-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.3.5 security update Advisory ID: RHSA-2020:0681-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2020:0681 Issue date: 2020-03-10 CVE Names: CVE-2019-16865 CVE-2019-19346 CVE-2019-19348 CVE-2020-1707 CVE-2020-1708 CVE-2020-5312 ==================================================================== 1. Summary: An update for openshift-enterprise-apb-base-container, openshift-enterprise-mariadb-apb, openshift-enterprise-mysql-apb, and openshift-enterprise-postgresql-apb is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es): * openshift/mariadb-apb: /etc/passwd was given incorrect privileges (CVE-2019-19346) * openshift/apb-base: /etc/passwd was given incorrect privileges (CVE-2019-19348) * openshift/postgresql-apb: /etc/passwd was given incorrect privileges (CVE-2020-1707) * openshift/mysql-apb: /etc/passwd was given incorrect privileges (CVE-2020-1708) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: For OpenShift Container Platform 4.3 see the following documentation, which will be updated shortly for release 4.3.5, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-rel ease-notes.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1793286 - CVE-2019-19348 openshift/apb-base: /etc/passwd is given incorrect privileges 1793289 - CVE-2019-19346 openshift/mariadb-apb: /etc/passwd is given incorrect privileges 1793299 - CVE-2020-1708 openshift/mysql-apb: /etc/passwd is given incorrect privileges 1793301 - CVE-2020-1707 openshift/postgresql-apb: /etc/passwd is given incorrect privileges 5. References: https://access.redhat.com/security/cve/CVE-2019-16865 https://access.redhat.com/security/cve/CVE-2019-19346 https://access.redhat.com/security/cve/CVE-2019-19348 https://access.redhat.com/security/cve/CVE-2020-1707 https://access.redhat.com/security/cve/CVE-2020-1708 https://access.redhat.com/security/cve/CVE-2020-5312 https://access.redhat.com/security/updates/classification/#moderate 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXmgpjtzjgjWX9erEAQigDhAAnTRyBS1Wk+cpDyx9MobcCdp5yJIOLpGf Za69gaQ9bveECZrOTdGdZP8DcQhQZ4lLZymjmXNUawKeTqMfk5LKfy+LvvRWRmhP Sk8BsLEH5Smf4zDgCPYPCbWNBDNTanfIT92S6hYXgX6oHFSzX1NP3MlwfdRx9Mee QU5tbyu1B6sdJHUtXbz0XFt5zsPAJErh07kz3FQ6pK4POHoibzvwSmXP0VzYZtbh jPKqUG2U1GXkelE1Bj7TJ35zT8EKVDt66lpMczkHWBiHVYcnT6iEXRNm7b1/AwWn nv1YQ6H8sz8XLAzHDfawUscSWbpjaPDiM6qJoQ4qTIEYXdXnZAZAAfWwhlX2a5c4 6ppV9+TytRsiNbpjNVW+GKfUcspFeZ3UftgpWr9IWM/0DAtwN0c18PYZAtdR+dyZ +QDDkIdR6rT+jG/++2yndJ1lZwzddn2Hxb147YEL7ub+NzBVWZfd2k440Q2n88qN OHjG05nW8rr5aUvIHsf16aW9a4X9Yq0pqmhBaV7vW8q8FsQYKPwU5ldlWXd8sRB6 CQezdpGpZFbnCZXLKMl+v0b/twLU1K8wlAa5738wC0rCB8eYtkyR+duixXIQzJi6 OMOX1jzR1djzcdBqV12VwJrtoGmL0jATcfYEHgU9WewZOm0A/9xp1ck0oYnjGt7W +9cVc4KayHE=jA6U -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce