb84f6a4d7c8e3f2f46daf373403d34543df36f?arch=s390x&repository_url=registry.redhat.io/ocs4/ocs-rhel8-operator&tag=4.8-196.a35d7d7.release_4.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/rook-ceph-rhel8-operator@sha256:25682019c97995e63d466115157158f661c3e38c697a03ee2d488a04f2f4adec_s390x", + "product": { + "name": "ocs4/rook-ceph-rhel8-operator@sha256:25682019c97995e63d466115157158f661c3e38c697a03ee2d488a04f2f4adec_s390x", + "product_id": "ocs4/rook-ceph-rhel8-operator@sha256:25682019c97995e63d466115157158f661c3e38c697a03ee2d488a04f2f4adec_s390x", + "product_identification_helper": { + "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:25682019c97995e63d466115157158f661c3e38c697a03ee2d488a04f2f4adec?arch=s390x&repository_url=registry.redhat.io/ocs4/rook-ceph-rhel8-operator&tag=4.8-167.9a9db5f.release_4.8" + } + } + }, + { + "category": "product_version", + "name": "ocs4/volume-replication-rhel8-operator@sha256:695c55a8d65caf60e902b45afa80f59959d3a47c271150f9779b02e77f6c2068_s390x", + "product": { + "name": "ocs4/volume-replication-rhel8-operator@sha256:695c55a8d65caf60e902b45afa80f59959d3a47c271150f9779b02e77f6c2068_s390x", + "product_id": "ocs4/volume-replication-rhel8-operator@sha256:695c55a8d65caf60e902b45afa80f59959d3a47c271150f9779b02e77f6c2068_s390x", + "product_identification_helper": { + "purl": "pkg:oci/volume-replication-rhel8-operator@sha256:695c55a8d65caf60e902b45afa80f59959d3a47c271150f9779b02e77f6c2068?arch=s390x&repository_url=registry.redhat.io/ocs4/volume-replication-rhel8-operator&tag=4.8-20.ab575a2.release_v0.1" + } + } + }, + { + "category": "product_version", + "name": "ocs4/cephcsi-rhel8@sha256:c7b09f1114aa36be379a9f52b3f156499bcd31d7537f1235a364129d1382497c_s390x", + "product": { + "name": "ocs4/cephcsi-rhel8@sha256:c7b09f1114aa36be379a9f52b3f156499bcd31d7537f1235a364129d1382497c_s390x", + "product_id": "ocs4/cephcsi-rhel8@sha256:c7b09f1114aa36be379a9f52b3f156499bcd31d7537f1235a364129d1382497c_s390x", + "product_identification_helper": { + "purl": "pkg:oci/cephcsi-rhel8@sha256:c7b09f1114aa36be379a9f52b3f156499bcd31d7537f1235a364129d1382497c?arch=s390x&repository_url=registry.redhat.io/ocs4/cephcsi-rhel8&tag=4.7-102.5c44836.release_4.7" + } + } + }, + { + "category": "product_version", + "name": "ocs4/mcg-core-rhel8@sha256:725dd955d4a2a4c27405d7c0d3141384c1e5bb52276056bc7ab8a35d124dcc0e_s390x", + "product": { + "name": "ocs4/mcg-core-rhel8@sha256:725dd955d4a2a4c27405d7c0d3141384c1e5bb52276056bc7ab8a35d124dcc0e_s390x", + "product_id": "ocs4/mcg-core-rhel8@sha256:725dd955d4a2a4c27405d7c0d3141384c1e5bb52276056bc7ab8a35d124dcc0e_s390x", + "product_identification_helper": { + "purl": "pkg:oci/mcg-core-rhel8@sha256:725dd955d4a2a4c27405d7c0d3141384c1e5bb52276056bc7ab8a35d124dcc0e?arch=s390x&repository_url=registry.redhat.io/ocs4/mcg-core-rhel8&tag=5.7.0-60.2c1fdb0.5.7" + } + } + }, + { + "category": "product_version", + "name": "ocs4/mcg-rhel8-operator@sha256:94dccc304395df6d8b37f8371737646d07cf289f83b30c78c353e9a4dec05b76_s390x", + "product": { + "name": "ocs4/mcg-rhel8-operator@sha256:94dccc304395df6d8b37f8371737646d07cf289f83b30c78c353e9a4dec05b76_s390x", + "product_id": "ocs4/mcg-rhel8-operator@sha256:94dccc304395df6d8b37f8371737646d07cf289f83b30c78c353e9a4dec05b76_s390x", + "product_identification_helper": { + "purl": "pkg:oci/mcg-rhel8-operator@sha256:94dccc304395df6d8b37f8371737646d07cf289f83b30c78c353e9a4dec05b76?arch=s390x&repository_url=registry.redhat.io/ocs4/mcg-rhel8-operator&tag=5.7.0-69.85e2026.5.7" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-must-gather-rhel8@sha256:6512915dabeef1d170bd2a61339d6849c175082151bc2f273bef1036738456e0_s390x", + "product": { + "name": "ocs4/ocs-must-gather-rhel8@sha256:6512915dabeef1d170bd2a61339d6849c175082151bc2f273bef1036738456e0_s390x", + "product_id": "ocs4/ocs-must-gather-rhel8@sha256:6512915dabeef1d170bd2a61339d6849c175082151bc2f273bef1036738456e0_s390x", + "product_identification_helper": { + "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:6512915dabeef1d170bd2a61339d6849c175082151bc2f273bef1036738456e0?arch=s390x&repository_url=registry.redhat.io/ocs4/ocs-must-gather-rhel8&tag=4.7-174.7f14177.release_4.7" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-operator-bundle@sha256:bce44dc4b764b9b3e99d5d2cdc2242667195d6802ee1a5f1f692aa6e633e5660_s390x", + "product": { + "name": "ocs4/ocs-operator-bundle@sha256:bce44dc4b764b9b3e99d5d2cdc2242667195d6802ee1a5f1f692aa6e633e5660_s390x", + "product_id": "ocs4/ocs-operator-bundle@sha256:bce44dc4b764b9b3e99d5d2cdc2242667195d6802ee1a5f1f692aa6e633e5660_s390x", + "product_identification_helper": { + "purl": "pkg:oci/ocs-operator-bundle@sha256:bce44dc4b764b9b3e99d5d2cdc2242667195d6802ee1a5f1f692aa6e633e5660?arch=s390x&repository_url=registry.redhat.io/ocs4/ocs-operator-bundle&tag=4.7.0-11" + } + } + }, + { + "category": "product_version", + "name": "ocs4/ocs-rhel8-operator@sha256:e715a9a62462de6c45ca82a3acc5d622d2df12ce965d226eb0a90f1cbfa212c5_s390x", + "product": { + "name": "ocs4/ocs-rhel8-operator@sha256:e715a9a62462de6c45ca82a3acc5d622d2df12ce965d226eb0a90f1cbfa212c5_s390x", + "product_id": "ocs4/ocs-rhel8-operator@sha256:e715a9a62462de6c45ca82a3acc5d622d2df12ce965d226eb0a90f1cbfa212c5_s390x", + "product_identification_helper": { + "purl": "pkg:oci/ocs-rhel8-operator@sha256:e715a9a62462de6c45ca82a3acc5d622d2df12ce965d226eb0a90f1cbfa212c5?arch=s390x&repository_url=registry.redhat.io/ocs4/ocs-rhel8-operator&tag=4.7-174.7f14177.release_4.7" + } + } + }, + { + "category": "product_version", + "name": "ocs4/rook-ceph-rhel8-operator@sha256:1c57a22591b2277403200cf3e254badcc827416fc01efabfd12c03c265a491b2_s390x", + "product": { + "name": "ocs4/rook-ceph-rhel8-operator@sha256:1c57a22591b2277403200cf3e254badcc827416fc01efabfd12c03c265a491b2_s390x", + "product_id": "ocs4/rook-ceph-rhel8-operator@sha256:1c57a22591b2277403200cf3e254badcc827416fc01efabfd12c03c265a491b2_s390x", + "product_identification_helper": { + "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:1c57a22591b2277403200cf3e254badcc827416fc01efabfd12c03c265a491b2?arch=s390x&repository_url=registry.redhat.io/ocs4/rook-ceph-rhel8-operator&tag=4.7-140.49a6fcf.release_4.7" + } + } + } + ], + "category": "architecture", + "name": "s390x" + }, + { + "branches": [ + { + "category": "product_version", + "name": "mcg-0:5.9.0-28.61dcf87.5.9.el8.src", + "product": { + "name": "mcg-0:5.9.0-28.61dcf87.5.9.el8.src", + "product_id": "mcg-0:5.9.0-28.61dcf87.5.9.el8.src", + "product_identification_helper": { + "purl": "pkg:rpm/redhat/mcg@5.9.0-28.61dcf87.5.9.el8?arch=src" + } + } + } + ], + "category": "architecture", + "name": "src" + }, + { + "branches": [ + { + "category": "product_version", + "name": "mcg-0:5.9.0-28.61dcf87.5.9.el8.x86_64", + "product": { + "name": "mcg-0:5.9.0-28.61dcf87.5.9.el8.x86_64", + "product_id": "mcg-0:5.9.0-28.61dcf87.5.9.el8.x86_64", + "product_identification_helper": { + "purl": "pkg:rpm/redhat/mcg@5.9.0-28.61dcf87.5.9.el8?arch=x86_64" + } + } + } + ], + "category": "architecture", + "name": "x86_64" + } + ], + "category": "vendor", + "name": "Red Hat" + } + ], + "relationships": [ + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/cephcsi-rhel8@sha256:779479e90095b760fdca7da317aaf09f76b453aa262bd3c1ac0f41f7af483a2d_ppc64le as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/cephcsi-rhel8@sha256:779479e90095b760fdca7da317aaf09f76b453aa262bd3c1ac0f41f7af483a2d_ppc64le" + }, + "product_reference": "ocs4/cephcsi-rhel8@sha256:779479e90095b760fdca7da317aaf09f76b453aa262bd3c1ac0f41f7af483a2d_ppc64le", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/cephcsi-rhel8@sha256:ac0ed0ba8ef78e3b46dcf6936f7d97ac4c0f85ac596f263880b56a12dac36234_amd64 as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/cephcsi-rhel8@sha256:ac0ed0ba8ef78e3b46dcf6936f7d97ac4c0f85ac596f263880b56a12dac36234_amd64" + }, + "product_reference": "ocs4/cephcsi-rhel8@sha256:ac0ed0ba8ef78e3b46dcf6936f7d97ac4c0f85ac596f263880b56a12dac36234_amd64", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/cephcsi-rhel8@sha256:c7b09f1114aa36be379a9f52b3f156499bcd31d7537f1235a364129d1382497c_s390x as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/cephcsi-rhel8@sha256:c7b09f1114aa36be379a9f52b3f156499bcd31d7537f1235a364129d1382497c_s390x" + }, + "product_reference": "ocs4/cephcsi-rhel8@sha256:c7b09f1114aa36be379a9f52b3f156499bcd31d7537f1235a364129d1382497c_s390x", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/mcg-core-rhel8@sha256:22037eb4c589c5ccf921cd15bb3c82d75fac298d2b53344575c2af7c22d5353c_ppc64le