Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

RedHat OpenShift 7.0.0: RHSA-2022:9096-01 Moderate: Windows Security Update

red hat
Calendar Grey January 30, 2023
Dist Redhat Esm H88
The latest Red Hat OpenShift release introduces compatibility for Windows Containers, resolving various bugs and addressing issues of moderate severity.
The components for Red Hat OpenShift support for Windows Container 7.0.0 are now available

Solution

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Summary

Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers.
Security Fix(es):
* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698) * golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191) * kubelet: runAsNonRoot logic bypass for Windows containers(CVE-2021-25749)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Topics%20covered

Topics Covered

security advisory moderate security update Red Hat bug fix OpenShift Windows Containers

References

https://access.redhat.com/security/cve/CVE-2021-25749 https://access.redhat.com/security/cve/CVE-2021-46848 https://access.redhat.com/security/cve/CVE-2022-21698 https://access.redhat.com/security/cve/CVE-2022-27191 https://access.redhat.com/security/cve/CVE-2022-35737 https://access.redhat.com/security/updates/classification#moderate

Package List


Advisory ID: RHSA-2022:9096-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2022:9096
Issue date: 2023-01-30

Topic

The components for Red Hat OpenShift support for Windows Container 7.0.0are nowavailable. This product release includes bug fixes and a moderate securityupdate for the following packages: windows-machine-config-operator andwindows-machine-config-operator-bundle.Red Hat Product Security has rated this update as having a security impactofModerate. A Common Vulnerability Scoring System (CVSS) base score, whichgives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

Topics%20covered

Topics Covered

security advisory moderate security update Red Hat bug fix OpenShift Windows Containers

Relevant Releases Architectures

Bugs Fixed

2045880 - CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter

2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server

2107261 - [WMCO] WMCO endpoints missing after WMCO restart in vSphere

2127808 - CVE-2021-25749 kubelet: runAsNonRoot logic bypass for Windows containers

5. JIRA issues fixed (https://redhat.atlassian.net/jira/projects):

OCPBUGS-3509 - [WINC] Windows nodes name not matching hostname in GCP

OCPBUGS-3573 - Check if Windows defender is running doesnt work

OCPBUGS-4092 - Load balancer shows connectivity outage during Windows nodes upgrade

OCPBUGS-5749 - Installation of WMCO in different namespace fails

OCPBUGS-5803 - Windows nodes do not get drained (deconfigure) during the upgrade process

WINC-713 - Implement WICD bootstrap command

WINC-718 - WICD cleanup command (happy path)

WINC-731 - Run WICD service on Windows instances

WINC-732 - Nodes are bootstrapped with WICD bootstrap command

WINC-737 - Move hybrid-overlay configuration to WICD

WINC-738 - Kubelet service is described in services ConfigMap

WINC-739 - Configure azure node manager through WICD

WINC-740 - Configure kube-proxy through WICD

WINC-815 - GCP support for Windows Server 2022

WINC-830 - Use valid Windows Server 2022 image in platform=none job

WINC-848 - Windows exporter is configured by WICD

WINC-873 - Upgrade to go 1.19

Read the Full Advisory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here