RHSA-2021:2437

Description

Red Hat Security Advisory: OpenShift Container Platform 4.8.2 packages and security update

CVSS Metrics

• v3.1•HIGH•Score: 8.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected Systems

• redhat•ignition

  < 0:2.9.0-6.rhaos4.8.el8

• redhat•ignition-debuginfo

  < 0:2.9.0-6.rhaos4.8.el8

• redhat•ignition-debugsource

  < 0:2.9.0-6.rhaos4.8.el8

• redhat•ignition-validate

  < 0:2.9.0-6.rhaos4.8.el8

• redhat•ignition-validate-debuginfo

  < 0:2.9.0-6.rhaos4.8.el8

• redhat•jenkins

  < 0:2.289.1.1624020353-1.el8

• redhat•jenkins-2-plugins

  < 0:4.8.1624022417-1.el8

• redhat•openshift

  < 0:4.8.0-202107161820.p0.git.051ac4f.assembly.stream.el7 | < 0:4.8.0-202107161820.p0.git.051ac4f.assembly.stream.el8

• redhat•openshift-clients

  < 0:4.8.0-202106281541.p0.git.1077b05.assembly.stream.el7 | < 0:4.8.0-202106281541.p0.git.1077b05.assembly.stream.el8

• redhat•openshift-clients-redistributable

  < 0:4.8.0-202106281541.p0.git.1077b05.assembly.stream.el7 | < 0:4.8.0-202106281541.p0.git.1077b05.assembly.stream.el8

• redhat•openshift-hyperkube

  < 0:4.8.0-202107161820.p0.git.051ac4f.assembly.stream.el7 | < 0:4.8.0-202107161820.p0.git.051ac4f.assembly.stream.el8

• redhat•python-eventlet

  < 0:0.25.2-4.el8

• redhat•python3-eventlet

  < 0:0.25.2-4.el8

References (49)

• https://access.redhat.com/errata/RHSA-2021:2437
• https://access.redhat.com/security/updates/classification/#moderate
• https://bugzilla.redhat.com/show_bug.cgi?id=1918750
• https://bugzilla.redhat.com/show_bug.cgi?id=1921650
• https://bugzilla.redhat.com/show_bug.cgi?id=1937562
• https://bugzilla.redhat.com/show_bug.cgi?id=1940489
• https://bugzilla.redhat.com/show_bug.cgi?id=1947102
• https://bugzilla.redhat.com/show_bug.cgi?id=1947105
• https://bugzilla.redhat.com/show_bug.cgi?id=1954917
• https://bugzilla.redhat.com/show_bug.cgi?id=1958407
• https://bugzilla.redhat.com/show_bug.cgi?id=1959545
• https://bugzilla.redhat.com/show_bug.cgi?id=1978621
• https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2437.json
• https://access.redhat.com/security/cve/CVE-2021-3114
• https://www.cve.org/CVERecord?id=CVE-2021-3114
• https://nvd.nist.gov/vuln/detail/CVE-2021-3114
• https://groups.google.com/g/golang-announce/c/mperVMGa98w
• https://access.redhat.com/security/cve/CVE-2021-3121
• https://www.cve.org/CVERecord?id=CVE-2021-3121
• https://nvd.nist.gov/vuln/detail/CVE-2021-3121
• https://access.redhat.com/security/cve/CVE-2021-3636
• https://www.cve.org/CVERecord?id=CVE-2021-3636
• https://nvd.nist.gov/vuln/detail/CVE-2021-3636
• https://access.redhat.com/security/cve/CVE-2021-21419
• https://www.cve.org/CVERecord?id=CVE-2021-21419
• https://nvd.nist.gov/vuln/detail/CVE-2021-21419
• https://access.redhat.com/security/cve/CVE-2021-21623
• https://www.cve.org/CVERecord?id=CVE-2021-21623
• https://nvd.nist.gov/vuln/detail/CVE-2021-21623
• https://www.jenkins.io/security/advisory/2021-03-18/#SECURITY-2180
• https://access.redhat.com/security/cve/CVE-2021-21639
• https://www.cve.org/CVERecord?id=CVE-2021-21639
• https://nvd.nist.gov/vuln/detail/CVE-2021-21639
• https://access.redhat.com/security/cve/CVE-2021-21640
• https://www.cve.org/CVERecord?id=CVE-2021-21640
• https://nvd.nist.gov/vuln/detail/CVE-2021-21640
• https://access.redhat.com/security/cve/CVE-2021-21648
• https://www.cve.org/CVERecord?id=CVE-2021-21648
• https://nvd.nist.gov/vuln/detail/CVE-2021-21648
• https://www.jenkins.io/security/advisory/2021-05-11/#SECURITY-2349
• https://access.redhat.com/security/cve/CVE-2021-25735
• https://www.cve.org/CVERecord?id=CVE-2021-25735
• https://nvd.nist.gov/vuln/detail/CVE-2021-25735
• https://groups.google.com/g/kubernetes-security-announce/c/FKAGqT4jx9Y
• https://access.redhat.com/security/cve/CVE-2021-25737
• https://www.cve.org/CVERecord?id=CVE-2021-25737
• https://nvd.nist.gov/vuln/detail/CVE-2021-25737
• https://github.com/kubernetes/kubernetes/issues/102106
• https://groups.google.com/g/kubernetes-security-announce/c/xAiN3924thY