Red Hat OpenShift 3.1.1 Advisory RHSA-2016:0070 Critical: Kubernetes Flaws
red hat
January 26, 2016
Red Hat OpenShift Enterprise release 3.1.1 is now available with updates to packages that fix several security issues, bugs and introduce feature enhancements
Solution
Before applying this update, make sure all previously released
errata relevant to your system have been applied.
See the OpenShift Enterprise 3.1 documentation, which will be
updated shortly for release 3.1.1, for important instructions on how
to upgrade your OpenShift cluster and fully apply this asynchronous
errata update:
es.html
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258.
Summary
OpenShift Enterprise by Red Hat is the company's cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or
private cloud deployments.
The following security issues are addressed with this release:
An authorization flaw was discovered in Kubernetes; the API server
did not properly check user permissions when handling certain
requests. An authenticated remote attacker could use this flaw to
gain additional access to resources such as RAM and disk space.
(CVE-2016-1905)
An authorization flaw was discovered in Kubernetes; the API server
did not properly check user permissions when handling certain build-
configuration strategies. A remote attacker could create build
configurations with strategies that violate policy. Although the
attacker could not launch the build themselves (launch fails when
the policy is violated), if the build configuration files were later
launched by other privileged services (such as automated triggers),
user privileges could be bypassed allowing attacker escalation.
(CVE-2016-1906)
An update for Jenkins Continuous Integration Server that addresses a
large number of security issues including XSS, CSRF, information
disclosure and code execution have been addressed as well.
(CVE-2013-2186, CVE-2014-1869, CVE-2014-3661, CVE-2014-3662
CVE-2014-3663, CVE-2014-3664, CVE-2014-3666, CVE-2014-3667
CVE-2014-3680, CVE-2014-3681, CVE-2015-1806, CVE-2015-1807
CVE-2015-1808, CVE-2015-1810, CVE-2015-1812, CVE-2015-1813
CVE-2015-1814, CVE-2015-5317, CVE-2015-5318, CVE-2015-5319
CVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323
CVE-2015-5324, CVE-2015-5325, CVE-2015-5326 ,CVE-2015-7537
CVE-2015-7538, CVE-2015-7539, CVE-2015-8103)
Space precludes documenting all of the bug fixes and enhancements in
this advisory. See the OpenShift Enterprise 3.1 Release Notes, which
will be updated shortly for release 3.1.1, for details about these
changes:
es.html
All OpenShift Enterprise 3 users are advised to upgrade to these
updated packages.
References
https://access.redhat.com/security/cve/CVE-2013-2186 https://access.redhat.com/security/cve/CVE-2014-1869 https://access.redhat.com/security/cve/CVE-2014-3661 https://access.redhat.com/security/cve/CVE-2014-3662 https://access.redhat.com/security/cve/CVE-2014-3663 https://access.redhat.com/security/cve/CVE-2014-3664 https://access.redhat.com/security/cve/CVE-2014-3666 https://access.redhat.com/security/cve/CVE-2014-3667 https://access.redhat.com/security/cve/CVE-2014-3680 https://access.redhat.com/security/cve/CVE-2014-3681 https://access.redhat.com/security/cve/CVE-2015-1806 https://access.redhat.com/security/cve/CVE-2015-1807 https://access.redhat.com/security/cve/CVE-2015-1808 https://access.redhat.com/security/cve/CVE-2015-1810 https://access.redhat.com/security/cve/CVE-2015-1812 https://access.redhat.com/security/cve/CVE-2015-1813 https://access.redhat.com/security/cve/CVE-2015-1814 https://access.redhat.com/security/cve/CVE-2015-5317 https://access.redhat.com/security/cve/CVE-2015-5318 https://access.redhat.com/security/cve/CVE-2015-5319 https://access.redhat.com/security/cve/CVE-2015-5320 https://access.redhat.com/security/cve/CVE-2015-5321 https://access.redhat.com/security/cve/CVE-2015-5322 https://access.redhat.com/security/cve/CVE-2015-5323 Read the Full Advisory
