Linux Security
    Linux Security
    Linux Security

    RedHat: RHSA-2020-4298:01 Moderate: OpenShift Container Platform 4.6.1

    Date 27 Oct 2020
    200
    Posted By LinuxSecurity Advisories
    An update is now available for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256
    
    =====================================================================
                       Red Hat Security Advisory
    
    Synopsis:          Moderate: OpenShift Container Platform 4.6.1 image security update
    Advisory ID:       RHSA-2020:4298-01
    Product:           Red Hat OpenShift Enterprise
    Advisory URL:      https://access.redhat.com/errata/RHSA-2020:4298
    Issue date:        2020-10-27
    CVE Names:         CVE-2013-0169 CVE-2016-10739 CVE-2018-9251 
                       CVE-2018-14404 CVE-2018-14498 CVE-2018-16890 
                       CVE-2018-18074 CVE-2018-18624 CVE-2018-18751 
                       CVE-2018-19519 CVE-2018-20060 CVE-2018-20337 
                       CVE-2018-20483 CVE-2018-20657 CVE-2018-20852 
                       CVE-2019-1547 CVE-2019-1549 CVE-2019-1563 
                       CVE-2019-3822 CVE-2019-3823 CVE-2019-3825 
                       CVE-2019-3843 CVE-2019-3844 CVE-2019-5094 
                       CVE-2019-5436 CVE-2019-5481 CVE-2019-5482 
                       CVE-2019-5953 CVE-2019-6237 CVE-2019-6251 
                       CVE-2019-6454 CVE-2019-6706 CVE-2019-7146 
                       CVE-2019-7149 CVE-2019-7150 CVE-2019-7664 
                       CVE-2019-7665 CVE-2019-8457 CVE-2019-8506 
                       CVE-2019-8518 CVE-2019-8523 CVE-2019-8524 
                       CVE-2019-8535 CVE-2019-8536 CVE-2019-8544 
                       CVE-2019-8558 CVE-2019-8559 CVE-2019-8563 
                       CVE-2019-8571 CVE-2019-8583 CVE-2019-8584 
                       CVE-2019-8586 CVE-2019-8587 CVE-2019-8594 
                       CVE-2019-8595 CVE-2019-8596 CVE-2019-8597 
                       CVE-2019-8601 CVE-2019-8607 CVE-2019-8608 
                       CVE-2019-8609 CVE-2019-8610 CVE-2019-8611 
                       CVE-2019-8615 CVE-2019-8619 CVE-2019-8622 
                       CVE-2019-8623 CVE-2019-8666 CVE-2019-8671 
                       CVE-2019-8672 CVE-2019-8673 CVE-2019-8675 
                       CVE-2019-8676 CVE-2019-8677 CVE-2019-8679 
                       CVE-2019-8681 CVE-2019-8686 CVE-2019-8687 
                       CVE-2019-8689 CVE-2019-8690 CVE-2019-8696 
                       CVE-2019-8726 CVE-2019-8735 CVE-2019-8768 
                       CVE-2019-11070 CVE-2019-11236 CVE-2019-11324 
                       CVE-2019-11358 CVE-2019-11459 CVE-2019-12447 
                       CVE-2019-12448 CVE-2019-12449 CVE-2019-12450 
                       CVE-2019-12795 CVE-2019-13232 CVE-2019-13636 
                       CVE-2019-13752 CVE-2019-13753 CVE-2019-14822 
                       CVE-2019-14973 CVE-2019-15718 CVE-2019-15847 
                       CVE-2019-16056 CVE-2019-16769 CVE-2019-17451 
                       CVE-2019-18408 CVE-2019-19126 CVE-2019-19923 
                       CVE-2019-19924 CVE-2019-19925 CVE-2019-19959 
                       CVE-2019-1010180 CVE-2019-1010204 CVE-2020-1712 
                       CVE-2020-7013 CVE-2020-7598 CVE-2020-7662 
                       CVE-2020-8203 CVE-2020-9283 CVE-2020-10531 
                       CVE-2020-10715 CVE-2020-10743 CVE-2020-11008 
                       CVE-2020-11022 CVE-2020-11023 CVE-2020-11110 
                       CVE-2020-12049 CVE-2020-12052 CVE-2020-12245 
                       CVE-2020-13822 CVE-2020-14040 CVE-2020-14336 
                       CVE-2020-15366 CVE-2020-15719 
    =====================================================================
    
    1. Summary:
    
    An update is now available for Red Hat OpenShift Container Platform 4.6.
    
    Red Hat Product Security has rated this update as having a security impact
    of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
    gives a detailed severity rating, is available for each vulnerability from
    the CVE link(s) in the References section.
    
    2. Description:
    
    Red Hat OpenShift Container Platform is Red Hat's cloud computing
    Kubernetes application platform solution designed for on-premise or private
    cloud deployments.
    
    Security Fix(es):
    
    * golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows
    for panic (CVE-2020-9283)
    
    * SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)
    
    * grafana: XSS vulnerability via a column style on the "Dashboard > Table
    Panel" screen (CVE-2018-18624)
    
    * js-jquery: prototype pollution in object's prototype leading to denial of
    service or remote code execution or property injection (CVE-2019-11358)
    
    * npm-serialize-javascript: XSS via unsafe characters in serialized regular
    expressions (CVE-2019-16769)
    
    * kibana: Prototype pollution in TSVB could result in arbitrary code
    execution (ESA-2020-06) (CVE-2020-7013)
    
    * nodejs-minimist: prototype pollution allows adding or modifying
    properties of Object.prototype using a constructor or __proto__ payload
    (CVE-2020-7598)
    
    * npmjs-websocket-extensions: ReDoS vulnerability in
    Sec-WebSocket-Extensions parser (CVE-2020-7662)
    
    * nodejs-lodash: prototype pollution in zipObjectDeep function
    (CVE-2020-8203)
    
    * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter
    method (CVE-2020-11022)
    
    * jQuery: passing HTML containing 

    LinuxSecurity Poll

    How long have you been using Linux?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /main-polls/46-how-long-have-you-been-using-linux?task=poll.vote&format=json
    46
    radio
    [{"id":"160","title":"Just made the switch!","votes":"1","type":"x","order":"1","pct":14.29,"resources":[]},{"id":"161","title":"1-5 years","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"162","title":"6-10 years","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"163","title":">10 years - I'm a veteran!","votes":"6","type":"x","order":"4","pct":85.71,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.