Red Hat OpenShift 3.11.524 RHSA-2021:3646-01 Important: Symlink Issue
red hat
September 30, 2021
Red Hat OpenShift Container Platform release 3.11.524 is now available with updates to packages and images that fix several bugs and add enhancements
Solution
See the following documentation, which will be updated shortly for release
3.11.524, for important instructions on how to upgrade your cluster and
fully
apply this asynchronous errata update:
https://docs.redhat.com/en/documentation/openshift_container_platform/3.11/html/release_notes/release-notes-ocp-3-11-release-notes
This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258.
Summary
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHBA-2021:3647
All OpenShift Container Platform 3.11 users are advised to upgrade to these
updated packages and images.
Security Fix(es):
* kubernetes: Symlink exchange can allow host filesystem access
(CVE-2021-25741)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Topics Covered
References
https://access.redhat.com/security/cve/CVE-2021-25741 https://access.redhat.com/security/updates/classification/#important
Package List
Red Hat OpenShift Container Platform 3.11:
Source:
atomic-enterprise-service-catalog-3.11.524-1.git.2e6be86.el7.src.rpm
atomic-openshift-3.11.524-1.git.0.2dffce7.el7.src.rpm
atomic-openshift-cluster-autoscaler-3.11.524-1.git.99b2acf.el7.src.rpm
atomic-openshift-descheduler-3.11.524-1.git.d435537.el7.src.rpm
atomic-openshift-dockerregistry-3.11.524-1.git.3571208.el7.src.rpm
atomic-openshift-metrics-server-3.11.524-1.git.f8bf728.el7.src.rpm
atomic-openshift-node-problem-detector-3.11.524-1.git.c8f26da.el7.src.rpm
atomic-openshift-service-idler-3.11.524-1.git.39cfc66.el7.src.rpm
atomic-openshift-web-console-3.11.524-1.git.56ad978.el7.src.rpm
golang-github-openshift-oauth-proxy-3.11.524-1.git.edebe84.el7.src.rpm
golang-github-prometheus-alertmanager-3.11.524-1.git.13de638.el7.src.rpm
golang-github-prometheus-node_exporter-3.11.524-1.git.609cd20.el7.src.rpm
golang-github-prometheus-prometheus-3.11.524-1.git.99aae51.el7.src.rpm
openshift-ansible-3.11.524-1.git.0.150f8a9.el7.src.rpm
openshift-enterprise-autoheal-3.11.524-1.git.f2f435d.el7.src.rpm
openshift-enterprise-cluster-capacity-3.11.524-1.git.22be164.el7.src.rpm
openshift-kuryr-3.11.524-1.git.b234b49.el7.src.rpm
noarch:
atomic-openshift-docker-excluder-3.11.524-1.git.0.2dffce7.el7.noarch.rpm
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Advisory ID: RHSA-2021:3646-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2021:3646
Issue date: 2021-09-30
Topic
Red Hat OpenShift Container Platform release 3.11.524 is now available withupdates to packages and images that fix several bugs and add enhancements.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.
Topics Covered
Relevant Releases Architectures
Red Hat OpenShift Container Platform 3.11 - noarch, ppc64le, x86_64
Bugs Fixed
1993749 - CVE-2021-25741 kubernetes: Symlink exchange can allow host filesystem access
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!