Package List
RHOSE 3.1:
Source:
atomic-openshift-3.1.1.6-1.git.0.b57e8bd.el7aos.src.rpm
heapster-0.18.2-3.gitaf4752e.el7aos.src.rpm
jenkins-1.625.3-2.el7aos.src.rpm
nodejs-align-text-0.1.3-2.el7aos.src.rpm
nodejs-ansi-green-0.1.1-1.el7aos.src.rpm
nodejs-ansi-wrap-0.1.0-1.el7aos.src.rpm
nodejs-anymatch-1.3.0-1.el7aos.src.rpm
nodejs-arr-diff-2.0.0-1.el7aos.src.rpm
nodejs-arr-flatten-1.0.1-1.el7aos.src.rpm
nodejs-array-unique-0.2.1-1.el7aos.src.rpm
nodejs-arrify-1.0.0-1.el7aos.src.rpm
nodejs-async-each-1.0.0-1.el7aos.src.rpm
nodejs-binary-extensions-1.3.1-1.el7aos.src.rpm
nodejs-braces-1.8.2-2.el7aos.src.rpm
nodejs-capture-stack-trace-1.0.0-2.el7aos.src.rpm
nodejs-chokidar-1.4.1-2.el7aos.src.rpm
nodejs-configstore-1.4.0-1.el7aos.src.rpm
nodejs-create-error-class-2.0.1-2.el7aos.src.rpm
nodejs-deep-extend-0.3.2-2.el7aos.src.rpm
nodejs-duplexer-0.1.1-2.el7aos.src.rpm
nodejs-duplexify-3.4.2-1.el7aos.src.rpm
nodejs-end-of-stream-1.1.0-2.el7aos.src.rpm
nodejs-error-ex-1.2.0-1.el7aos.src.rpm
nodejs-es6-promise-3.0.2-2.el7aos.src.rpm
nodejs-event-stream-3.3.2-1.el7aos.src.rpm
nodejs-expand-brackets-0.1.4-1.el7aos.src.rpm
nodejs-expand-range-1.8.1-1.el7aos.src.rpm
nodejs-extglob-0.3.1-1.el7aos.src.rpm
nodejs-filename-regex-2.0.0-1.el7aos.src.rpm
nodejs-fill-range-2.2.3-1.el7aos.src.rpm
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Advisory ID: RHSA-2016:0070-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2016:0070
Issue date: 2016-01-26
Topic
Red Hat OpenShift Enterprise release 3.1.1 is now available with updates to packages that fix several security issues, bugs and introduce feature enhancements.
Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
Relevant Releases Architectures
RHOSE 3.1 - noarch, x86_64
Bugs Fixed
974814 - CVE-2013-2186 Apache commons-fileupload: Arbitrary file upload via deserialization
1063099 - CVE-2014-1869 stapler-adjunct-zeroclipboard: multiple cross-site scripting (XSS) flaws
1147758 - CVE-2014-3661 jenkins: denial of service (SECURITY-87)
1147759 - CVE-2014-3662 jenkins: username discovery (SECURITY-110)
1147764 - CVE-2014-3663 jenkins: job configuration issues (SECURITY-127, SECURITY-128)
1147765 - CVE-2014-3664 jenkins: directory traversal flaw (SECURITY-131)
1147766 - CVE-2014-3681 jenkins: cross-site scripting flaw in Jenkins core (SECURITY-143)
1147769 - CVE-2014-3666 jenkins: remote code execution flaw (SECURITY-150)
1147770 - CVE-2014-3667 jenkins: plug-in code can be downloaded by anyone with read access (SECURITY-155)
1148645 - CVE-2014-3680 jenkins: password exposure in DOM (SECURITY-138)
1205615 - CVE-2015-1812 CVE-2015-1813 jenkins: Reflective XSS vulnerability (SECURITY-171, SECURITY-177)
1205616 - CVE-2015-1814 jenkins: forced API token change (SECURITY-180)
1205620 - CVE-2015-1806 jenkins: Combination filter Groovy script unsecured (SECURITY-125)
1205622 - CVE-2015-1807 jenkins: directory traversal from artifacts via symlink (SECURITY-162)
1205623 - CVE-2015-1808 jenkins: update center metadata retrieval DoS attack (SECURITY-163)
1205627 - CVE-2015-1810 jenkins: HudsonPrivateSecurityRealm allows creation of reserved names (SECURITY-166)
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!