RedHat: RHSA-2022-5699:01 Moderate: Secondary Scheduler Operator fo...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: Secondary Scheduler Operator for Red Hat OpenShift 1.0.1 security update
Advisory ID:       RHSA-2022:5699-01
Product:           OSSO
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:5699
Issue date:        2022-07-28
CVE Names:         CVE-2018-25032 CVE-2021-3634 CVE-2021-40528 
                   CVE-2022-1271 CVE-2022-22576 CVE-2022-27774 
                   CVE-2022-27776 CVE-2022-27782 CVE-2022-29526 
                   CVE-2022-29824 
=====================================================================

1. Summary:

Secondary Scheduler Operator for Red Hat OpenShift 1.0.1

Red Hat Product Security has rated this update as having a security impact
of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

2. Description:

Secondary Scheduler Operator for Red Hat OpenShift 1.0.1

Security Fix(es):

* golang: syscall: faccessat checks wrong group (CVE-2022-29526)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s)
listed in the References section.

3. Solution:

For Secondary Scheduler Operator 1.0.1 see the following documentation,
which
will be updated shortly, for detailed release notes:

For more information on Secondary Scheduler Operator for Red Hat OpenShift
1.0.1, see the following release notes:

https://docs.openshift.com/container-platform/4.10/nodes/scheduling/secondary_scheduler/nodes-secondary-scheduler-release-notes.html#secondary-scheduler-operator-release-notes-1.0.1

4. Bugs fixed (https://bugzilla.redhat.com/):

2084085 - CVE-2022-29526 golang: syscall: faccessat checks wrong group

5. JIRA issues fixed (https://issues.jboss.org/):

WRKLDS-465 - Secondary Scheduler Operator for Red Hat OpenShift 1.0.1 release

6. References:

https://access.redhat.com/security/cve/CVE-2018-25032
https://access.redhat.com/security/cve/CVE-2021-3634
https://access.redhat.com/security/cve/CVE-2021-40528
https://access.redhat.com/security/cve/CVE-2022-1271
https://access.redhat.com/security/cve/CVE-2022-22576
https://access.redhat.com/security/cve/CVE-2022-27774
https://access.redhat.com/security/cve/CVE-2022-27776
https://access.redhat.com/security/cve/CVE-2022-27782
https://access.redhat.com/security/cve/CVE-2022-29526
https://access.redhat.com/security/cve/CVE-2022-29824
https://access.redhat.com/security/updates/classification/#moderate

7. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYuqtedzjgjWX9erEAQiSRg//fn5bAzBQcfNfiBNJ3VvZRC+W/IFoAoyX
4KK1tR9IBrGFkVuAZdXgRwO7rO14Wow0ms7PhrKuJPR8E3CCNF0WtydRJs2hQtiV
nVFarr8lUBpkOmtGRwCASkHvl2mtaQu83OH1vGKA+TCjJOhylSmFFZR9c4Ik2Yyh
hK7YFTPcLnZ+fJ61H/PttjAdRMPDhSWpp75rr1ZtTd/LWo3gZbGULI4YRvTMMi+q
alEL+xLd2xYm3HaP+iKhcq2wcKyhBUCPIxIenFajA22iqf0En3KkZ0MRyxriiF3R
xJgBlaSlTwU0k/PYLTJ9q46yOVLQCF6PuvvAZlHXUje7yowMtsoN5qCWjjp65Jfc
sjZvJUcRULvU0PHREc6l/TwQolM5svPLl6F60ncJuMK7i3pi0NeqZGWhSV7Bi3vD
tXrgvk7VJIw9Vz0jFZ8OlSuZ20uGXHxo0l9EWtnE4/6jD9glYgWij1KPFPSnFeyU
sYhtutttMLdKq8XkZptL1yWWEjxnmRlgDlZNei5tMsjOdphOSmoSFbHfbruNVqj+
vPKjPlR9Hy+Cba7H0CZnMs1j6V1cm6JWxkZaQIqpUy1xgt+htSpqdxwN05OmkAHE
fplqlfIaZ7lIbKzy9ARaYVJWYZa95M9SDzz1gILVzsCJsb/CN2FEf0LIGUR38nOL
ewDbaw0y0wc=
=Gagp
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2022-5699:01 Moderate: Secondary Scheduler Operator for Red Hat

Secondary Scheduler Operator for Red Hat OpenShift 1.0.1 Red Hat Product Security has rated this update as having a security impact of Moderate

Summary

Secondary Scheduler Operator for Red Hat OpenShift 1.0.1
Security Fix(es):
* golang: syscall: faccessat checks wrong group (CVE-2022-29526)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For Secondary Scheduler Operator 1.0.1 see the following documentation,whichwill be updated shortly, for detailed release notes:For more information on Secondary Scheduler Operator for Red Hat OpenShift1.0.1, see the following release notes:https://docs.openshift.com/container-platform/4.10/nodes/scheduling/secondary_scheduler/nodes-secondary-scheduler-release-notes.html#secondary-scheduler-operator-release-notes-1.0.1

References

https://access.redhat.com/security/cve/CVE-2018-25032 https://access.redhat.com/security/cve/CVE-2021-3634 https://access.redhat.com/security/cve/CVE-2021-40528 https://access.redhat.com/security/cve/CVE-2022-1271 https://access.redhat.com/security/cve/CVE-2022-22576 https://access.redhat.com/security/cve/CVE-2022-27774 https://access.redhat.com/security/cve/CVE-2022-27776 https://access.redhat.com/security/cve/CVE-2022-27782 https://access.redhat.com/security/cve/CVE-2022-29526 https://access.redhat.com/security/cve/CVE-2022-29824 https://access.redhat.com/security/updates/classification/#moderate

Package List

Severity
Advisory ID: RHSA-2022:5699-01
Product: OSSO
Advisory URL: https://access.redhat.com/errata/RHSA-2022:5699
Issued Date: : 2022-07-28
CVE Names: CVE-2018-25032 CVE-2021-3634 CVE-2021-40528 CVE-2022-1271 CVE-2022-22576 CVE-2022-27774 CVE-2022-27776 CVE-2022-27782 CVE-2022-29526 CVE-2022-29824

Topic

Secondary Scheduler Operator for Red Hat OpenShift 1.0.1Red Hat Product Security has rated this update as having a security impactofModerate. A Common Vulnerability Scoring System (CVSS) base score, whichgives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

Relevant Releases Architectures

Bugs Fixed

2084085 - CVE-2022-29526 golang: syscall: faccessat checks wrong group

5. JIRA issues fixed (https://issues.jboss.org/):

WRKLDS-465 - Secondary Scheduler Operator for Red Hat OpenShift 1.0.1 release

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.