Headline
RHSA-2022:0870: Red Hat Security Advisory: OpenShift Container Platform 4.7.45 packages and security update
Red Hat OpenShift Container Platform release 4.7.45. is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-0811: CRI-O: Arbitrary code execution in cri-o via abusing “kernel.core_pattern” kernel parameter
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
- Red Hat CodeReady Studio
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-03-22
Updated:
2022-03-22
RHSA-2022:0870 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: OpenShift Container Platform 4.7.45 packages and security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
Red Hat OpenShift Container Platform release 4.7.45. is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Description
Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.45. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHBA-2022:0873
Security Fix(es):
- CRI-O: Arbitrary code execution in cri-o via abusing
“kernel.core_pattern” kernel parameter (CVE-2022-0811)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html
Affected Products
- Red Hat OpenShift Container Platform 4.7 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform 4.7 for RHEL 7 x86_64
- Red Hat OpenShift Container Platform for Power 4.7 for RHEL 8 ppc64le
- Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.7 for RHEL 8 s390x
Fixes
- BZ - 2059475 - CVE-2022-0811 CRI-O: Arbitrary code execution in cri-o via abusing “kernel.core_pattern” kernel parameter
- BZ - 2064013 - Placeholder bug for OCP 4.7.0 rpm release
Red Hat OpenShift Container Platform 4.7 for RHEL 8
SRPM
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el8.src.rpm
SHA-256: bb0bdd27039e23e54bff4afb805bfb412f999780f159513c45cd1cbd4270f28b
openshift-4.7.0-202203091647.p0.g0d60930.assembly.stream.el8.src.rpm
SHA-256: afeb7728aeabd61dd7010f48530dff8471f4a131b094cd5788e4679bca6a7fbd
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el8.src.rpm
SHA-256: f9396ced40c1cd6f7af1d3b0436326e4ada425a3d32d6968e79cbb78ce40a952
x86_64
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el8.x86_64.rpm
SHA-256: 03b7ed82978f5c45a30d24b96be05d708cf537dc9fd323638f80008a00bd0978
cri-o-debuginfo-1.20.6-11.rhaos4.7.git76ea3d0.el8.x86_64.rpm
SHA-256: 3b98ef9e7d7a8412d2aeb1cb5eabc2be401973385a8a5257c637c72660e7b3c0
cri-o-debugsource-1.20.6-11.rhaos4.7.git76ea3d0.el8.x86_64.rpm
SHA-256: eb32cf933ffa6b5142bd6fb20c6c04674ed900a74e370ffed73291b869fb66fe
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el8.x86_64.rpm
SHA-256: d25c7b4639c2200780214ba9db94ba4c05cce266fe2ed56019d36eaf965b67cb
openshift-clients-redistributable-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el8.x86_64.rpm
SHA-256: 2096a56f6bb397cc59741a9ae1556cecd37739abe28a4676a46e97fa3c4a7e6b
openshift-hyperkube-4.7.0-202203091647.p0.g0d60930.assembly.stream.el8.x86_64.rpm
SHA-256: a424079b648c02a43308c6ac431af4764ceb0a7ffad60456411056190856410e
Red Hat OpenShift Container Platform 4.7 for RHEL 7
SRPM
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el7.src.rpm
SHA-256: a2f82d7c75950fdc115a88b69bb32202c0f6f613371dce28f92a76e5a32061eb
openshift-4.7.0-202203091647.p0.g0d60930.assembly.stream.el7.src.rpm
SHA-256: a38cdba86d17028ca80cb5ea888542ceb679acee160e65c82779ed3e328c9ec0
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el7.src.rpm
