Headline
RHSA-2021:5002: Red Hat Security Advisory: OpenShift Container Platform 4.9.11 security update
Red Hat OpenShift Container Platform release 4.9.11 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-4047: haproxy: Incomplete fix for CVE-2021-39242 in OpenShift 4.9
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat Openshift Container Storage
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
- Red Hat CodeReady Studio
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2021-12-13
Updated:
2021-12-13
RHSA-2021:5002 - Security Advisory
- Overview
- Updated Packages
Synopsis
Moderate: OpenShift Container Platform 4.9.11 security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
Red Hat OpenShift Container Platform release 4.9.11 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Description
Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.9.11. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHBA-2021:5003
All OpenShift Container Platform 4.9 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor
Security Fix(es):
- haproxy: Incomplete fix for CVE-2021-39242 in OpenShift 4.9
(CVE-2021-4047)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s)
listed in the References section.
Affected Products
- Red Hat OpenShift Container Platform 4.9 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform for Power 4.9 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.9 for RHEL 8 s390x
- Red Hat OpenShift Container Platform for ARM 64 4.9 aarch64
Fixes
- BZ - 2027881 - CVE-2021-4047 haproxy: Incomplete fix for CVE-2021-39242 in OpenShift 4.9
Red Hat OpenShift Container Platform 4.9 for RHEL 8
SRPM
cri-o-1.22.1-8.rhaos4.9.gite059965.el8.src.rpm
SHA-256: d3b226f8758c7224908ee2ccaeac32c76f219aa1e1d1464dc18d6f9c7531cf7e
haproxy-2.2.15-3.el8.src.rpm
SHA-256: 4b6f310c3f681c4f17c6520abaa100a77c60b87cec2a176161d319a3aef1bb41
x86_64
cri-o-1.22.1-8.rhaos4.9.gite059965.el8.x86_64.rpm
SHA-256: 00c1340bc807079ef2636630b8b4712174583bd6246caa5041acd78cf5def115
cri-o-debuginfo-1.22.1-8.rhaos4.9.gite059965.el8.x86_64.rpm
SHA-256: 79bcbfdef1e188687d714205a6bc30d1624f7a487d88cc95545a69fcdb423049
cri-o-debugsource-1.22.1-8.rhaos4.9.gite059965.el8.x86_64.rpm
SHA-256: ed684b376e35af5533c2d77460951b640ee85679bcc7007680fd1292c093ac70
haproxy-debugsource-2.2.15-3.el8.x86_64.rpm
SHA-256: 65b6e86f3601e2bcd535e3540d499a23dfd6c6390810dc31cb72621802863687
Red Hat OpenShift Container Platform for Power 4.9 for RHEL 8
SRPM
cri-o-1.22.1-8.rhaos4.9.gite059965.el8.src.rpm
SHA-256: d3b226f8758c7224908ee2ccaeac32c76f219aa1e1d1464dc18d6f9c7531cf7e
haproxy-2.2.15-3.el8.src.rpm
SHA-256: 4b6f310c3f681c4f17c6520abaa100a77c60b87cec2a176161d319a3aef1bb41
ppc64le
cri-o-1.22.1-8.rhaos4.9.gite059965.el8.ppc64le.rpm
SHA-256: a4e3fe486a6e2b4003cc97880e751cc81ecd1bb669d8a1e4f62f8f1d7afc6850
cri-o-debuginfo-1.22.1-8.rhaos4.9.gite059965.el8.ppc64le.rpm
SHA-256: 9a09e515dd624ccd64f4a2e4f02abd326e24ec7144ae59054ce8e032fe07885d
cri-o-debugsource-1.22.1-8.rhaos4.9.gite059965.el8.ppc64le.rpm
SHA-256: d996141f382db0a212ec24e99fd0c9a710cce310559717b62fbf72a7a025893a
haproxy-debugsource-2.2.15-3.el8.ppc64le.rpm
SHA-256: 654ecaa27eadd7c6a3afe7fd09410bddc011c45fd973d43a6f2a8bc9cf0063f0
Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.9 for RHEL 8
SRPM
cri-o-1.22.1-8.rhaos4.9.gite059965.el8.src.rpm
SHA-256: d3b226f8758c7224908ee2ccaeac32c76f219aa1e1d1464dc18d6f9c7531cf7e
haproxy-2.2.15-3.el8.src.rpm
SHA-256: 4b6f310c3f681c4f17c6520abaa100a77c60b87cec2a176161d319a3aef1bb41
s390x
cri-o-1.22.1-8.rhaos4.9.gite059965.el8.s390x.rpm
SHA-256: 632c7b68c1d647bce31f54c9f16680896fd6b2839f557657dc88acce9306bd29
cri-o-debuginfo-1.22.1-8.rhaos4.9.gite059965.el8.s390x.rpm
SHA-256: 10bfae1962fccec0a6236b9ed557e46cff80f3f92921206c6bad9d48b0a55417
cri-o-debugsource-1.22.1-8.rhaos4.9.gite059965.el8.s390x.rpm
SHA-256: 12fbc09cb88d21d67c29a32ddef7fa58ea437db6146843bf38b523160050c4db
haproxy-debugsource-2.2.15-3.el8.s390x.rpm
SHA-256: 2f4a9d4f842d59dc9324e1ebc859ef20c18a999ae817d08633249e4f56afa963
Red Hat OpenShift Container Platform for ARM 64 4.9
SRPM
cri-o-1.22.1-8.rhaos4.9.gite059965.el8.src.rpm
SHA-256: d3b226f8758c7224908ee2ccaeac32c76f219aa1e1d1464dc18d6f9c7531cf7e
haproxy-2.2.15-3.el8.src.rpm
SHA-256: 4b6f310c3f681c4f17c6520abaa100a77c60b87cec2a176161d319a3aef1bb41
aarch64
cri-o-1.22.1-8.rhaos4.9.gite059965.el8.aarch64.rpm
SHA-256: 011d6f4cb61ac7738d68bf587a73a513329126c65bdb43a1b7f604755d436264
cri-o-debuginfo-1.22.1-8.rhaos4.9.gite059965.el8.aarch64.rpm
SHA-256: 74448ffb448dcb343fb9772ea942e797d65da424b2c6cd76c2a818846947da71
cri-o-debugsource-1.22.1-8.rhaos4.9.gite059965.el8.aarch64.rpm
SHA-256: c3f8ad031b3dbc69940827c5a3346358a9374a58409c18bcea4e2c1da8d2acca
haproxy-debugsource-2.2.15-3.el8.aarch64.rpm
SHA-256: 8fbf070a6ee1f02be5c4099b8bd3e7e90d59066dad49a28f07e1d9648593cc68
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.