Red Hat: RHSA-2023-4488-01 Moderate: OpenShift Windows Security Update
red hat
August 7, 2023
The components for Red Hat OpenShift support for Windows Containers 6.0.1 are now available
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Summary
Red Hat OpenShift support for Windows Containers allows you to deploy
Windows container workloads running on Windows Server containers.
Security Fix(es):
* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)
* containerd: supplementary groups are not set up properly (CVE-2023-25173)
* golang: crypto/tls: session tickets lack random ticket_age_add
(CVE-2022-30629)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
References
https://access.redhat.com/security/cve/CVE-2020-24736 https://access.redhat.com/security/cve/CVE-2022-27191 https://access.redhat.com/security/cve/CVE-2022-30629 https://access.redhat.com/security/cve/CVE-2022-35252 https://access.redhat.com/security/cve/CVE-2022-36227 https://access.redhat.com/security/cve/CVE-2022-43552 https://access.redhat.com/security/cve/CVE-2023-0361 https://access.redhat.com/security/cve/CVE-2023-1667 https://access.redhat.com/security/cve/CVE-2023-2283 https://access.redhat.com/security/cve/CVE-2023-25173 https://access.redhat.com/security/cve/CVE-2023-26604 https://access.redhat.com/security/cve/CVE-2023-27535 https://access.redhat.com/security/updates/classification/#moderate
Package List
PREVIOUS
NEXT
Advisory ID: RHSA-2023:4488-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2023:4488
Issue date: 2023-08-07
Topic
The components for Red Hat OpenShift support for Windows Containers 6.0.1are now available. This product release includes bug fixes and securityupdate for the following packages: windows-machine-config-operator andwindows-machine-config-operator-bundle.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.
Relevant Releases Architectures
Bugs Fixed
2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server
2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add
2174485 - CVE-2023-25173 containerd: Supplementary groups are not set up properly
5. JIRA issues fixed (https://issues.redhat.com/):
OCPBUGS-10418 - Case sensitivity issue when label "openshift.io/cluster-monitoring" set to 'True' on openshift-windows-machine-config-operator namespace
OCPBUGS-11831 - oc adm node-logs failing in vSphere CI
OCPBUGS-15435 - Instance configurations fails on Windows Server 2019 without the container feature
OCPBUGS-3572 - Check if Windows defender is running doesnt work
OCPBUGS-4247 - Load balancer shows connectivity outage during Windows nodes upgrade
OCPBUGS-5894 - Windows nodes do not get drained (deconfigure) during the upgrade process
OCPBUGS-7726 - WMCO kubelet version not matching OCP payload's one
OCPBUGS-8055 - containerd version is being misreported
WINC-818 - Investigate if the Upgradeable condition is being tested in e2e suite
WINC-823 - Test generated community manifests in WMCO e2e
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!