SHA-256: 227c2893c78c480c8b468a1792f0207795372751ab530c8dea9cce7292aef78d
x86_64
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el7.x86_64.rpm
SHA-256: 692fcb6def6d53fa24415019f212edad308bbfaa44fb997bba248e09a3ebd11c
cri-o-debuginfo-1.20.6-11.rhaos4.7.git76ea3d0.el7.x86_64.rpm
SHA-256: 13872442c4e97dbafd2c3df1089967b4f4f64a572947020621cefe4d25a56b43
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el7.x86_64.rpm
SHA-256: 95d6ad721575273561336e3ea4b0034b7c679adee785fd343d315f19e1cf6013
openshift-clients-redistributable-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el7.x86_64.rpm
SHA-256: a9df01461c229c4836acc7aded59ba1403d4c52d07a4a92568ec7387cf0cf66f
openshift-hyperkube-4.7.0-202203091647.p0.g0d60930.assembly.stream.el7.x86_64.rpm
SHA-256: 9a371fc58e02240078e26b51d53018c3d173cc5418d8970017b8da6ab36feeed
Red Hat OpenShift Container Platform for Power 4.7 for RHEL 8
SRPM
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el8.src.rpm
SHA-256: bb0bdd27039e23e54bff4afb805bfb412f999780f159513c45cd1cbd4270f28b
openshift-4.7.0-202203091647.p0.g0d60930.assembly.stream.el8.src.rpm
SHA-256: afeb7728aeabd61dd7010f48530dff8471f4a131b094cd5788e4679bca6a7fbd
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el8.src.rpm
SHA-256: f9396ced40c1cd6f7af1d3b0436326e4ada425a3d32d6968e79cbb78ce40a952
ppc64le
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el8.ppc64le.rpm
SHA-256: 4cbabad880f04e39348c0dc01169951538ed626da160dde047fae68a15a453f9
cri-o-debuginfo-1.20.6-11.rhaos4.7.git76ea3d0.el8.ppc64le.rpm
SHA-256: 7d63563756a6f9c91bfeea44871b6d1dbabe2fa336fa8ec945897eb823b5e7b9
cri-o-debugsource-1.20.6-11.rhaos4.7.git76ea3d0.el8.ppc64le.rpm
SHA-256: 95724944db7bf1a671a75928e6392477d9d47f1b061055cf3bc95f72d93eaa7e
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el8.ppc64le.rpm
SHA-256: 6912082a7ef22fd742bd26fb6caf5255f39a273a4ddaf5adfa1e0ac267f8cd87
openshift-hyperkube-4.7.0-202203091647.p0.g0d60930.assembly.stream.el8.ppc64le.rpm
SHA-256: 620a9b8c2f9516fbd228a202aeb2197f7f63e3dfd02d7f7d8014d17261b5d731
Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.7 for RHEL 8
SRPM
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el8.src.rpm
SHA-256: bb0bdd27039e23e54bff4afb805bfb412f999780f159513c45cd1cbd4270f28b
openshift-4.7.0-202203091647.p0.g0d60930.assembly.stream.el8.src.rpm
SHA-256: afeb7728aeabd61dd7010f48530dff8471f4a131b094cd5788e4679bca6a7fbd
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el8.src.rpm
SHA-256: f9396ced40c1cd6f7af1d3b0436326e4ada425a3d32d6968e79cbb78ce40a952
s390x
cri-o-1.20.6-11.rhaos4.7.git76ea3d0.el8.s390x.rpm
SHA-256: dc457e64f96cc3769926b1c42e975b81a9385368dc4c73b10d6484adde0b50fc
cri-o-debuginfo-1.20.6-11.rhaos4.7.git76ea3d0.el8.s390x.rpm
SHA-256: 9e0e44b1977133d871bad8bb8c147fb3c910cfab951ae0ffbf3a1c631421d83b
cri-o-debugsource-1.20.6-11.rhaos4.7.git76ea3d0.el8.s390x.rpm
SHA-256: ed5189dfcd7b93add3cff5e3c2f8347259b02f0e0292af333059474bcd6928d3
openshift-clients-4.7.0-202202231953.p0.gc4ebc7a.assembly.stream.el8.s390x.rpm
SHA-256: 55117ee8541699b93394816e262575dedc92a2cc608e2b321905cb0ecfacef33
openshift-hyperkube-4.7.0-202203091647.p0.g0d60930.assembly.stream.el8.s390x.rpm
SHA-256: 1906abe5121cf9e69e8fbf56bf486c2ddc85df65d272e8bbd8184e79057f7480
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.