RHSA-2018:2906

Description

Red Hat Security Advisory: OpenShift Container Platform 3.7 security update

CVSS Metrics

• v3.0•CRITICAL•Score: 9.8CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•atomic-openshift

  < 0:3.7.72-1.git.0.925b9cd.el7

• redhat•atomic-openshift-clients

  < 0:3.7.72-1.git.0.925b9cd.el7

• redhat•atomic-openshift-clients-redistributable

  < 0:3.7.72-1.git.0.925b9cd.el7

• redhat•atomic-openshift-cluster-capacity

  < 0:3.7.72-1.git.0.925b9cd.el7

• redhat•atomic-openshift-docker-excluder

  < 0:3.7.72-1.git.0.925b9cd.el7

• redhat•atomic-openshift-dockerregistry

  < 0:3.7.72-1.git.0.925b9cd.el7

• redhat•atomic-openshift-excluder

  < 0:3.7.72-1.git.0.925b9cd.el7

• redhat•atomic-openshift-federation-services

  < 0:3.7.72-1.git.0.925b9cd.el7

• redhat•atomic-openshift-master

  < 0:3.7.72-1.git.0.925b9cd.el7

• redhat•atomic-openshift-node

  < 0:3.7.72-1.git.0.925b9cd.el7

• redhat•atomic-openshift-pod

  < 0:3.7.72-1.git.0.925b9cd.el7

• redhat•atomic-openshift-sdn-ovs

  < 0:3.7.72-1.git.0.925b9cd.el7

• redhat•atomic-openshift-service-catalog

  < 0:3.7.72-1.git.0.925b9cd.el7

• redhat•atomic-openshift-template-service-broker

  < 0:3.7.72-1.git.0.925b9cd.el7

• redhat•atomic-openshift-tests

  < 0:3.7.72-1.git.0.925b9cd.el7

• redhat•atomic-openshift-utils

  < 0:3.7.72-1.git.0.5c45a8a.el7

• redhat•openshift-ansible

  < 0:3.7.72-1.git.0.5c45a8a.el7

• redhat•openshift-ansible-callback-plugins

  < 0:3.7.72-1.git.0.5c45a8a.el7

• redhat•openshift-ansible-docs

  < 0:3.7.72-1.git.0.5c45a8a.el7

• redhat•openshift-ansible-filter-plugins

  < 0:3.7.72-1.git.0.5c45a8a.el7

• redhat•openshift-ansible-lookup-plugins

  < 0:3.7.72-1.git.0.5c45a8a.el7

• redhat•openshift-ansible-playbooks

  < 0:3.7.72-1.git.0.5c45a8a.el7

• redhat•openshift-ansible-roles

  < 0:3.7.72-1.git.0.5c45a8a.el7

• redhat•tuned-profiles-atomic-openshift-node

  < 0:3.7.72-1.git.0.925b9cd.el7

References (18)

• https://access.redhat.com/errata/RHSA-2018:2906
• https://access.redhat.com/security/updates/classification/#critical
• https://access.redhat.com/security/vulnerabilities/3716411
• https://docs.openshift.com/container-platform/3.7/release_notes/ocp_3_7_release_notes.html
• https://bugzilla.redhat.com/show_bug.cgi?id=1585767
• https://bugzilla.redhat.com/show_bug.cgi?id=1616150
• https://bugzilla.redhat.com/show_bug.cgi?id=1620817
• https://bugzilla.redhat.com/show_bug.cgi?id=1622336
• https://bugzilla.redhat.com/show_bug.cgi?id=1625885
• https://bugzilla.redhat.com/show_bug.cgi?id=1648138
• https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2906.json
• https://access.redhat.com/security/cve/CVE-2018-14632
• https://www.cve.org/CVERecord?id=CVE-2018-14632
• https://nvd.nist.gov/vuln/detail/CVE-2018-14632
• https://access.redhat.com/security/cve/CVE-2018-1002105
• https://www.cve.org/CVERecord?id=CVE-2018-1002105
• https://nvd.nist.gov/vuln/detail/CVE-2018-1002105
• https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88