You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa OpenShift Container Platform 4.3.40

Sigurnosni nedostaci programskog paketa OpenShift Container Platform 4.3.40

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LRH

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Low: OpenShift Container Platform 4.3.40 security and bug fix update
Advisory ID: RHSA-2020:4264-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4264
Issue date: 2020-10-20
CVE Names: CVE-2017-12652 CVE-2017-18190 CVE-2018-20843
CVE-2019-2974 CVE-2019-5094 CVE-2019-5188
CVE-2019-5482 CVE-2019-8675 CVE-2019-8696
CVE-2019-11068 CVE-2019-11719 CVE-2019-11727
CVE-2019-11756 CVE-2019-12450 CVE-2019-12749
CVE-2019-14822 CVE-2019-14866 CVE-2019-14973
CVE-2019-15903 CVE-2019-16935 CVE-2019-17006
CVE-2019-17023 CVE-2019-17498 CVE-2019-17546
CVE-2019-18197 CVE-2019-19126 CVE-2019-19956
CVE-2019-20386 CVE-2019-20388 CVE-2020-2181
CVE-2020-2182 CVE-2020-2224 CVE-2020-2225
CVE-2020-2226 CVE-2020-2574 CVE-2020-2752
CVE-2020-2780 CVE-2020-2812 CVE-2020-6829
CVE-2020-7595 CVE-2020-8492 CVE-2020-9283
CVE-2020-12243 CVE-2020-12400 CVE-2020-12401
CVE-2020-12402 CVE-2020-12403 CVE-2020-12825
CVE-2020-14352 CVE-2020-24750
=====================================================================

1. Summary:

An update is now available for Red Hat OpenShift Container Platform 4.3.

Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Description:

Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

Security Fix(es):

* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows
for panic (CVE-2020-9283)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* Gather image registry config (backport to 4.3) (BZ#1836815)

* Builds fail after running postCommit script if OCP cluster is configured
with a container registry whitelist (BZ#1849176)

* Login with OpenShift not working after cluster upgrade (BZ#1852429)

* Limit the size of gathered federated metrics from alerts in Insights
Operator (BZ#1874018)

* [4.3] Storage operator stops reconciling when going Upgradeable=False on
v1alpha1 CRDs (BZ#1879110)

* [release 4.3] OpenShift APIs become unavailable for more than 15 minutes
after one of master nodes went down(OAuth) (BZ#1880293)

You may download the oc tool and use it to inspect release image metadata
as follows:

(For x86_64 architecture)

$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.3.40-x86_64

The image digest is
sha256:9ff90174a170379e90a9ead6e0d8cf6f439004191f80762764a5ca3dbaab01dc

(For s390x architecture)

$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.3.40-s390x
The image digest is
sha256:605ddde0442e604cfe2d6bd1541ce48df5956fe626edf9cc95b1fca75d231b64

(For ppc64le architecture)

$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.3.40-ppc64le

The image digest is
sha256:d3c9e391c145338eae3feb7f6a4e487dadc8139a353117d642fe686d277bcccc

3. Solution:

For OpenShift Container Platform 4.3 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-rel
ease-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.3/updating/updating-cluster
– -cli.html.

4. Bugs fixed (https://bugzilla.redhat.com/):

1804533 – CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic
1836815 – Gather image registry config (backport to 4.3)
1849176 – Builds fail after running postCommit script if OCP cluster is configured with a container registry whitelist
1874018 – Limit the size of gathered federated metrics from alerts in Insights Operator
1874399 – [DR] etcd-member-recover.sh fails to pull image with unauthorized
1879110 – [4.3] Storage operator stops reconciling when going Upgradeable=False on v1alpha1 CRDs

5. References:

https://access.redhat.com/security/cve/CVE-2017-12652
https://access.redhat.com/security/cve/CVE-2017-18190
https://access.redhat.com/security/cve/CVE-2018-20843
https://access.redhat.com/security/cve/CVE-2019-2974
https://access.redhat.com/security/cve/CVE-2019-5094
https://access.redhat.com/security/cve/CVE-2019-5188
https://access.redhat.com/security/cve/CVE-2019-5482
https://access.redhat.com/security/cve/CVE-2019-8675
https://access.redhat.com/security/cve/CVE-2019-8696
https://access.redhat.com/security/cve/CVE-2019-11068
https://access.redhat.com/security/cve/CVE-2019-11719
https://access.redhat.com/security/cve/CVE-2019-11727
https://access.redhat.com/security/cve/CVE-2019-11756
https://access.redhat.com/security/cve/CVE-2019-12450
https://access.redhat.com/security/cve/CVE-2019-12749
https://access.redhat.com/security/cve/CVE-2019-14822
https://access.redhat.com/security/cve/CVE-2019-14866
https://access.redhat.com/security/cve/CVE-2019-14973
https://access.redhat.com/security/cve/CVE-2019-15903
https://access.redhat.com/security/cve/CVE-2019-16935
https://access.redhat.com/security/cve/CVE-2019-17006
https://access.redhat.com/security/cve/CVE-2019-17023
https://access.redhat.com/security/cve/CVE-2019-17498
https://access.redhat.com/security/cve/CVE-2019-17546
https://access.redhat.com/security/cve/CVE-2019-18197
https://access.redhat.com/security/cve/CVE-2019-19126
https://access.redhat.com/security/cve/CVE-2019-19956
https://access.redhat.com/security/cve/CVE-2019-20386
https://access.redhat.com/security/cve/CVE-2019-20388
https://access.redhat.com/security/cve/CVE-2020-2181
https://access.redhat.com/security/cve/CVE-2020-2182
https://access.redhat.com/security/cve/CVE-2020-2224
https://access.redhat.com/security/cve/CVE-2020-2225
https://access.redhat.com/security/cve/CVE-2020-2226
https://access.redhat.com/security/cve/CVE-2020-2574
https://access.redhat.com/security/cve/CVE-2020-2752
https://protect2.fireeye.com/v1/url?k=f5392821-a92b9c25-f53eb5ed-000babd90757-13a4c98aa23ad52f&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2FCVE-2020-2780
https://protect2.fireeye.com/v1/url?k=96dcb1f2-cace05f6-96db2c3e-000babd90757-38a653e4a7ab8030&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2FCVE-2020-2812
https://protect2.fireeye.com/v1/url?k=5ebe46b5-02acf2b1-5eb9db79-000babd90757-5bad08c27b7b7a51&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2FCVE-2020-6829
https://protect2.fireeye.com/v1/url?k=649662db-3884d6df-6491ff17-000babd90757-963fbfeb25dd458b&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2FCVE-2020-7595
https://protect2.fireeye.com/v1/url?k=e6c675bd-bad4c1b9-e6c1e871-000babd90757-f1a985274fa82a65&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2FCVE-2020-8492
https://protect2.fireeye.com/v1/url?k=2b6fa021-777d1425-2b683ded-000babd90757-2605fc690a67fa1c&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2FCVE-2020-9283
https://protect2.fireeye.com/v1/url?k=47a3508e-1bb1e48a-47a4cd42-000babd90757-efcafd1ea8cbecbd&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2FCVE-2020-12243
https://protect2.fireeye.com/v1/url?k=ee073f77-b2158b73-ee00a2bb-000babd90757-18fc408544e490ec&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2FCVE-2020-12400
https://protect2.fireeye.com/v1/url?k=76d2a1e3-2ac015e7-76d53c2f-000babd90757-d0c02687262ca227&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2FCVE-2020-12401
https://protect2.fireeye.com/v1/url?k=1aa7f7a9-46b543ad-1aa06a65-000babd90757-a6618e6fa583a5d1&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2FCVE-2020-12402
https://protect2.fireeye.com/v1/url?k=40709351-1c622755-40770e9d-000babd90757-0806c65bf9e41970&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2FCVE-2020-12403
https://protect2.fireeye.com/v1/url?k=db8f72b1-879dc6b5-db88ef7d-000babd90757-88169d32e645b99c&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2FCVE-2020-12825
https://protect2.fireeye.com/v1/url?k=cdac1633-91bea237-cdab8bff-000babd90757-aedf4f97f5657c52&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2FCVE-2020-14352
https://protect2.fireeye.com/v1/url?k=1a2f4aca-463dfece-1a28d706-000babd90757-1db3da9462dd21cd&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fcve%2FCVE-2020-24750
https://protect2.fireeye.com/v1/url?k=16ee2d2a-4afc992e-16e9b0e6-000babd90757-8d981de6c57bab0f&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fupdates%2Fclassification%2F%23low

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://protect2.fireeye.com/v1/url?k=6efcd186-32ee6582-6efb4c4a-000babd90757-c1356995eefc9c3f&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Faccess.redhat.com%2Fsecurity%2Fteam%2Fcontact%2F

Copyright 2020 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIVAwUBX49gEtzjgjWX9erEAQimmhAAnMxBmgEJRvi2IZBxfGh+cTjo/D6RRkVi
bFbFw/bU8Zkgt/UY0228ijuDvsOMTMgRd97spx6I8gE5/ponzGNv7qvwVFWpIjp1
+g5B5LO6SyojYxT/DMS30gme9N7QDHFJ0z6Sloaa/YlXznMc+7vBb2o2gWbDipa1
lqRhaPxURXisTbSEJljD7PSatUFLCkYvfoJGW7YDGyEbGHVnl4qgvk0GSMPniRaw
Cfz5e0yKPtH1SFZOKwnVEpvKdwHTKzq+bMn3lM64NHsvDNKZ/GxhbRHHmSOqucpw
QXdeHFB2+tQ0CTt19PWOEwNuG5KZ3kjCPRJmEgc8CAs5cpHkGGboyIxA/ascBD8b
zvQbkkzYYn26YQxfMUF5EgnU37iRhYh/9VGTczn2bP5NL8OECVsz//tzAXvoBchD
9RMgzRB7WrnPWochMC2L9ZHfnTU17EomC+OW5WAiPbz0ltf/0UoCX9TrDIESOIzy
XQcEYSR894Zyr91y9wy+EC7ib80PLheLq9eluE3loX8VyYsRiSGE2ZD6SBgW2rxy
WEjRPFtTUgrIWc7gyfSVKDvUrcCK98VyUGug4GkFbqRpSQUXTAxjv94zpcJbr9Xx
7wWnHqixM9YsHhr98ZaagRiFBaVXZ1bKirXJZySDAhc163kslXRHIE0ux9BysdSE
TOsaaxyVzGg=
=qQjN
—–END PGP SIGNATURE—–


RHSA-announce mailing list
RHSA-announce@redhat.com
https://protect2.fireeye.com/v1/url?k=bea2f7df-e2b043db-bea56a13-000babd90757-8b88d1eac367cb1c&q=1&e=9ca9958b-cbb3-4f61-a28a-61158a6829a8&u=https%3A%2F%2Fwww.redhat.com%2Fmailman%2Flistinfo%2Frhsa-announce

 

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Important: OpenShift Container Platform 4.3.40 jenkins-2-plugins security update
Advisory ID: RHSA-2020:4265-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4265
Issue date: 2020-10-20
CVE Names: CVE-2020-2181 CVE-2020-2182 CVE-2020-2224
CVE-2020-2225 CVE-2020-2226
=====================================================================

1. Summary:

Red Hat OpenShift Container Platform release 4.3.40 is now available with
updates to packages and images that fix several bugs and add enhancements.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenShift Container Platform 4.3 – noarch, ppc64le, s390x, x86_64

3. Description:

Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

Security Fix(es):

* jenkins-2-plugins/matrix-project: Stored XSS vulnerability in single axis
builds tooltips (CVE-2020-2224)

* jenkins-2-plugins/matrix-project: Stored XSS vulnerability in multiple
axis builds tooltips (CVE-2020-2225)

* jenkins-2-plugins/matrix-auth: Stored XSS vulnerability in Matrix
Authorization Strategy Plugin (CVE-2020-2226)

* jenkins-credentials-binding-plugin: information disclosure in build log
when build contains no build steps (CVE-2020-2181)

* jenkins-credentials-binding-plugin: improper masking of secrets
(CVE-2020-2182)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For OpenShift Container Platform 4.3 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-rel
ease-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.3/updating/updating-cluster
– -cli.html.

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1847341 – CVE-2020-2181 jenkins-credentials-binding-plugin: information disclosure in build log when build contains no build steps
1847348 – CVE-2020-2182 jenkins-credentials-binding-plugin: improper masking of secrets
1857436 – CVE-2020-2224 jenkins-2-plugins/matrix-project: Stored XSS vulnerability in single axis builds tooltips
1857439 – CVE-2020-2225 jenkins-2-plugins/matrix-project: Stored XSS vulnerability in multiple axis builds tooltips
1857441 – CVE-2020-2226 jenkins-2-plugins/matrix-auth: Stored XSS vulnerability in Matrix Authorization Strategy Plugin
1861842 – CVE-2020-2181 CVE-2020-2182 jenkins-2-plugins: jenkins-credentials-binding-plugin: various flaws [openshift-4]

6. Package List:

Red Hat OpenShift Container Platform 4.3:

Source:
atomic-enterprise-service-catalog-4.3.40-202010141211.p0.git.1806.c7755b4.el7.src.rpm
atomic-openshift-service-idler-4.3.40-202010141211.p0.git.15.7d393d8.el7.src.rpm
jenkins-2-plugins-4.3.1601981312-1.el7.src.rpm
openshift-4.3.40-202010141211.p0.git.0.03c003a.el7.src.rpm
openshift-ansible-4.3.40-202010141211.p0.git.0.162e23d.el7.src.rpm
openshift-clients-4.3.40-202010141211.p0.git.3331.2bb6601.el7.src.rpm

noarch:
jenkins-2-plugins-4.3.1601981312-1.el7.noarch.rpm
openshift-ansible-4.3.40-202010141211.p0.git.0.162e23d.el7.noarch.rpm
openshift-ansible-test-4.3.40-202010141211.p0.git.0.162e23d.el7.noarch.rpm

ppc64le:
atomic-enterprise-service-catalog-4.3.40-202010141211.p0.git.1806.c7755b4.el7.ppc64le.rpm
atomic-enterprise-service-catalog-svcat-4.3.40-202010141211.p0.git.1806.c7755b4.el7.ppc64le.rpm
atomic-openshift-service-idler-4.3.40-202010141211.p0.git.15.7d393d8.el7.ppc64le.rpm
openshift-clients-4.3.40-202010141211.p0.git.3331.2bb6601.el7.ppc64le.rpm
openshift-hyperkube-4.3.40-202010141211.p0.git.0.03c003a.el7.ppc64le.rpm

s390x:
atomic-enterprise-service-catalog-4.3.40-202010141211.p0.git.1806.c7755b4.el7.s390x.rpm
atomic-enterprise-service-catalog-svcat-4.3.40-202010141211.p0.git.1806.c7755b4.el7.s390x.rpm
atomic-openshift-service-idler-4.3.40-202010141211.p0.git.15.7d393d8.el7.s390x.rpm
openshift-clients-4.3.40-202010141211.p0.git.3331.2bb6601.el7.s390x.rpm
openshift-hyperkube-4.3.40-202010141211.p0.git.0.03c003a.el7.s390x.rpm