as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/mcg-core-rhel8@sha256:22037eb4c589c5ccf921cd15bb3c82d75fac298d2b53344575c2af7c22d5353c_ppc64le" + }, + "product_reference": "ocs4/mcg-core-rhel8@sha256:22037eb4c589c5ccf921cd15bb3c82d75fac298d2b53344575c2af7c22d5353c_ppc64le", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/mcg-core-rhel8@sha256:5b1046b56cd5d7cbde64a3cfce800b76b3bd7fb0f535ac2382e97eb8fc93314c_amd64 as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/mcg-core-rhel8@sha256:5b1046b56cd5d7cbde64a3cfce800b76b3bd7fb0f535ac2382e97eb8fc93314c_amd64" + }, + "product_reference": "ocs4/mcg-core-rhel8@sha256:5b1046b56cd5d7cbde64a3cfce800b76b3bd7fb0f535ac2382e97eb8fc93314c_amd64", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/mcg-core-rhel8@sha256:725dd955d4a2a4c27405d7c0d3141384c1e5bb52276056bc7ab8a35d124dcc0e_s390x as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/mcg-core-rhel8@sha256:725dd955d4a2a4c27405d7c0d3141384c1e5bb52276056bc7ab8a35d124dcc0e_s390x" + }, + "product_reference": "ocs4/mcg-core-rhel8@sha256:725dd955d4a2a4c27405d7c0d3141384c1e5bb52276056bc7ab8a35d124dcc0e_s390x", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/mcg-rhel8-operator@sha256:21e57d86bcf007a70bc5e14ff5f0380a1ea26c4d2d2cdf191e9289d04b1f06e7_amd64 as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/mcg-rhel8-operator@sha256:21e57d86bcf007a70bc5e14ff5f0380a1ea26c4d2d2cdf191e9289d04b1f06e7_amd64" + }, + "product_reference": "ocs4/mcg-rhel8-operator@sha256:21e57d86bcf007a70bc5e14ff5f0380a1ea26c4d2d2cdf191e9289d04b1f06e7_amd64", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/mcg-rhel8-operator@sha256:94dccc304395df6d8b37f8371737646d07cf289f83b30c78c353e9a4dec05b76_s390x as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/mcg-rhel8-operator@sha256:94dccc304395df6d8b37f8371737646d07cf289f83b30c78c353e9a4dec05b76_s390x" + }, + "product_reference": "ocs4/mcg-rhel8-operator@sha256:94dccc304395df6d8b37f8371737646d07cf289f83b30c78c353e9a4dec05b76_s390x", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/mcg-rhel8-operator@sha256:bae35f5a3ac521dedd50d8852920f99a3f1c94d1a31a51856eefa24e94516142_ppc64le as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/mcg-rhel8-operator@sha256:bae35f5a3ac521dedd50d8852920f99a3f1c94d1a31a51856eefa24e94516142_ppc64le" + }, + "product_reference": "ocs4/mcg-rhel8-operator@sha256:bae35f5a3ac521dedd50d8852920f99a3f1c94d1a31a51856eefa24e94516142_ppc64le", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-must-gather-rhel8@sha256:5e4df11fa489a5aa7a03ff3983c9a35143e3a76667ea652c39b499dbacb9a11d_ppc64le as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/ocs-must-gather-rhel8@sha256:5e4df11fa489a5aa7a03ff3983c9a35143e3a76667ea652c39b499dbacb9a11d_ppc64le" + }, + "product_reference": "ocs4/ocs-must-gather-rhel8@sha256:5e4df11fa489a5aa7a03ff3983c9a35143e3a76667ea652c39b499dbacb9a11d_ppc64le", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-must-gather-rhel8@sha256:6512915dabeef1d170bd2a61339d6849c175082151bc2f273bef1036738456e0_s390x as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/ocs-must-gather-rhel8@sha256:6512915dabeef1d170bd2a61339d6849c175082151bc2f273bef1036738456e0_s390x" + }, + "product_reference": "ocs4/ocs-must-gather-rhel8@sha256:6512915dabeef1d170bd2a61339d6849c175082151bc2f273bef1036738456e0_s390x", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-must-gather-rhel8@sha256:ca93487e2344a02ab4da0eb010608082134c7e136f2b3cfa51a2d04b10313b3c_amd64 as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/ocs-must-gather-rhel8@sha256:ca93487e2344a02ab4da0eb010608082134c7e136f2b3cfa51a2d04b10313b3c_amd64" + }, + "product_reference": "ocs4/ocs-must-gather-rhel8@sha256:ca93487e2344a02ab4da0eb010608082134c7e136f2b3cfa51a2d04b10313b3c_amd64", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-operator-bundle@sha256:70c98f7353bd302c55e6fa2f51cb4385309aafeb4a2901c94b44cee2846679fc_amd64 as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/ocs-operator-bundle@sha256:70c98f7353bd302c55e6fa2f51cb4385309aafeb4a2901c94b44cee2846679fc_amd64" + }, + "product_reference": "ocs4/ocs-operator-bundle@sha256:70c98f7353bd302c55e6fa2f51cb4385309aafeb4a2901c94b44cee2846679fc_amd64", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-operator-bundle@sha256:97f334a7c2d147e0cfded896355f7406bd2c893783011e345dbcb474850d0047_ppc64le as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/ocs-operator-bundle@sha256:97f334a7c2d147e0cfded896355f7406bd2c893783011e345dbcb474850d0047_ppc64le" + }, + "product_reference": "ocs4/ocs-operator-bundle@sha256:97f334a7c2d147e0cfded896355f7406bd2c893783011e345dbcb474850d0047_ppc64le", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-operator-bundle@sha256:bce44dc4b764b9b3e99d5d2cdc2242667195d6802ee1a5f1f692aa6e633e5660_s390x as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/ocs-operator-bundle@sha256:bce44dc4b764b9b3e99d5d2cdc2242667195d6802ee1a5f1f692aa6e633e5660_s390x" + }, + "product_reference": "ocs4/ocs-operator-bundle@sha256:bce44dc4b764b9b3e99d5d2cdc2242667195d6802ee1a5f1f692aa6e633e5660_s390x", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-rhel8-operator@sha256:7dca985a1723e1c2169124a70182fd29a633ac7b9e9fa28ae24635e203003bc6_ppc64le as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/ocs-rhel8-operator@sha256:7dca985a1723e1c2169124a70182fd29a633ac7b9e9fa28ae24635e203003bc6_ppc64le" + }, + "product_reference": "ocs4/ocs-rhel8-operator@sha256:7dca985a1723e1c2169124a70182fd29a633ac7b9e9fa28ae24635e203003bc6_ppc64le", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-rhel8-operator@sha256:e715a9a62462de6c45ca82a3acc5d622d2df12ce965d226eb0a90f1cbfa212c5_s390x as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/ocs-rhel8-operator@sha256:e715a9a62462de6c45ca82a3acc5d622d2df12ce965d226eb0a90f1cbfa212c5_s390x" + }, + "product_reference": "ocs4/ocs-rhel8-operator@sha256:e715a9a62462de6c45ca82a3acc5d622d2df12ce965d226eb0a90f1cbfa212c5_s390x", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-rhel8-operator@sha256:f6319e4d6e32109deeaebe4d99cc18fd5a272c0655ba73fe2521ca63981efba6_amd64 as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/ocs-rhel8-operator@sha256:f6319e4d6e32109deeaebe4d99cc18fd5a272c0655ba73fe2521ca63981efba6_amd64" + }, + "product_reference": "ocs4/ocs-rhel8-operator@sha256:f6319e4d6e32109deeaebe4d99cc18fd5a272c0655ba73fe2521ca63981efba6_amd64", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/rook-ceph-rhel8-operator@sha256:1c57a22591b2277403200cf3e254badcc827416fc01efabfd12c03c265a491b2_s390x as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/rook-ceph-rhel8-operator@sha256:1c57a22591b2277403200cf3e254badcc827416fc01efabfd12c03c265a491b2_s390x" + }, + "product_reference": "ocs4/rook-ceph-rhel8-operator@sha256:1c57a22591b2277403200cf3e254badcc827416fc01efabfd12c03c265a491b2_s390x", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/rook-ceph-rhel8-operator@sha256:de99a6b3cefa44dd22c637cfa2fb54c60d2b0e14970466cea19979e2e59668c7_amd64 as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/rook-ceph-rhel8-operator@sha256:de99a6b3cefa44dd22c637cfa2fb54c60d2b0e14970466cea19979e2e59668c7_amd64" + }, + "product_reference": "ocs4/rook-ceph-rhel8-operator@sha256:de99a6b3cefa44dd22c637cfa2fb54c60d2b0e14970466cea19979e2e59668c7_amd64", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/rook-ceph-rhel8-operator@sha256:e25dc5fd74d37ea3b00898557b71cdefc7d508e748bfb230e18db7c2e3d526f4_ppc64le as a component of Red Hat OpenShift Container Storage 4.7 on RHEL-8", + "product_id": "8Base-RH-OCS-4.7:ocs4/rook-ceph-rhel8-operator@sha256:e25dc5fd74d37ea3b00898557b71cdefc7d508e748bfb230e18db7c2e3d526f4_ppc64le" + }, + "product_reference": "ocs4/rook-ceph-rhel8-operator@sha256:e25dc5fd74d37ea3b00898557b71cdefc7d508e748bfb230e18db7c2e3d526f4_ppc64le", + "relates_to_product_reference": "8Base-RH-OCS-4.7" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/cephcsi-rhel8@sha256:1819cba5b8d43c37d8b4521ffe5cbd59bd54be42953a08380cd709eb45fa0cd7_amd64 as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/cephcsi-rhel8@sha256:1819cba5b8d43c37d8b4521ffe5cbd59bd54be42953a08380cd709eb45fa0cd7_amd64" + }, + "product_reference": "ocs4/cephcsi-rhel8@sha256:1819cba5b8d43c37d8b4521ffe5cbd59bd54be42953a08380cd709eb45fa0cd7_amd64", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/cephcsi-rhel8@sha256:a8b8bf6dbc9066e3e0357f2ee2280137fb4071b7410680c92df85ff3f61e3e71_s390x as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/cephcsi-rhel8@sha256:a8b8bf6dbc9066e3e0357f2ee2280137fb4071b7410680c92df85ff3f61e3e71_s390x" + }, + "product_reference": "ocs4/cephcsi-rhel8@sha256:a8b8bf6dbc9066e3e0357f2ee2280137fb4071b7410680c92df85ff3f61e3e71_s390x", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/cephcsi-rhel8@sha256:fd09ea1209f059743c68f8c5a6d96bf0d194382e596281b7a79eebc75cae8781_ppc64le as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/cephcsi-rhel8@sha256:fd09ea1209f059743c68f8c5a6d96bf0d194382e596281b7a79eebc75cae8781_ppc64le" + }, + "product_reference": "ocs4/cephcsi-rhel8@sha256:fd09ea1209f059743c68f8c5a6d96bf0d194382e596281b7a79eebc75cae8781_ppc64le", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/mcg-core-rhel8@sha256:0cb74e8ebd0ec62591a86497e2557e606c1eca91560a2c302442aafdee9d2ba3_s390x as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/mcg-core-rhel8@sha256:0cb74e8ebd0ec62591a86497e2557e606c1eca91560a2c302442aafdee9d2ba3_s390x" + }, + "product_reference": "ocs4/mcg-core-rhel8@sha256:0cb74e8ebd0ec62591a86497e2557e606c1eca91560a2c302442aafdee9d2ba3_s390x", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/mcg-core-rhel8@sha256:3c805f5f71b7fbc3d77f05e0eb04a242ee277ded61121a2f78f58a6f2e3d6239_amd64 as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/mcg-core-rhel8@sha256:3c805f5f71b7fbc3d77f05e0eb04a242ee277ded61121a2f78f58a6f2e3d6239_amd64" + }, + "product_reference": "ocs4/mcg-core-rhel8@sha256:3c805f5f71b7fbc3d77f05e0eb04a242ee277ded61121a2f78f58a6f2e3d6239_amd64", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/mcg-core-rhel8@sha256:a35b39d108c85722af235fa856c239a4f9c16a6c60664d91672c680e3fd1e735_ppc64le as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/mcg-core-rhel8@sha256:a35b39d108c85722af235fa856c239a4f9c16a6c60664d91672c680e3fd1e735_ppc64le" + }, + "product_reference": "ocs4/mcg-core-rhel8@sha256:a35b39d108c85722af235fa856c239a4f9c16a6c60664d91672c680e3fd1e735_ppc64le", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/mcg-rhel8-operator@sha256:260bc0e079e4d8e7d29c0480f6a70278709f27a12cd70bb2fb9cbe6334af3333_amd64 as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/mcg-rhel8-operator@sha256:260bc0e079e4d8e7d29c0480f6a70278709f27a12cd70bb2fb9cbe6334af3333_amd64" + }, + "product_reference": "ocs4/mcg-rhel8-operator@sha256:260bc0e079e4d8e7d29c0480f6a70278709f27a12cd70bb2fb9cbe6334af3333_amd64", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/mcg-rhel8-operator@sha256:76353560ad951875d5a031ccee8ffc13f6424b14f4f477b4ce6bbc71edbadc86_s390x as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/mcg-rhel8-operator@sha256:76353560ad951875d5a031ccee8ffc13f6424b14f4f477b4ce6bbc71edbadc86_s390x" + }, + "product_reference": "ocs4/mcg-rhel8-operator@sha256:76353560ad951875d5a031ccee8ffc13f6424b14f4f477b4ce6bbc71edbadc86_s390x", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/mcg-rhel8-operator@sha256:aa285fae19902f0fe3aa80f17024ffeba8b3cff017b4e5c02e220cbd80c06973_ppc64le as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/mcg-rhel8-operator@sha256:aa285fae19902f0fe3aa80f17024ffeba8b3cff017b4e5c02e220cbd80c06973_ppc64le" + }, + "product_reference": "ocs4/mcg-rhel8-operator@sha256:aa285fae19902f0fe3aa80f17024ffeba8b3cff017b4e5c02e220cbd80c06973_ppc64le", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-must-gather-rhel8@sha256:180ca4c2ca1f8bfd59251ef37dc6f0b0c6f6b651383dad7a34ef67c0374617f5_amd64 as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/ocs-must-gather-rhel8@sha256:180ca4c2ca1f8bfd59251ef37dc6f0b0c6f6b651383dad7a34ef67c0374617f5_amd64" + }, + "product_reference": "ocs4/ocs-must-gather-rhel8@sha256:180ca4c2ca1f8bfd59251ef37dc6f0b0c6f6b651383dad7a34ef67c0374617f5_amd64", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-must-gather-rhel8@sha256:2c24b0616e961f1c95fe84abccc01ab79d91f8cc2add3035c2821c0fd49ee675_ppc64le as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/ocs-must-gather-rhel8@sha256:2c24b0616e961f1c95fe84abccc01ab79d91f8cc2add3035c2821c0fd49ee675_ppc64le" + }, + "product_reference": "ocs4/ocs-must-gather-rhel8@sha256:2c24b0616e961f1c95fe84abccc01ab79d91f8cc2add3035c2821c0fd49ee675_ppc64le", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-must-gather-rhel8@sha256:cc4d487f0ed7beb0662489ffb48ed7ee1a7d95a08f2f959af3d2425a082e5d99_s390x as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/ocs-must-gather-rhel8@sha256:cc4d487f0ed7beb0662489ffb48ed7ee1a7d95a08f2f959af3d2425a082e5d99_s390x" + }, + "product_reference": "ocs4/ocs-must-gather-rhel8@sha256:cc4d487f0ed7beb0662489ffb48ed7ee1a7d95a08f2f959af3d2425a082e5d99_s390x", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-operator-bundle@sha256:644bf5f6e364ba10268d76ee5919bd8f48a772644dba85612730e3792e0f4ea1_s390x as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/ocs-operator-bundle@sha256:644bf5f6e364ba10268d76ee5919bd8f48a772644dba85612730e3792e0f4ea1_s390x" + }, + "product_reference": "ocs4/ocs-operator-bundle@sha256:644bf5f6e364ba10268d76ee5919bd8f48a772644dba85612730e3792e0f4ea1_s390x", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-operator-bundle@sha256:851d87a64e1e9f4777791b20fc6c7e4252e779f79d3ecc09bd7af3f9395de771_ppc64le as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/ocs-operator-bundle@sha256:851d87a64e1e9f4777791b20fc6c7e4252e779f79d3ecc09bd7af3f9395de771_ppc64le" + }, + "product_reference": "ocs4/ocs-operator-bundle@sha256:851d87a64e1e9f4777791b20fc6c7e4252e779f79d3ecc09bd7af3f9395de771_ppc64le", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-operator-bundle@sha256:91515bf10db2c19a059a16e4df1a331f4b919f2eb1ab11d2a09d054f38fe1fc7_amd64 as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/ocs-operator-bundle@sha256:91515bf10db2c19a059a16e4df1a331f4b919f2eb1ab11d2a09d054f38fe1fc7_amd64" + }, + "product_reference": "ocs4/ocs-operator-bundle@sha256:91515bf10db2c19a059a16e4df1a331f4b919f2eb1ab11d2a09d054f38fe1fc7_amd64", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-rhel8-operator@sha256:8e6d5a070f6be7ee8558d4629483af9bae4259d78fe677d5855b75317939621f_amd64 as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/ocs-rhel8-operator@sha256:8e6d5a070f6be7ee8558d4629483af9bae4259d78fe677d5855b75317939621f_amd64" + }, + "product_reference": "ocs4/ocs-rhel8-operator@sha256:8e6d5a070f6be7ee8558d4629483af9bae4259d78fe677d5855b75317939621f_amd64", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-rhel8-operator@sha256:b8f2788c69ac85df91ddc16c9e3d228e638b4deafb5227be521ae343d3010baa_ppc64le as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/ocs-rhel8-operator@sha256:b8f2788c69ac85df91ddc16c9e3d228e638b4deafb5227be521ae343d3010baa_ppc64le" + }, + "product_reference": "ocs4/ocs-rhel8-operator@sha256:b8f2788c69ac85df91ddc16c9e3d228e638b4deafb5227be521ae343d3010baa_ppc64le", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/ocs-rhel8-operator@sha256:f7a29c6ef520ef1728ce6c1caeb84f6a4d7c8e3f2f46daf373403d34543df36f_s390x as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/ocs-rhel8-operator@sha256:f7a29c6ef520ef1728ce6c1caeb84f6a4d7c8e3f2f46daf373403d34543df36f_s390x" + }, + "product_reference": "ocs4/ocs-rhel8-operator@sha256:f7a29c6ef520ef1728ce6c1caeb84f6a4d7c8e3f2f46daf373403d34543df36f_s390x", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/rook-ceph-rhel8-operator@sha256:19b8b9aa50c96c9b8ee26d3f1778fa3394ec7e042f81a6eef593b003622fa6f8_amd64 as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/rook-ceph-rhel8-operator@sha256:19b8b9aa50c96c9b8ee26d3f1778fa3394ec7e042f81a6eef593b003622fa6f8_amd64" + }, + "product_reference": "ocs4/rook-ceph-rhel8-operator@sha256:19b8b9aa50c96c9b8ee26d3f1778fa3394ec7e042f81a6eef593b003622fa6f8_amd64", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/rook-ceph-rhel8-operator@sha256:25682019c97995e63d466115157158f661c3e38c697a03ee2d488a04f2f4adec_s390x as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/rook-ceph-rhel8-operator@sha256:25682019c97995e63d466115157158f661c3e38c697a03ee2d488a04f2f4adec_s390x" + }, + "product_reference": "ocs4/rook-ceph-rhel8-operator@sha256:25682019c97995e63d466115157158f661c3e38c697a03ee2d488a04f2f4adec_s390x", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/rook-ceph-rhel8-operator@sha256:ed689445f56e7e50d872f2e0b0d61bdf4c08d4bd34daf246ff49648d3f5a298d_ppc64le as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/rook-ceph-rhel8-operator@sha256:ed689445f56e7e50d872f2e0b0d61bdf4c08d4bd34daf246ff49648d3f5a298d_ppc64le" + }, + "product_reference": "ocs4/rook-ceph-rhel8-operator@sha256:ed689445f56e7e50d872f2e0b0d61bdf4c08d4bd34daf246ff49648d3f5a298d_ppc64le", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/volume-replication-rhel8-operator@sha256:45210e36c8bb62080cb96c7a9aaefffa22e8749bfbe0e2e3f66b7d36e3f40b3f_amd64 as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/volume-replication-rhel8-operator@sha256:45210e36c8bb62080cb96c7a9aaefffa22e8749bfbe0e2e3f66b7d36e3f40b3f_amd64" + }, + "product_reference": "ocs4/volume-replication-rhel8-operator@sha256:45210e36c8bb62080cb96c7a9aaefffa22e8749bfbe0e2e3f66b7d36e3f40b3f_amd64", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/volume-replication-rhel8-operator@sha256:695c55a8d65caf60e902b45afa80f59959d3a47c271150f9779b02e77f6c2068_s390x as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/volume-replication-rhel8-operator@sha256:695c55a8d65caf60e902b45afa80f59959d3a47c271150f9779b02e77f6c2068_s390x" + }, + "product_reference": "ocs4/volume-replication-rhel8-operator@sha256:695c55a8d65caf60e902b45afa80f59959d3a47c271150f9779b02e77f6c2068_s390x", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "ocs4/volume-replication-rhel8-operator@sha256:c33567da3a51dc79c490f635b201359c41391aae1fcc071ea6b6862f344e6784_ppc64le as a component of Red Hat OpenShift Container Storage 4.8 on RHEL-8", + "product_id": "8Base-RH-OCS-4.8:ocs4/volume-replication-rhel8-operator@sha256:c33567da3a51dc79c490f635b201359c41391aae1fcc071ea6b6862f344e6784_ppc64le" + }, + "product_reference": "ocs4/volume-replication-rhel8-operator@sha256:c33567da3a51dc79c490f635b201359c41391aae1fcc071ea6b6862f344e6784_ppc64le", + "relates_to_product_reference": "8Base-RH-OCS-4.8" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "mcg-0:5.9.0-28.61dcf87.5.9.el8.ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.ppc64le" + }, + "product_reference": "mcg-0:5.9.0-28.61dcf87.5.9.el8.ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "mcg-0:5.9.0-28.61dcf87.5.9.el8.s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.s390x" + }, + "product_reference": "mcg-0:5.9.0-28.61dcf87.5.9.el8.s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "mcg-0:5.9.0-28.61dcf87.5.9.el8.src as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.src" + }, + "product_reference": "mcg-0:5.9.0-28.61dcf87.5.9.el8.src", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "mcg-0:5.9.0-28.61dcf87.5.9.el8.x86_64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.x86_64" + }, + "product_reference": "mcg-0:5.9.0-28.61dcf87.5.9.el8.x86_64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le" + }, + "product_reference": "odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64" + }, + "product_reference": "odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x" + }, + "product_reference": "odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x" + }, + "product_reference": "odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64" + }, + "product_reference": "odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le" + }, + "product_reference": "odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x" + }, + "product_reference": "odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64" + }, + "product_reference": "odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le" + }, + "product_reference": "odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64" + }, + "product_reference": "odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le" + }, + "product_reference": "odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x" + }, + "product_reference": "odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64" + }, + "product_reference": "odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le" + }, + "product_reference": "odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x" + }, + "product_reference": "odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le" + }, + "product_reference": "odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64" + }, + "product_reference": "odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x" + }, + "product_reference": "odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64" + }, + "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x" + }, + "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le" + }, + "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le" + }, + "product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64" + }, + "product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x" + }, + "product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64" + }, + "product_reference": "odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le" + }, + "product_reference": "odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x" + }, + "product_reference": "odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x" + }, + "product_reference": "odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64" + }, + "product_reference": "odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le" + }, + "product_reference": "odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x" + }, + "product_reference": "odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le" + }, + "product_reference": "odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64" + }, + "product_reference": "odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64" + }, + "product_reference": "odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le" + }, + "product_reference": "odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x" + }, + "product_reference": "odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le" + }, + "product_reference": "odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x" + }, + "product_reference": "odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64" + }, + "product_reference": "odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le" + }, + "product_reference": "odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x" + }, + "product_reference": "odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64" + }, + "product_reference": "odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64 as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64" + }, + "product_reference": "odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x" + }, + "product_reference": "odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le as a component of Red Hat OpenShift Data Foundation 4.9 on RHEL-8", + "product_id": "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le" + }, + "product_reference": "odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le", + "relates_to_product_reference": "8Base-RH-ODF-4.9" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "atomic-openshift as a component of Red Hat OpenShift Container Platform 3.11", + "product_id": "red_hat_openshift_container_platform_3.11:atomic-openshift" + }, + "product_reference": "atomic-openshift", + "relates_to_product_reference": "red_hat_openshift_container_platform_3.11" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "openshift as a component of Red Hat OpenShift Container Platform 4", + "product_id": "red_hat_openshift_container_platform_4:openshift" + }, + "product_reference": "openshift", + "relates_to_product_reference": "red_hat_openshift_container_platform_4" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "openshift-clients as a component of Red Hat OpenShift Container Platform 4", + "product_id": "red_hat_openshift_container_platform_4:openshift-clients" + }, + "product_reference": "openshift-clients", + "relates_to_product_reference": "red_hat_openshift_container_platform_4" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "openshift4/ose-hyperkube as a component of Red Hat OpenShift Container Platform 4", + "product_id": "red_hat_openshift_container_platform_4:openshift4/ose-hyperkube" + }, + "product_reference": "openshift4/ose-hyperkube", + "relates_to_product_reference": "red_hat_openshift_container_platform_4" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "mcg as a component of Red Hat Openshift Container Storage 4", + "product_id": "red_hat_openshift_container_storage_4:mcg" + }, + "product_reference": "mcg", + "relates_to_product_reference": "red_hat_openshift_container_storage_4" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "heketi as a component of Red Hat Storage 3", + "product_id": "red_hat_storage_3:heketi" + }, + "product_reference": "heketi", + "relates_to_product_reference": "red_hat_storage_3" + }, + { + "category": "default_component_of", + "full_product_name": { + "name": "rhgs3/rhgs-gluster-block-prov-rhel7 as a component of Red Hat Storage 3", + "product_id": "red_hat_storage_3:rhgs3/rhgs-gluster-block-prov-rhel7" + }, + "product_reference": "rhgs3/rhgs-gluster-block-prov-rhel7", + "relates_to_product_reference": "red_hat_storage_3" + } + ] + }, + "vulnerabilities": [ + { + "acknowledgments": [ + { + "names": [ + "the Kubernetes Product Security Committee" + ] + }, + { + "names": [ + "Patrick Rhomberg" + ], + "organization": "purelyapplied", + "summary": "Acknowledged by upstream." + } + ], + "cve": "CVE-2020-8565", + "cwe": { + "id": "CWE-117", + "name": "Improper Output Neutralization for Logs" + }, + "discovery_date": "2020-10-09T00:00:00+00:00", + "flags": [ + { + "label": "vulnerable_code_not_present", + "product_ids": [ + "8Base-RH-OCS-4.7:ocs4/cephcsi-rhel8@sha256:779479e90095b760fdca7da317aaf09f76b453aa262bd3c1ac0f41f7af483a2d_ppc64le", + "8Base-RH-OCS-4.7:ocs4/cephcsi-rhel8@sha256:ac0ed0ba8ef78e3b46dcf6936f7d97ac4c0f85ac596f263880b56a12dac36234_amd64", + "8Base-RH-OCS-4.7:ocs4/cephcsi-rhel8@sha256:c7b09f1114aa36be379a9f52b3f156499bcd31d7537f1235a364129d1382497c_s390x", + "8Base-RH-OCS-4.7:ocs4/mcg-core-rhel8@sha256:22037eb4c589c5ccf921cd15bb3c82d75fac298d2b53344575c2af7c22d5353c_ppc64le", + "8Base-RH-OCS-4.7:ocs4/mcg-core-rhel8@sha256:5b1046b56cd5d7cbde64a3cfce800b76b3bd7fb0f535ac2382e97eb8fc93314c_amd64", + "8Base-RH-OCS-4.7:ocs4/mcg-core-rhel8@sha256:725dd955d4a2a4c27405d7c0d3141384c1e5bb52276056bc7ab8a35d124dcc0e_s390x", + "8Base-RH-OCS-4.7:ocs4/mcg-rhel8-operator@sha256:21e57d86bcf007a70bc5e14ff5f0380a1ea26c4d2d2cdf191e9289d04b1f06e7_amd64", + "8Base-RH-OCS-4.7:ocs4/mcg-rhel8-operator@sha256:94dccc304395df6d8b37f8371737646d07cf289f83b30c78c353e9a4dec05b76_s390x", + "8Base-RH-OCS-4.7:ocs4/mcg-rhel8-operator@sha256:bae35f5a3ac521dedd50d8852920f99a3f1c94d1a31a51856eefa24e94516142_ppc64le", + "8Base-RH-OCS-4.7:ocs4/ocs-must-gather-rhel8@sha256:5e4df11fa489a5aa7a03ff3983c9a35143e3a76667ea652c39b499dbacb9a11d_ppc64le", + "8Base-RH-OCS-4.7:ocs4/ocs-must-gather-rhel8@sha256:6512915dabeef1d170bd2a61339d6849c175082151bc2f273bef1036738456e0_s390x", + "8Base-RH-OCS-4.7:ocs4/ocs-must-gather-rhel8@sha256:ca93487e2344a02ab4da0eb010608082134c7e136f2b3cfa51a2d04b10313b3c_amd64", + "8Base-RH-OCS-4.7:ocs4/ocs-operator-bundle@sha256:70c98f7353bd302c55e6fa2f51cb4385309aafeb4a2901c94b44cee2846679fc_amd64", + "8Base-RH-OCS-4.7:ocs4/ocs-operator-bundle@sha256:97f334a7c2d147e0cfded896355f7406bd2c893783011e345dbcb474850d0047_ppc64le", + "8Base-RH-OCS-4.7:ocs4/ocs-operator-bundle@sha256:bce44dc4b764b9b3e99d5d2cdc2242667195d6802ee1a5f1f692aa6e633e5660_s390x", + "8Base-RH-OCS-4.7:ocs4/ocs-rhel8-operator@sha256:7dca985a1723e1c2169124a70182fd29a633ac7b9e9fa28ae24635e203003bc6_ppc64le", + "8Base-RH-OCS-4.7:ocs4/ocs-rhel8-operator@sha256:e715a9a62462de6c45ca82a3acc5d622d2df12ce965d226eb0a90f1cbfa212c5_s390x", + "8Base-RH-OCS-4.7:ocs4/ocs-rhel8-operator@sha256:f6319e4d6e32109deeaebe4d99cc18fd5a272c0655ba73fe2521ca63981efba6_amd64", + "red_hat_openshift_container_platform_4:openshift", + "red_hat_openshift_container_platform_4:openshift-clients", + "red_hat_openshift_container_platform_4:openshift4/ose-hyperkube" + ] + } + ], + "ids": [ + { + "system_name": "Red Hat Bugzilla ID", + "text": "1886638" + } + ], + "notes": [ + { + "category": "description", + "text": "A flaw was found in kubernetes. In Kubernetes, if the logging level is to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like `kubectl`. Previously, CVE-2019-11250 was assigned for the same issue for logging levels of at least 4.", + "title": "Vulnerability description" + }, + { + "category": "summary", + "text": "kubernetes: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9", + "title": "Vulnerability summary" + }, + { + "category": "other", + "text": "OpenShift Container Platform 4 does not support LogLevels higher than 8 (via 'TraceAll'), and is therefore not affected by this vulnerability.", + "title": "Statement" + }, + { + "category": "general", + "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", + "title": "CVSS score applicability" + } + ], + "product_status": { + "fixed": [ + "8Base-RH-OCS-4.7:ocs4/rook-ceph-rhel8-operator@sha256:1c57a22591b2277403200cf3e254badcc827416fc01efabfd12c03c265a491b2_s390x", + "8Base-RH-OCS-4.7:ocs4/rook-ceph-rhel8-operator@sha256:de99a6b3cefa44dd22c637cfa2fb54c60d2b0e14970466cea19979e2e59668c7_amd64", + "8Base-RH-OCS-4.7:ocs4/rook-ceph-rhel8-operator@sha256:e25dc5fd74d37ea3b00898557b71cdefc7d508e748bfb230e18db7c2e3d526f4_ppc64le", + "8Base-RH-OCS-4.8:ocs4/cephcsi-rhel8@sha256:1819cba5b8d43c37d8b4521ffe5cbd59bd54be42953a08380cd709eb45fa0cd7_amd64", + "8Base-RH-OCS-4.8:ocs4/cephcsi-rhel8@sha256:a8b8bf6dbc9066e3e0357f2ee2280137fb4071b7410680c92df85ff3f61e3e71_s390x", + "8Base-RH-OCS-4.8:ocs4/cephcsi-rhel8@sha256:fd09ea1209f059743c68f8c5a6d96bf0d194382e596281b7a79eebc75cae8781_ppc64le", + "8Base-RH-OCS-4.8:ocs4/mcg-core-rhel8@sha256:0cb74e8ebd0ec62591a86497e2557e606c1eca91560a2c302442aafdee9d2ba3_s390x", + "8Base-RH-OCS-4.8:ocs4/mcg-core-rhel8@sha256:3c805f5f71b7fbc3d77f05e0eb04a242ee277ded61121a2f78f58a6f2e3d6239_amd64", + "8Base-RH-OCS-4.8:ocs4/mcg-core-rhel8@sha256:a35b39d108c85722af235fa856c239a4f9c16a6c60664d91672c680e3fd1e735_ppc64le", + "8Base-RH-OCS-4.8:ocs4/mcg-rhel8-operator@sha256:260bc0e079e4d8e7d29c0480f6a70278709f27a12cd70bb2fb9cbe6334af3333_amd64", + "8Base-RH-OCS-4.8:ocs4/mcg-rhel8-operator@sha256:76353560ad951875d5a031ccee8ffc13f6424b14f4f477b4ce6bbc71edbadc86_s390x", + "8Base-RH-OCS-4.8:ocs4/mcg-rhel8-operator@sha256:aa285fae19902f0fe3aa80f17024ffeba8b3cff017b4e5c02e220cbd80c06973_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-must-gather-rhel8@sha256:180ca4c2ca1f8bfd59251ef37dc6f0b0c6f6b651383dad7a34ef67c0374617f5_amd64", + "8Base-RH-OCS-4.8:ocs4/ocs-must-gather-rhel8@sha256:2c24b0616e961f1c95fe84abccc01ab79d91f8cc2add3035c2821c0fd49ee675_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-must-gather-rhel8@sha256:cc4d487f0ed7beb0662489ffb48ed7ee1a7d95a08f2f959af3d2425a082e5d99_s390x", + "8Base-RH-OCS-4.8:ocs4/ocs-operator-bundle@sha256:644bf5f6e364ba10268d76ee5919bd8f48a772644dba85612730e3792e0f4ea1_s390x", + "8Base-RH-OCS-4.8:ocs4/ocs-operator-bundle@sha256:851d87a64e1e9f4777791b20fc6c7e4252e779f79d3ecc09bd7af3f9395de771_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-operator-bundle@sha256:91515bf10db2c19a059a16e4df1a331f4b919f2eb1ab11d2a09d054f38fe1fc7_amd64", + "8Base-RH-OCS-4.8:ocs4/ocs-rhel8-operator@sha256:8e6d5a070f6be7ee8558d4629483af9bae4259d78fe677d5855b75317939621f_amd64", + "8Base-RH-OCS-4.8:ocs4/ocs-rhel8-operator@sha256:b8f2788c69ac85df91ddc16c9e3d228e638b4deafb5227be521ae343d3010baa_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-rhel8-operator@sha256:f7a29c6ef520ef1728ce6c1caeb84f6a4d7c8e3f2f46daf373403d34543df36f_s390x", + "8Base-RH-OCS-4.8:ocs4/rook-ceph-rhel8-operator@sha256:19b8b9aa50c96c9b8ee26d3f1778fa3394ec7e042f81a6eef593b003622fa6f8_amd64", + "8Base-RH-OCS-4.8:ocs4/rook-ceph-rhel8-operator@sha256:25682019c97995e63d466115157158f661c3e38c697a03ee2d488a04f2f4adec_s390x", + "8Base-RH-OCS-4.8:ocs4/rook-ceph-rhel8-operator@sha256:ed689445f56e7e50d872f2e0b0d61bdf4c08d4bd34daf246ff49648d3f5a298d_ppc64le", + "8Base-RH-OCS-4.8:ocs4/volume-replication-rhel8-operator@sha256:45210e36c8bb62080cb96c7a9aaefffa22e8749bfbe0e2e3f66b7d36e3f40b3f_amd64", + "8Base-RH-OCS-4.8:ocs4/volume-replication-rhel8-operator@sha256:695c55a8d65caf60e902b45afa80f59959d3a47c271150f9779b02e77f6c2068_s390x", + "8Base-RH-OCS-4.8:ocs4/volume-replication-rhel8-operator@sha256:c33567da3a51dc79c490f635b201359c41391aae1fcc071ea6b6862f344e6784_ppc64le", + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.ppc64le", + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.s390x", + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.src", + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.x86_64", + "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x", + "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64", + "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x", + "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64", + "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64", + "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x", + "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64", + "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x", + "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64", + "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64", + "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x", + "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x", + "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64", + "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x", + "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64", + "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64", + "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x", + "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x", + "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64", + "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le", + "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x", + "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64", + "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64", + "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x", + "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le" + ], + "known_affected": [ + "red_hat_openshift_container_platform_3.11:atomic-openshift", + "red_hat_openshift_container_storage_4:mcg", + "red_hat_storage_3:heketi", + "red_hat_storage_3:rhgs3/rhgs-gluster-block-prov-rhel7" + ], + "known_not_affected": [ + "8Base-RH-OCS-4.7:ocs4/cephcsi-rhel8@sha256:779479e90095b760fdca7da317aaf09f76b453aa262bd3c1ac0f41f7af483a2d_ppc64le", + "8Base-RH-OCS-4.7:ocs4/cephcsi-rhel8@sha256:ac0ed0ba8ef78e3b46dcf6936f7d97ac4c0f85ac596f263880b56a12dac36234_amd64", + "8Base-RH-OCS-4.7:ocs4/cephcsi-rhel8@sha256:c7b09f1114aa36be379a9f52b3f156499bcd31d7537f1235a364129d1382497c_s390x", + "8Base-RH-OCS-4.7:ocs4/mcg-core-rhel8@sha256:22037eb4c589c5ccf921cd15bb3c82d75fac298d2b53344575c2af7c22d5353c_ppc64le", + "8Base-RH-OCS-4.7:ocs4/mcg-core-rhel8@sha256:5b1046b56cd5d7cbde64a3cfce800b76b3bd7fb0f535ac2382e97eb8fc93314c_amd64", + "8Base-RH-OCS-4.7:ocs4/mcg-core-rhel8@sha256:725dd955d4a2a4c27405d7c0d3141384c1e5bb52276056bc7ab8a35d124dcc0e_s390x", + "8Base-RH-OCS-4.7:ocs4/mcg-rhel8-operator@sha256:21e57d86bcf007a70bc5e14ff5f0380a1ea26c4d2d2cdf191e9289d04b1f06e7_amd64", + "8Base-RH-OCS-4.7:ocs4/mcg-rhel8-operator@sha256:94dccc304395df6d8b37f8371737646d07cf289f83b30c78c353e9a4dec05b76_s390x", + "8Base-RH-OCS-4.7:ocs4/mcg-rhel8-operator@sha256:bae35f5a3ac521dedd50d8852920f99a3f1c94d1a31a51856eefa24e94516142_ppc64le", + "8Base-RH-OCS-4.7:ocs4/ocs-must-gather-rhel8@sha256:5e4df11fa489a5aa7a03ff3983c9a35143e3a76667ea652c39b499dbacb9a11d_ppc64le", + "8Base-RH-OCS-4.7:ocs4/ocs-must-gather-rhel8@sha256:6512915dabeef1d170bd2a61339d6849c175082151bc2f273bef1036738456e0_s390x", + "8Base-RH-OCS-4.7:ocs4/ocs-must-gather-rhel8@sha256:ca93487e2344a02ab4da0eb010608082134c7e136f2b3cfa51a2d04b10313b3c_amd64", + "8Base-RH-OCS-4.7:ocs4/ocs-operator-bundle@sha256:70c98f7353bd302c55e6fa2f51cb4385309aafeb4a2901c94b44cee2846679fc_amd64", + "8Base-RH-OCS-4.7:ocs4/ocs-operator-bundle@sha256:97f334a7c2d147e0cfded896355f7406bd2c893783011e345dbcb474850d0047_ppc64le", + "8Base-RH-OCS-4.7:ocs4/ocs-operator-bundle@sha256:bce44dc4b764b9b3e99d5d2cdc2242667195d6802ee1a5f1f692aa6e633e5660_s390x", + "8Base-RH-OCS-4.7:ocs4/ocs-rhel8-operator@sha256:7dca985a1723e1c2169124a70182fd29a633ac7b9e9fa28ae24635e203003bc6_ppc64le", + "8Base-RH-OCS-4.7:ocs4/ocs-rhel8-operator@sha256:e715a9a62462de6c45ca82a3acc5d622d2df12ce965d226eb0a90f1cbfa212c5_s390x", + "8Base-RH-OCS-4.7:ocs4/ocs-rhel8-operator@sha256:f6319e4d6e32109deeaebe4d99cc18fd5a272c0655ba73fe2521ca63981efba6_amd64", + "red_hat_openshift_container_platform_4:openshift", + "red_hat_openshift_container_platform_4:openshift-clients", + "red_hat_openshift_container_platform_4:openshift4/ose-hyperkube" + ] + }, + "references": [ + { + "category": "self", + "summary": "Canonical URL", + "url": "https://access.redhat.com/security/cve/CVE-2020-8565" + }, + { + "category": "external", + "summary": "RHBZ#1886638", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886638" + }, + { + "category": "external", + "summary": "https://www.cve.org/CVERecord?id=CVE-2020-8565", + "url": "https://www.cve.org/CVERecord?id=CVE-2020-8565" + }, + { + "category": "external", + "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8565", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8565" + }, + { + "category": "external", + "summary": "https://github.com/kubernetes/kubernetes/issues/95623", + "url": "https://github.com/kubernetes/kubernetes/issues/95623" + }, + { + "category": "external", + "summary": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk", + "url": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk" + } + ], + "release_date": "2020-10-14T00:00:00+00:00", + "remediations": [ + { + "category": "vendor_fix", + "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", + "product_ids": [ + "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x", + "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64", + "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x", + "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64", + "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64", + "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x", + "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64", + "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x", + "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64", + "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64", + "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x", + "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x", + "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64", + "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x", + "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64", + "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64", + "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x", + "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x", + "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64", + "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le", + "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x", + "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64", + "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64", + "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x", + "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le" + ], + "url": "https://access.redhat.com/errata/RHSA-2021:5086" + }, + { + "category": "vendor_fix", + "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", + "product_ids": [ + "8Base-RH-OCS-4.8:ocs4/cephcsi-rhel8@sha256:1819cba5b8d43c37d8b4521ffe5cbd59bd54be42953a08380cd709eb45fa0cd7_amd64", + "8Base-RH-OCS-4.8:ocs4/cephcsi-rhel8@sha256:a8b8bf6dbc9066e3e0357f2ee2280137fb4071b7410680c92df85ff3f61e3e71_s390x", + "8Base-RH-OCS-4.8:ocs4/cephcsi-rhel8@sha256:fd09ea1209f059743c68f8c5a6d96bf0d194382e596281b7a79eebc75cae8781_ppc64le", + "8Base-RH-OCS-4.8:ocs4/mcg-core-rhel8@sha256:0cb74e8ebd0ec62591a86497e2557e606c1eca91560a2c302442aafdee9d2ba3_s390x", + "8Base-RH-OCS-4.8:ocs4/mcg-core-rhel8@sha256:3c805f5f71b7fbc3d77f05e0eb04a242ee277ded61121a2f78f58a6f2e3d6239_amd64", + "8Base-RH-OCS-4.8:ocs4/mcg-core-rhel8@sha256:a35b39d108c85722af235fa856c239a4f9c16a6c60664d91672c680e3fd1e735_ppc64le", + "8Base-RH-OCS-4.8:ocs4/mcg-rhel8-operator@sha256:260bc0e079e4d8e7d29c0480f6a70278709f27a12cd70bb2fb9cbe6334af3333_amd64", + "8Base-RH-OCS-4.8:ocs4/mcg-rhel8-operator@sha256:76353560ad951875d5a031ccee8ffc13f6424b14f4f477b4ce6bbc71edbadc86_s390x", + "8Base-RH-OCS-4.8:ocs4/mcg-rhel8-operator@sha256:aa285fae19902f0fe3aa80f17024ffeba8b3cff017b4e5c02e220cbd80c06973_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-must-gather-rhel8@sha256:180ca4c2ca1f8bfd59251ef37dc6f0b0c6f6b651383dad7a34ef67c0374617f5_amd64", + "8Base-RH-OCS-4.8:ocs4/ocs-must-gather-rhel8@sha256:2c24b0616e961f1c95fe84abccc01ab79d91f8cc2add3035c2821c0fd49ee675_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-must-gather-rhel8@sha256:cc4d487f0ed7beb0662489ffb48ed7ee1a7d95a08f2f959af3d2425a082e5d99_s390x", + "8Base-RH-OCS-4.8:ocs4/ocs-operator-bundle@sha256:644bf5f6e364ba10268d76ee5919bd8f48a772644dba85612730e3792e0f4ea1_s390x", + "8Base-RH-OCS-4.8:ocs4/ocs-operator-bundle@sha256:851d87a64e1e9f4777791b20fc6c7e4252e779f79d3ecc09bd7af3f9395de771_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-operator-bundle@sha256:91515bf10db2c19a059a16e4df1a331f4b919f2eb1ab11d2a09d054f38fe1fc7_amd64", + "8Base-RH-OCS-4.8:ocs4/ocs-rhel8-operator@sha256:8e6d5a070f6be7ee8558d4629483af9bae4259d78fe677d5855b75317939621f_amd64", + "8Base-RH-OCS-4.8:ocs4/ocs-rhel8-operator@sha256:b8f2788c69ac85df91ddc16c9e3d228e638b4deafb5227be521ae343d3010baa_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-rhel8-operator@sha256:f7a29c6ef520ef1728ce6c1caeb84f6a4d7c8e3f2f46daf373403d34543df36f_s390x", + "8Base-RH-OCS-4.8:ocs4/rook-ceph-rhel8-operator@sha256:19b8b9aa50c96c9b8ee26d3f1778fa3394ec7e042f81a6eef593b003622fa6f8_amd64", + "8Base-RH-OCS-4.8:ocs4/rook-ceph-rhel8-operator@sha256:25682019c97995e63d466115157158f661c3e38c697a03ee2d488a04f2f4adec_s390x", + "8Base-RH-OCS-4.8:ocs4/rook-ceph-rhel8-operator@sha256:ed689445f56e7e50d872f2e0b0d61bdf4c08d4bd34daf246ff49648d3f5a298d_ppc64le", + "8Base-RH-OCS-4.8:ocs4/volume-replication-rhel8-operator@sha256:45210e36c8bb62080cb96c7a9aaefffa22e8749bfbe0e2e3f66b7d36e3f40b3f_amd64", + "8Base-RH-OCS-4.8:ocs4/volume-replication-rhel8-operator@sha256:695c55a8d65caf60e902b45afa80f59959d3a47c271150f9779b02e77f6c2068_s390x", + "8Base-RH-OCS-4.8:ocs4/volume-replication-rhel8-operator@sha256:c33567da3a51dc79c490f635b201359c41391aae1fcc071ea6b6862f344e6784_ppc64le" + ], + "url": "https://access.redhat.com/errata/RHBA-2021:3003" + }, + { + "category": "vendor_fix", + "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", + "product_ids": [ + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.ppc64le", + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.s390x", + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.src", + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.x86_64" + ], + "url": "https://access.redhat.com/errata/RHSA-2021:5085" + }, + { + "category": "vendor_fix", + "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", + "product_ids": [ + "8Base-RH-OCS-4.7:ocs4/rook-ceph-rhel8-operator@sha256:1c57a22591b2277403200cf3e254badcc827416fc01efabfd12c03c265a491b2_s390x", + "8Base-RH-OCS-4.7:ocs4/rook-ceph-rhel8-operator@sha256:de99a6b3cefa44dd22c637cfa2fb54c60d2b0e14970466cea19979e2e59668c7_amd64", + "8Base-RH-OCS-4.7:ocs4/rook-ceph-rhel8-operator@sha256:e25dc5fd74d37ea3b00898557b71cdefc7d508e748bfb230e18db7c2e3d526f4_ppc64le" + ], + "url": "https://access.redhat.com/errata/RHSA-2021:2041" + }, + { + "category": "no_fix_planned", + "details": "Will not fix", + "product_ids": [ + "red_hat_openshift_container_platform_3.11:atomic-openshift", + "red_hat_storage_3:heketi", + "red_hat_storage_3:rhgs3/rhgs-gluster-block-prov-rhel7" + ] + }, + { + "category": "none_available", + "details": "Affected", + "product_ids": [ + "red_hat_openshift_container_storage_4:mcg" + ] + } + ], + "scores": [ + { + "cvss_v3": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" + }, + "products": [ + "8Base-RH-OCS-4.7:ocs4/rook-ceph-rhel8-operator@sha256:1c57a22591b2277403200cf3e254badcc827416fc01efabfd12c03c265a491b2_s390x", + "8Base-RH-OCS-4.7:ocs4/rook-ceph-rhel8-operator@sha256:de99a6b3cefa44dd22c637cfa2fb54c60d2b0e14970466cea19979e2e59668c7_amd64", + "8Base-RH-OCS-4.7:ocs4/rook-ceph-rhel8-operator@sha256:e25dc5fd74d37ea3b00898557b71cdefc7d508e748bfb230e18db7c2e3d526f4_ppc64le", + "8Base-RH-OCS-4.8:ocs4/cephcsi-rhel8@sha256:1819cba5b8d43c37d8b4521ffe5cbd59bd54be42953a08380cd709eb45fa0cd7_amd64", + "8Base-RH-OCS-4.8:ocs4/cephcsi-rhel8@sha256:a8b8bf6dbc9066e3e0357f2ee2280137fb4071b7410680c92df85ff3f61e3e71_s390x", + "8Base-RH-OCS-4.8:ocs4/cephcsi-rhel8@sha256:fd09ea1209f059743c68f8c5a6d96bf0d194382e596281b7a79eebc75cae8781_ppc64le", + "8Base-RH-OCS-4.8:ocs4/mcg-core-rhel8@sha256:0cb74e8ebd0ec62591a86497e2557e606c1eca91560a2c302442aafdee9d2ba3_s390x", + "8Base-RH-OCS-4.8:ocs4/mcg-core-rhel8@sha256:3c805f5f71b7fbc3d77f05e0eb04a242ee277ded61121a2f78f58a6f2e3d6239_amd64", + "8Base-RH-OCS-4.8:ocs4/mcg-core-rhel8@sha256:a35b39d108c85722af235fa856c239a4f9c16a6c60664d91672c680e3fd1e735_ppc64le", + "8Base-RH-OCS-4.8:ocs4/mcg-rhel8-operator@sha256:260bc0e079e4d8e7d29c0480f6a70278709f27a12cd70bb2fb9cbe6334af3333_amd64", + "8Base-RH-OCS-4.8:ocs4/mcg-rhel8-operator@sha256:76353560ad951875d5a031ccee8ffc13f6424b14f4f477b4ce6bbc71edbadc86_s390x", + "8Base-RH-OCS-4.8:ocs4/mcg-rhel8-operator@sha256:aa285fae19902f0fe3aa80f17024ffeba8b3cff017b4e5c02e220cbd80c06973_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-must-gather-rhel8@sha256:180ca4c2ca1f8bfd59251ef37dc6f0b0c6f6b651383dad7a34ef67c0374617f5_amd64", + "8Base-RH-OCS-4.8:ocs4/ocs-must-gather-rhel8@sha256:2c24b0616e961f1c95fe84abccc01ab79d91f8cc2add3035c2821c0fd49ee675_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-must-gather-rhel8@sha256:cc4d487f0ed7beb0662489ffb48ed7ee1a7d95a08f2f959af3d2425a082e5d99_s390x", + "8Base-RH-OCS-4.8:ocs4/ocs-operator-bundle@sha256:644bf5f6e364ba10268d76ee5919bd8f48a772644dba85612730e3792e0f4ea1_s390x", + "8Base-RH-OCS-4.8:ocs4/ocs-operator-bundle@sha256:851d87a64e1e9f4777791b20fc6c7e4252e779f79d3ecc09bd7af3f9395de771_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-operator-bundle@sha256:91515bf10db2c19a059a16e4df1a331f4b919f2eb1ab11d2a09d054f38fe1fc7_amd64", + "8Base-RH-OCS-4.8:ocs4/ocs-rhel8-operator@sha256:8e6d5a070f6be7ee8558d4629483af9bae4259d78fe677d5855b75317939621f_amd64", + "8Base-RH-OCS-4.8:ocs4/ocs-rhel8-operator@sha256:b8f2788c69ac85df91ddc16c9e3d228e638b4deafb5227be521ae343d3010baa_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-rhel8-operator@sha256:f7a29c6ef520ef1728ce6c1caeb84f6a4d7c8e3f2f46daf373403d34543df36f_s390x", + "8Base-RH-OCS-4.8:ocs4/rook-ceph-rhel8-operator@sha256:19b8b9aa50c96c9b8ee26d3f1778fa3394ec7e042f81a6eef593b003622fa6f8_amd64", + "8Base-RH-OCS-4.8:ocs4/rook-ceph-rhel8-operator@sha256:25682019c97995e63d466115157158f661c3e38c697a03ee2d488a04f2f4adec_s390x", + "8Base-RH-OCS-4.8:ocs4/rook-ceph-rhel8-operator@sha256:ed689445f56e7e50d872f2e0b0d61bdf4c08d4bd34daf246ff49648d3f5a298d_ppc64le", + "8Base-RH-OCS-4.8:ocs4/volume-replication-rhel8-operator@sha256:45210e36c8bb62080cb96c7a9aaefffa22e8749bfbe0e2e3f66b7d36e3f40b3f_amd64", + "8Base-RH-OCS-4.8:ocs4/volume-replication-rhel8-operator@sha256:695c55a8d65caf60e902b45afa80f59959d3a47c271150f9779b02e77f6c2068_s390x", + "8Base-RH-OCS-4.8:ocs4/volume-replication-rhel8-operator@sha256:c33567da3a51dc79c490f635b201359c41391aae1fcc071ea6b6862f344e6784_ppc64le", + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.ppc64le", + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.s390x", + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.src", + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.x86_64", + "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x", + "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64", + "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x", + "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64", + "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64", + "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x", + "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64", + "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x", + "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64", + "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64", + "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x", + "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x", + "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64", + "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x", + "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64", + "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64", + "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x", + "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x", + "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64", + "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le", + "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x", + "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64", + "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64", + "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x", + "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le", + "red_hat_openshift_container_platform_3.11:atomic-openshift", + "red_hat_openshift_container_storage_4:mcg", + "red_hat_storage_3:heketi", + "red_hat_storage_3:rhgs3/rhgs-gluster-block-prov-rhel7" + ] + } + ], + "threats": [ + { + "category": "impact", + "details": "Moderate", + "product_ids": [ + "8Base-RH-OCS-4.7:ocs4/rook-ceph-rhel8-operator@sha256:1c57a22591b2277403200cf3e254badcc827416fc01efabfd12c03c265a491b2_s390x", + "8Base-RH-OCS-4.7:ocs4/rook-ceph-rhel8-operator@sha256:de99a6b3cefa44dd22c637cfa2fb54c60d2b0e14970466cea19979e2e59668c7_amd64", + "8Base-RH-OCS-4.7:ocs4/rook-ceph-rhel8-operator@sha256:e25dc5fd74d37ea3b00898557b71cdefc7d508e748bfb230e18db7c2e3d526f4_ppc64le", + "8Base-RH-OCS-4.8:ocs4/cephcsi-rhel8@sha256:1819cba5b8d43c37d8b4521ffe5cbd59bd54be42953a08380cd709eb45fa0cd7_amd64", + "8Base-RH-OCS-4.8:ocs4/cephcsi-rhel8@sha256:a8b8bf6dbc9066e3e0357f2ee2280137fb4071b7410680c92df85ff3f61e3e71_s390x", + "8Base-RH-OCS-4.8:ocs4/cephcsi-rhel8@sha256:fd09ea1209f059743c68f8c5a6d96bf0d194382e596281b7a79eebc75cae8781_ppc64le", + "8Base-RH-OCS-4.8:ocs4/mcg-core-rhel8@sha256:0cb74e8ebd0ec62591a86497e2557e606c1eca91560a2c302442aafdee9d2ba3_s390x", + "8Base-RH-OCS-4.8:ocs4/mcg-core-rhel8@sha256:3c805f5f71b7fbc3d77f05e0eb04a242ee277ded61121a2f78f58a6f2e3d6239_amd64", + "8Base-RH-OCS-4.8:ocs4/mcg-core-rhel8@sha256:a35b39d108c85722af235fa856c239a4f9c16a6c60664d91672c680e3fd1e735_ppc64le", + "8Base-RH-OCS-4.8:ocs4/mcg-rhel8-operator@sha256:260bc0e079e4d8e7d29c0480f6a70278709f27a12cd70bb2fb9cbe6334af3333_amd64", + "8Base-RH-OCS-4.8:ocs4/mcg-rhel8-operator@sha256:76353560ad951875d5a031ccee8ffc13f6424b14f4f477b4ce6bbc71edbadc86_s390x", + "8Base-RH-OCS-4.8:ocs4/mcg-rhel8-operator@sha256:aa285fae19902f0fe3aa80f17024ffeba8b3cff017b4e5c02e220cbd80c06973_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-must-gather-rhel8@sha256:180ca4c2ca1f8bfd59251ef37dc6f0b0c6f6b651383dad7a34ef67c0374617f5_amd64", + "8Base-RH-OCS-4.8:ocs4/ocs-must-gather-rhel8@sha256:2c24b0616e961f1c95fe84abccc01ab79d91f8cc2add3035c2821c0fd49ee675_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-must-gather-rhel8@sha256:cc4d487f0ed7beb0662489ffb48ed7ee1a7d95a08f2f959af3d2425a082e5d99_s390x", + "8Base-RH-OCS-4.8:ocs4/ocs-operator-bundle@sha256:644bf5f6e364ba10268d76ee5919bd8f48a772644dba85612730e3792e0f4ea1_s390x", + "8Base-RH-OCS-4.8:ocs4/ocs-operator-bundle@sha256:851d87a64e1e9f4777791b20fc6c7e4252e779f79d3ecc09bd7af3f9395de771_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-operator-bundle@sha256:91515bf10db2c19a059a16e4df1a331f4b919f2eb1ab11d2a09d054f38fe1fc7_amd64", + "8Base-RH-OCS-4.8:ocs4/ocs-rhel8-operator@sha256:8e6d5a070f6be7ee8558d4629483af9bae4259d78fe677d5855b75317939621f_amd64", + "8Base-RH-OCS-4.8:ocs4/ocs-rhel8-operator@sha256:b8f2788c69ac85df91ddc16c9e3d228e638b4deafb5227be521ae343d3010baa_ppc64le", + "8Base-RH-OCS-4.8:ocs4/ocs-rhel8-operator@sha256:f7a29c6ef520ef1728ce6c1caeb84f6a4d7c8e3f2f46daf373403d34543df36f_s390x", + "8Base-RH-OCS-4.8:ocs4/rook-ceph-rhel8-operator@sha256:19b8b9aa50c96c9b8ee26d3f1778fa3394ec7e042f81a6eef593b003622fa6f8_amd64", + "8Base-RH-OCS-4.8:ocs4/rook-ceph-rhel8-operator@sha256:25682019c97995e63d466115157158f661c3e38c697a03ee2d488a04f2f4adec_s390x", + "8Base-RH-OCS-4.8:ocs4/rook-ceph-rhel8-operator@sha256:ed689445f56e7e50d872f2e0b0d61bdf4c08d4bd34daf246ff49648d3f5a298d_ppc64le", + "8Base-RH-OCS-4.8:ocs4/volume-replication-rhel8-operator@sha256:45210e36c8bb62080cb96c7a9aaefffa22e8749bfbe0e2e3f66b7d36e3f40b3f_amd64", + "8Base-RH-OCS-4.8:ocs4/volume-replication-rhel8-operator@sha256:695c55a8d65caf60e902b45afa80f59959d3a47c271150f9779b02e77f6c2068_s390x", + "8Base-RH-OCS-4.8:ocs4/volume-replication-rhel8-operator@sha256:c33567da3a51dc79c490f635b201359c41391aae1fcc071ea6b6862f344e6784_ppc64le", + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.ppc64le", + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.s390x", + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.src", + "8Base-RH-ODF-4.9:mcg-0:5.9.0-28.61dcf87.5.9.el8.x86_64", + "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "8Base-RH-ODF-4.9:odf/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:6bb536ff91903016dcce91fcf6df30286321b7a415bcca68d22ca0a283406745_s390x", + "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:7c3beaacde875028141485219de5c780c3c30b146bcc533dfe1eb6c562a65b95_amd64", + "8Base-RH-ODF-4.9:odf4/cephcsi-rhel8@sha256:f3b19e5732308b4d40f1b605169ac3f15a03194cb4dd47819ef073f36a0d1849_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:38d08ac83d988cda406d8cc6c2209ece706e125da07e202996f606c22c914349_s390x", + "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b0211a2fdad8d5e6fdefeece952aa9c51598b74d74a12d5adec4bed4e2783b2d_amd64", + "8Base-RH-ODF-4.9:odf4/ocs-must-gather-rhel8@sha256:b1b008efb550c5fce0797378d96bb191a0c28aa15e813d759786e663fabb0274_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:19baeee4a9db7519f1b88a885034be1e35423f34854323ac4a1b0e88e881bc3f_amd64", + "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:7507787d2c8f920c718c15b93e9c24f7edf8047a24c7c0c2024d70915d7ff1d2_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-operator-bundle@sha256:af844ee09da74a2bf95779de502b683982cfb54227f196f24ef07221af5ec9d8_s390x", + "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:1fe31ad232d5ffc1eb202db0f83eb882eeca1bde83ba282fe412485c5b2bc479_amd64", + "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:355c50572c534973734eaeb171375bae9e0342504942b28585f5498829ae8aeb_ppc64le", + "8Base-RH-ODF-4.9:odf4/ocs-rhel8-operator@sha256:b02b6d2cd44672787e0fa5569074c4a8cdcc6fde0206fe01ef6d9d70a6385d0c_s390x", + "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:02777f2cd36c40d5c09a28116e24c1c7a8ee0c6030d680281e042d08e1fd61f6_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:71724ee7baa629a98b4bf979e232dd128a313a2fa1eb4156c5b69593c99ec181_amd64", + "8Base-RH-ODF-4.9:odf4/odf-console-rhel8@sha256:fd1659e10e099871d6a956bb26c3c17ed9a9bccc5ed90768514be8b0dcc34ff3_s390x", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:5a3e1458b856d295ba8fa9d075845d2524c6130d60db07b85cce99f5719a014f_amd64", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:b66338b35316b95d01fc30a207fd80227c2cb0cbc06ee516230dbb4e2c2e369e_s390x", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-operator-bundle@sha256:ee9641382dcfccd9db92c66bab549c0b44a218572e40011c2e22b651d4ff64af_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:17be1d705d7339f6e5f10d77c065c7a876c248c0913f625754443e58279c5039_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:446de9c6969efa219fd09aca97e8f1d34a18aa5a1553cad93ea03d1c99d75e9d_amd64", + "8Base-RH-ODF-4.9:odf4/odf-multicluster-rhel8-operator@sha256:80c5ca69a4a153fe862d2edc12910131b9edaf3dd4ad544c2a30d1e363bf4bdb_s390x", + "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:2231fc5ebf70c6165947bdc31f95b6deaa69f1efbd6c6194b457e2ad7bb10948_amd64", + "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:5d47bf5c8aaadc387d2bde705cfc3238436bd29547139e6ce82bb3c9512da7f4_ppc64le", + "8Base-RH-ODF-4.9:odf4/odf-operator-bundle@sha256:f51b12d4d34949b0932386e26af1c33db240d95a3e20b0ccdb469e4596124220_s390x", + "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:43679e013dacc86f5d181455fd533bc32a1d1b48e8cd2b0a88905c941127c09e_s390x", + "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:bbfcc2e62edb26b19578242800bf654cd74efbb33ff81273d62e207deff15c13_amd64", + "8Base-RH-ODF-4.9:odf4/odf-rhel8-operator@sha256:ec0bd017c0ee777a3347c5fa83417fbb9f7d9e69fed7d6091b2e9a87dbaa9bff_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:5154833553993db3075424d9d0799548b0031123811832004d876c307becd6c7_s390x", + "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:95f7e6d4b0bfbbebd6f88b6a38e44e617d43bb2c10d473faa581fc235bdb7048_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-cluster-operator-bundle@sha256:f936b221644cebeea79a937c03261911fd2cc2181adcfc9381b2bd3890bb00d5_amd64", + "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:088270d599e6b65a321c2267057c655acad9e7df8baf2066c6da128d85479a16_amd64", + "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:0cfd5566150cd039abf04aaaa52cb95e86bc2e1044c64a58c4a5cd372f415c94_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-hub-operator-bundle@sha256:972d770ad4d54dd8663a715b81112c84ebf29ef4724190ffb440608c5fb665db_s390x", + "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:49df4d5554221b8aea998b9e06a24c01735d17c488aee4cbaf084bc0fedc5fcb_ppc64le", + "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:d9485425d2ce02a7279f7fb8e857f070f0fec7753f1219824e5988a5f14023e1_s390x", + "8Base-RH-ODF-4.9:odf4/odr-rhel8-operator@sha256:ed5f3964c9c2e4e9e1da1b5759f7abbdc8f7139ee3d3c7984aca2491bde23b2d_amd64", + "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:0108cf6fabd19895a2be1b0a7cf0a33892a720d2b480b97e689100973f3d08ab_ppc64le", + "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:063bf4439fe8f803a21bc3c30e7afc8d9cfa7959a4635223ad176a1d9d1083b3_s390x", + "8Base-RH-ODF-4.9:odf4/rook-ceph-rhel8-operator@sha256:edcab10440eebf3ea2732e1d345de9da8e598d3871e4ebf13d8b9cde7186f0b4_amd64", + "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:4fdaa73a9dc52c03407b845759f5bfa42289cbfcc62f23a000e1200399ff1336_amd64", + "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:536340adaaa6ff74a0305cc350b85d92fdfc36c30012d7875c7527c672b14ebe_s390x", + "8Base-RH-ODF-4.9:odf4/volume-replication-rhel8-operator@sha256:62e9c97030fc7ab33e36f2d76f9a566f015498c80ab0b8a6e9b5b02ab6895927_ppc64le", + "red_hat_openshift_container_platform_3.11:atomic-openshift", + "red_hat_openshift_container_storage_4:mcg", + "red_hat_storage_3:heketi", + "red_hat_storage_3:rhgs3/rhgs-gluster-block-prov-rhel7" + ] + } + ], + "title": "kubernetes: Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9" + } + ] +} diff --git a/test/rhel/testdata/server/empty_archive.tar.zst b/test/rhel/testdata/server/empty_archive.tar.zst new file mode 100644 index 000000000..4756d299a Binary files /dev/null and b/test/rhel/testdata/server/empty_archive.tar.zst differ diff --git a/updater/defaults/defaults.go b/updater/defaults/defaults.go index deb27de2d..f3abbcbb8 100644 --- a/updater/defaults/defaults.go +++ b/updater/defaults/defaults.go @@ -15,7 +15,6 @@ import ( "github.com/quay/claircore/libvuln/driver" "github.com/quay/claircore/oracle" "github.com/quay/claircore/photon" - "github.com/quay/claircore/rhel/rhcc" "github.com/quay/claircore/rhel/vex" "github.com/quay/claircore/suse" "github.com/quay/claircore/ubuntu" @@ -63,7 +62,6 @@ func inner(ctx context.Context) error { updater.Register("oracle", driver.UpdaterSetFactoryFunc(oracle.UpdaterSet)) updater.Register("photon", driver.UpdaterSetFactoryFunc(photon.UpdaterSet)) updater.Register("suse", new(suse.Factory)) - updater.Register("rhcc", driver.UpdaterSetFactoryFunc(rhcc.UpdaterSet)) cvssSet := driver.NewUpdaterSet() cvssSet.Add(&cvss.Enricher{})