Stay Secure with the Latest Linux Advisories

security advisorysecurity updatebug fix

Red Hat OpenShift: Security Advisory RHSA-2023-4025-01 for Windows

The components for Red Hat OpenShift support for Windows Containers 7.1.0 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat OpenShift support for Windows Containers 7.1.0 [security update] Advisory ID: RHSA-2023:4025-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2023:4025 Issue date: 2023-07-18 CVE Names: CVE-2022-36227 CVE-2023-0361 CVE-2023-25173 CVE-2023-27535 ==================================================================== 1. Summary: The components for Red Hat OpenShift support for Windows Containers 7.1.0 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Security Fix(es): * containerd: Supplementary groups are not set up properly (CVE-2023-25173) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, referto: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 2174485 - CVE-2023-25173 containerd: Supplementary groups are not set up properly 5. JIRA issues fixed (https://redhat.atlassian.net/jira/projects): OCPBUGS-10417 - Case sensitivity issue when label "openshift.io/cluster-monitoring" set to 'True' on openshift-windows-machine-config-operator namespace OCPBUGS-10784 - In-tree storage for azure-file and vSphere is disabled OCPBUGS-10933 - BYOH upgrade failed Unable to cleanup the Windows instance: error running powershell.exe -NonInteractive -ExecutionPolicy Bypass \"C:\\k\\windows-instance-config-daemon.exe cleanup - OCPBUGS-10935 - Windows pods are unable to resolve DNS records for services OCPBUGS-11667 - BYOH node upgrade failed when the node not in default namespace: deleting node winhost\nF0402 08:53:43.066039 4740 cleanup.go:56] nodes \"winhost\" is forbidden: User \"system:serviceaccount:winc-namespace-test:windows-instance-config-daemon\" OCPBUGS-11785 - oc adm node-logs failing in vSphere CI OCPBUGS-13790 - Segmentation Violation found in WMCO .ensureWICDSecretContent OCPBUGS-14260 - Upgrade from WMCO 7.0.1 to 7.1.0 not working on Windows BYOH nodes: error waiting for proper windowsmachineconfig.openshift.io/version annotation for node OCPBUGS-14445 - Instance configurations fails on Windows Server 2019 without the container feature OCPBUGS-4862 - Deletion of BYOH Windows node hangs in Ready,SchedulingDisabled OCPBUGS-7336 - WMCO kubelet version not matching OCP payload's one OCPBUGS-7843 - containerd version is being misreported OCPBUGS-8037 - Directory deletion errors are being ignored when deconfiguring Windows instances OCPBUGS-8056 - WMCO is unable to drain DaemonSet workloads OCPBUGS-8085 - Hybrid Overlay logfile is in use and cannot be deleted WINC-1037 - Windows Server 2019 CI coverage WINC-981 - Red Hat OpenShift support for Windows Containers 7.0.1 Post Release WINC-983 - [e2e] Ensure required log files are non-empty 6.References: https://access.redhat.com/security/cve/CVE-2022-36227 https://access.redhat.com/security/cve/CVE-2023-0361 https://access.redhat.com/security/cve/CVE-2023-25173 https://access.redhat.com/security/cve/CVE-2023-27535 https://access.redhat.com/security/updates/classification#low 7. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJkthd/AAoJENzjgjWX9erEn8MP/3Bf86MhhUzmDog2ttnikXx2 KB8KBrmrYZIyuE59cbL1+8+kRTVxh3aW+Q9SHoiCY/ZlX3XvfeKJmzyOTCkdpyVO DasddWw2B3/NiRBH6ufpy4pJMva/4MCc2IH5VlDXXQy+ydrONIpw+Xa2pWqAzx47 Sj30qqWmcgxev7KfZXPrC9gDj0pgl5CIsMzlDlhx2LvWmbaryXAL3zRB+AKKvrdA U3zIMRFOxRx/GJ3M9usWPkeGzgYVQHyljEIexKa6q8nW0ubyW3Gar2JD8CF8wwPM +pRJHJvoG4shcp9c6DkFGLt/Ti5/z+Vj3nSsIFbDzaT4LS7W5HzEdc7/C7PechWY gHesjgyqqX/nropT9mrwcTJt5boywdYcXPEkOxca5Ke+g2HMBrAR0F9SpnLjvWVE 9qYfeeiUkrxb1TYV1iKe2qbkQvGcGSL9U9VYTgAisUXx4FLF6RW1+L57iZMYmTaC GXOF94oG2s7BBD4FteNAKIHNyIKIX/7CMMaQPZITTwxfxWDGlCup5OS2mBbdM4uO MAdket7e5FzfzNfJXbs0d2QTtyTqV1nXMyWZ4XVoinaoRgwHQb47xaMkGysF4GhL vpKTzH+nsX8nKq76m0GuQtHxqq9lVKCZ9m+l3WI7CzZf+mjLjbZ/TwMnFsFsiy3q MWCyyldecxHw+otiRbk/ =4/Hi -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Discover the new enhancements in Red Hat OpenShift support for Windows, focusing on the recent updates that tackle minor security vulnerabilities.. Windows Containers Support, Red Hat Update, Containerd Configuration Issues, Low Severity Security Fixes, OpenShift Enterprise Patch. . Severity: Low. LinuxSecurity.com Team

Jul 18, 2023 •Low Red Hat