x86_64:
atomic-enterprise-service-catalog-4.3.40-202010141211.p0.git.1806.c7755b4.el7.x86_64.rpm
atomic-enterprise-service-catalog-svcat-4.3.40-202010141211.p0.git.1806.c7755b4.el7.x86_64.rpm
atomic-openshift-service-idler-4.3.40-202010141211.p0.git.15.7d393d8.el7.x86_64.rpm
openshift-clients-4.3.40-202010141211.p0.git.3331.2bb6601.el7.x86_64.rpm
openshift-clients-redistributable-4.3.40-202010141211.p0.git.3331.2bb6601.el7.x86_64.rpm
openshift-hyperkube-4.3.40-202010141211.p0.git.0.03c003a.el7.x86_64.rpm

Red Hat OpenShift Container Platform 4.3:

Source:
kernel-4.18.0-193.24.1.el8_2.dt1.src.rpm
kernel-rt-4.18.0-193.24.1.rt13.74.el8_2.dt1.src.rpm
machine-config-daemon-4.3.40-202010141211.p0.git.2190.6610e26.el8.src.rpm
openshift-4.3.40-202010100046.p0.git.0.be1de7b.el8.src.rpm
openshift-clients-4.3.40-202010100046.p0.git.3331.e86d8c8.el8.src.rpm
openshift-kuryr-4.3.40-202010141211.p0.git.1641.ff17cdb.el8.src.rpm

noarch:
kernel-abi-whitelists-4.18.0-193.24.1.el8_2.dt1.noarch.rpm
kernel-doc-4.18.0-193.24.1.el8_2.dt1.noarch.rpm
openshift-kuryr-cni-4.3.40-202010141211.p0.git.1641.ff17cdb.el8.noarch.rpm
openshift-kuryr-common-4.3.40-202010141211.p0.git.1641.ff17cdb.el8.noarch.rpm
openshift-kuryr-controller-4.3.40-202010141211.p0.git.1641.ff17cdb.el8.noarch.rpm
python3-kuryr-kubernetes-4.3.40-202010141211.p0.git.1641.ff17cdb.el8.noarch.rpm

ppc64le:
bpftool-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
bpftool-debuginfo-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-core-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-cross-headers-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-debug-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-debug-core-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-debug-devel-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-debug-modules-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-debug-modules-internal-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-debuginfo-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-devel-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-headers-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-ipaclones-internal-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-modules-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-modules-extra-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-modules-internal-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-selftests-internal-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-tools-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-tools-libs-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
machine-config-daemon-4.3.40-202010141211.p0.git.2190.6610e26.el8.ppc64le.rpm
openshift-clients-4.3.40-202010100046.p0.git.3331.e86d8c8.el8.ppc64le.rpm
openshift-hyperkube-4.3.40-202010100046.p0.git.0.be1de7b.el8.ppc64le.rpm
perf-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
perf-debuginfo-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
python3-perf-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm
python3-perf-debuginfo-4.18.0-193.24.1.el8_2.dt1.ppc64le.rpm

s390x:
bpftool-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
bpftool-debuginfo-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-core-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-cross-headers-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-debug-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-debug-core-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-debug-debuginfo-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-debug-devel-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-debug-modules-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-debug-modules-extra-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-debug-modules-internal-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-debuginfo-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-devel-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-headers-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-modules-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-modules-extra-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-modules-internal-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-selftests-internal-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-tools-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-tools-debuginfo-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-zfcpdump-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-zfcpdump-core-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-zfcpdump-devel-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-zfcpdump-modules-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
kernel-zfcpdump-modules-internal-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
machine-config-daemon-4.3.40-202010141211.p0.git.2190.6610e26.el8.s390x.rpm
openshift-clients-4.3.40-202010100046.p0.git.3331.e86d8c8.el8.s390x.rpm
openshift-hyperkube-4.3.40-202010100046.p0.git.0.be1de7b.el8.s390x.rpm
perf-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
perf-debuginfo-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
python3-perf-4.18.0-193.24.1.el8_2.dt1.s390x.rpm
python3-perf-debuginfo-4.18.0-193.24.1.el8_2.dt1.s390x.rpm

x86_64:
bpftool-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
bpftool-debuginfo-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-core-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-cross-headers-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-debug-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-debug-core-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-debug-debuginfo-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-debug-devel-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-debug-modules-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-debug-modules-extra-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-debug-modules-internal-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-debuginfo-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-devel-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-headers-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-ipaclones-internal-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-modules-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-modules-extra-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-modules-internal-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-rt-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-core-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-debug-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-debug-core-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-debug-devel-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-debug-kvm-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-debug-modules-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-debug-modules-internal-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-debuginfo-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-devel-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-kvm-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-modules-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-modules-extra-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-modules-internal-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-rt-selftests-internal-4.18.0-193.24.1.rt13.74.el8_2.dt1.x86_64.rpm
kernel-selftests-internal-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-tools-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-tools-debuginfo-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-tools-libs-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
kernel-tools-libs-devel-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
machine-config-daemon-4.3.40-202010141211.p0.git.2190.6610e26.el8.x86_64.rpm
openshift-clients-4.3.40-202010100046.p0.git.3331.e86d8c8.el8.x86_64.rpm
openshift-clients-redistributable-4.3.40-202010100046.p0.git.3331.e86d8c8.el8.x86_64.rpm
openshift-hyperkube-4.3.40-202010100046.p0.git.0.be1de7b.el8.x86_64.rpm
perf-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
perf-debuginfo-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
python3-perf-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm
python3-perf-debuginfo-4.18.0-193.24.1.el8_2.dt1.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-2181
https://access.redhat.com/security/cve/CVE-2020-2182
https://access.redhat.com/security/cve/CVE-2020-2224
https://access.redhat.com/security/cve/CVE-2020-2225
https://access.redhat.com/security/cve/CVE-2020-2226
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIVAwUBX48H8dzjgjWX9erEAQgupA/8CP1w6T98Y9gl4TYTGGmm75MACykjKwhS
Gj5dZbLpEFhC3OtG6sXnRSbmgzpSB0NeSv9BAD/brSQb9CDRua2+Nde35daarSUG
vUON2UfRsw6PyHBzLY2Dq0jFGUVjeY+5grE4dMWNq7k2yMMaGLherCnnZnGd2E/Y
OqzKDj621agXmmqyxj40OvZpgUlTBuGou1JqJ4tCGcG0dN+nRuoH2gnRiLvMHMdu
Cfp9ZciZmXeIIRR1sZ6d/KOwCu+9GRh3XvSSdLas7hgW/LM1It6fJJG/5MDQMYET
xMvykE0elhaNO9oxIW69cx2k30icIKB/B1ykK5i9eafgCkXa3Nq9PGhwptAsqg+G
oAHCbsVHskWugjAe7NJNN4R95NhZwLJsbwOdfanJTb4zo2wm0o1z1JDEkFpmihWz
3yC7A9+Np9t0A1gceFaYkZUO+6Nll9xVmGaNHUxGaLw2HDG1o38L+mucp3BUMwXH
xwE0AJuiAndpzTAAsV+JVKjjatuywe4dQsW1D5RpX19pzNVNUn435Tq/oDhgisXU
UfRAL+0DecNnpK0ERZAtXQgGbyWfKN+M/NM5EJ0NRGouTUtU1SYFDAusO3DtFhum
kFfDKKtnb2xIKch7V0LlYsryantm6oHy2x3hrfAnp+olXwFfRlwUHXxvPIFSvusO
jVYS7ZaKZMY=
=MddF
—–END PGP SIGNATURE—–


RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

AutorBruno Varga
Cert idNCERT-REF-2020-10-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa grunt

Otkriven je sigurnosni nedostatak u programskom paketu grunt za operacijski sustav Ubuntu. Otkriveni nedostatak potencijalnim napadačima omogućuje izvršavanje proizvoljnog programskog...

Close