Red Hat Security Advisory 2019-1852-01

Red Hat Security Advisory 2019-1852-01: Posted Jul 25, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-1852-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. An incomplete fix for CVE-2019-1002101 was addressed.; tags | advisory; systems | linux, redhat; advisories | CVE-2019-1002101, CVE-2019-11246; SHA-256 | c2b47e34d49807392fd550c9925a7fcd990d35fc8f3a2292d2097009020812e4; Download | Favorite | View

Red Hat Security Advisory 2019-1852-01

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: OpenShift Container Platform 3.9 atomic-openshift security update
Advisory ID:       RHSA-2019:1852-01
Product:           Red Hat OpenShift Enterprise
Advisory URL:      https://access.redhat.com/errata/RHSA-2019:1852
Issue date:        2019-07-24
CVE Names:         CVE-2019-11246 
=====================================================================

1. Summary:

An update for atomic-openshift is now available for Red Hat OpenShift
Container Platform 3.9.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenShift Container Platform 3.9 - noarch, x86_64

3. Description:

Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

Security Fix(es):

* kubernetes: Incomplete fix for CVE-2019-1002101 allows for arbitrary file
write via `kubectl cp` (CVE-2019-11246)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For OpenShift Container Platform 3.9 see the following documentation for
important instructions on how to upgrade your cluster and fully apply this
asynchronous errata update:

https://docs.openshift.com/container-platform/3.9/release_notes/ocp_3_9_rel
ease_notes.html

5. Bugs fixed (https://bugzilla.redhat.com/):

1721704 - CVE-2019-11246 kubernetes: Incomplete fix for CVE-2019-1002101 allows for arbitrary file write via `kubectl cp`

6. Package List:

Red Hat OpenShift Container Platform 3.9:

Source:
atomic-openshift-3.9.89-1.git.0.9454f2a.el7.src.rpm

noarch:
atomic-openshift-docker-excluder-3.9.89-1.git.0.9454f2a.el7.noarch.rpm
atomic-openshift-excluder-3.9.89-1.git.0.9454f2a.el7.noarch.rpm

x86_64:
atomic-openshift-3.9.89-1.git.0.9454f2a.el7.x86_64.rpm
atomic-openshift-clients-3.9.89-1.git.0.9454f2a.el7.x86_64.rpm
atomic-openshift-clients-redistributable-3.9.89-1.git.0.9454f2a.el7.x86_64.rpm
atomic-openshift-cluster-capacity-3.9.89-1.git.0.9454f2a.el7.x86_64.rpm
atomic-openshift-federation-services-3.9.89-1.git.0.9454f2a.el7.x86_64.rpm
atomic-openshift-master-3.9.89-1.git.0.9454f2a.el7.x86_64.rpm
atomic-openshift-node-3.9.89-1.git.0.9454f2a.el7.x86_64.rpm
atomic-openshift-pod-3.9.89-1.git.0.9454f2a.el7.x86_64.rpm
atomic-openshift-sdn-ovs-3.9.89-1.git.0.9454f2a.el7.x86_64.rpm
atomic-openshift-service-catalog-3.9.89-1.git.0.9454f2a.el7.x86_64.rpm
atomic-openshift-template-service-broker-3.9.89-1.git.0.9454f2a.el7.x86_64.rpm
atomic-openshift-tests-3.9.89-1.git.0.9454f2a.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-11246
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2019 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXTjGI9zjgjWX9erEAQi2hA/8CE+peTFFmGSLCSQDMZ0vU7NM1kKJKekW
/6XeY8EleobamGS2MbryScXi6Y0c5R1tikBNwkNqjTWV4Zh0k5+ofYioiOzb0Im5
+32W4Rv7OsXCmY20LSXtGcwyGAVUnqRworKMUWPsxsKrTrh3izA0b5gUjjXLH28I
SQ7/wwgto3K8yoohbU80A62GWK8rhC/PKsih7B3U9CaZjqln9av6SuYPRJraEPFb
nF/aM9VM4UQiXL43dQUMa9xfCU70tfW5XyQFB9m1D+lpw9auFn0Y8EQDb4nPEp8w
wjIqh9Gc9A/cynG0COiiGi0JDW8IXt+XtJYKggTxiuvC0Qi3mdsYxgXEHgl3gU74
mDzCzuAIDdAyMHcpve8GFng+bhGpu8XNwUmamv6/EYcUKs3iPZrkq2dfNP6bluQW
ppjnPxYcdJUs1tQjYSMQLwd6mqrhNGtC4UaF459optj2G5QbexXJy2FOXDkinSqr
K3Mt97mHKLQpRuRenkr8r0u8Ft2t5f9Jhsym77rNozsvR03oAP+aExe3qoi/UZ79
ghVAsmVs7x4yz56bfUjhbPaqWTXcwYfsQB5S50FOoLCai/6ZYpoZ+Et/ULjFExeo
Ht8TZ9DDsQe8ah3kt9nlfqXePvUh7RBukKfyXTI8FxUHNpfyIv2MR8fmHqTwXzRH
82pWY1Q+hpk=
=9ot8
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Red Hat Security Advisory 2019-1852-01

Red Hat Security Advisory 2019-1852-01

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Red Hat Security Advisory 2019-1852-01

Share This

Red Hat Security Advisory 2019-1852-01

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems