#kubernetes

Red Hat OpenShift Container Platform release 4.8.2 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. This advisory contains the container images for Red Hat OpenShift Container Platform 4.8.2. See the following advisory for the RPM packages for this...

An update is now available for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Ansible is a SSH-based configuration management, deployment, and task execution system. The openshift-ansible packages contain Ansible code and playbooks for installing and upgrading OpenShift Container Platform 3. The systemd packages contain systemd, a system and se...

The Migration Toolkit for Containers (MTC) 1.4.6 is now available.The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Related CVEs: * CVE-2018-25011: libwebp: heap-based buffer overflow in PutLE16() * CVE-2020-25648: nss: TLS 1.3 CCS flood remote DoS Attack * CVE-2020-25692: openldap: NULL pointer dereference for unauthenticated packet in slapd * CVE-2020-26541: kernel: security bypass in certs/blacklist.c and certs/system_keyring.c * CVE-2020-27216: jetty: local temporary directory hijacking vulnerability * CVE-2020-27218: jetty: buffer not correctly recycled in Gzip Request inflation * CVE-2020-27223: jetty: request containing multiple Accept headers with a large number of "quality" parameters may lead to DoS * CVE-2020-36328: libwebp: heap-based buffer overflow in WebPDecode*Into functions * CVE-2020...

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically i...

Red Hat OpenShift Container Platform release 4.6.38 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.38. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHBA-2021:2641 Security Fix(es): * nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ pa...

Red Hat OpenShift Container Platform release 4.7.19 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.19. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHSA-2021:2554 Security Fix(es): * polkit: local privilege escalation using polkit_system_bus_name_get_creds_sync() (CVE-2021-3560) * dhcp: sta...

Red Hat OpenShift Container Platform release 4.5.41 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of [[Important]]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.5.41. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHSA-2021:2430 Security Fix(es): * jenkins-2-plugins/config-file-provider: Does not configure its XML parser to prevent XML external entity (XXE) attacks. (CVE-2021-21642) * jetty: local temporary directory hijacking vulnerab...

An update is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.462. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHBA-2021:2516 Space precludes documenting all of the bug fixes and enhancements in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_r...

Red Hat OpenShift Container Platform release 4.6.36 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es): * nodejs-handlebars: lookup helper fails to properly validate templates allowing for arbitrary JavaScript execution (CVE-2019-20920) * nodejs-handlebars: an endless loop while processing specially-crafted templates leads to DoS (CVE-2019-20922) * nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option (CVE-2021-23369) * nodejs-handlebars: Remote code...

An update for cri-o, jenkins, openshift-clients, and openshift-kuryr is now available for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.36. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHBA-2021:2498 Security Fix(es): * jetty: local temporary directory hijacking vulnerability (CVE-2020-27216) * jetty: buffer not correctly recycled in Gzip Request inflation (CVE-2020-27218) * jetty: request containing multiple Accept headers with...