RedHat: RHSA-2020-0451:01 Moderate: OpenShift Container Platform 3.11

    Date 19 Feb 2020
    702
    Posted By LinuxSecurity Advisories
    Red Hat OpenShift Container Platform release 3.11.170 is now available with updates to packages and images that fix several bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256
    
    =====================================================================
                       Red Hat Security Advisory
    
    Synopsis:          Moderate: OpenShift Container Platform 3.11 security update
    Advisory ID:       RHSA-2020:0451-01
    Product:           Red Hat OpenShift Enterprise
    Advisory URL:      https://access.redhat.com/errata/RHSA-2020:0451
    Issue date:        2020-02-19
    CVE Names:         CVE-2016-2183 CVE-2019-13734 
    =====================================================================
    
    1. Summary:
    
    Red Hat OpenShift Container Platform release 3.11.170 is now available with
    updates to packages and images that fix several bugs.
    
    Red Hat Product Security has rated this update as having a security impact
    of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
    which gives a detailed severity rating, is available for each vulnerability
    from the CVE link(s) in the References section.
    
    2. Description:
    
    Red Hat OpenShift Container Platform is Red Hat's cloud computing
    Kubernetes application platform solution designed for on-premise or private
    cloud deployments.
    
    Security Fix(es):
    
    * SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)
    (CVE-2016-2183)
    
    For more details about the security issue(s), including the impact, a CVSS
    score, acknowledgments, and other related information, refer to the CVE
    page(s)
    listed in the References section.
    
    3. Solution:
    
    Before applying this update, ensure all previously released errata relevant
    to your system is applied.
    
    See the following documentation, which will be updated shortly for release
    3.11.170, for important instructions on how to upgrade your cluster and
    fully apply this asynchronous errata update:
    
    https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_r
    elease_notes.html
    
    This update is available via the Red Hat Network. Details on how to use the
    Red Hat Network to apply this update are available at
    https://access.redhat.com/articles/11258.
    
    4. Bugs fixed (https://bugzilla.redhat.com/):
    
    1369383 - CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)
    
    5. References:
    
    https://access.redhat.com/security/cve/CVE-2016-2183
    https://access.redhat.com/security/cve/CVE-2019-13734
    https://access.redhat.com/security/updates/classification/#moderate
    https://access.redhat.com/articles/2548661
    
    6. Contact:
    
    The Red Hat security contact is . More contact
    details at https://access.redhat.com/security/team/contact/
    
    Copyright 2020 Red Hat, Inc.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1
    
    iQIVAwUBXk2XTdzjgjWX9erEAQgkLg//cb59kRHNWTyxs0BB+tV8fTB4MO0Hqg0i
    4XUSO7vM2rj2Jb4rz3sNhV1o8cvCZHXimbJwFYgjatJe4P76CSkukra1dSL36VpQ
    sp9O9k0LMxyYgX633TwMcKTN+xbeGuS/UY2exZ0X/g5d+q+p1f2DS3+IvSCsedyV
    d+uDIZqZEZvt/NyyDsXMmBbyVbHU0crX4WQrwtkC2pTSMyTaof86uO4ug1+DT4XJ
    yPH5QL/5Q1t2zPEGCejRgtIg8i7ZEeKbvrscGlwxD3ADX7AAH8UXaOHbMWoJ87SW
    KFECQm2V7XurztYruU5C06lEspN8Rd5KSJcFjByubEn9uN0bnPoG2wl2XbnoqvD6
    Gh60K5dFwM9Ao8V1W8F4+l5N3S6og89keS++hCrqhB+UhozE8/wVZ7qmO5lOxMAd
    8wSb+jbcgITPhh92IGAPN8Ih7il4xW1+Q33BLhGQ4B3EGu8xi/6AQlATA5JONMu+
    6wrYaW1wqzUxLry6cshO1fJWoaIQetYO+UmXUBkF9yUBkCo3cA7Si726cqQ0QA5G
    EJW2+QA3Rl+Ca0VZj52LID7vsg56HTQNEauxOCI1gMOLuhYkVoJCEoaqH5e922co
    ninz0Lk+9Ver48ubcQ5/yrR8LHX4qxDCqyUj3+E15vN+ttXKySinJYc/7FOUG/jW
    UlTMwojdkT4=
    =0SH3
    -----END PGP SIGNATURE-----
    
    --
    RHSA-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.redhat.com/mailman/listinfo/rhsa-announce
    

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/25-what-do-you-think-of-the-linuxsecurity-privacy-news-articles?task=poll.vote&format=json
    25
    radio
    [{"id":"90","title":"Love them!","votes":"96","type":"x","order":"1","pct":80,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"18","type":"x","order":"2","pct":15,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"6","type":"x","order":"3","pct":5,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.