RHSA-2021:0079: Moderate: OpenShift Container Platform 3.11.374 bug fix and security update

Q: What is the severity of RHSA-2021:0079?

The severity of RHSA-2021:0079 is classified by Red Hat as important.

Q: How do I fix RHSA-2021:0079?

To fix RHSA-2021:0079, update the affected RPM packages to the specified versions in the advisory.

Q: Which versions of OpenShift does RHSA-2021:0079 affect?

RHSA-2021:0079 affects specific versions of the Red Hat OpenShift Container Platform, particularly 3.11.374 and earlier.

Q: What is the purpose of the update in RHSA-2021:0079?

The update in RHSA-2021:0079 addresses vulnerabilities in the OpenShift Container Platform to enhance security.

Q: Are there any specific packages to be updated for RHSA-2021:0079?

Yes, RHSA-2021:0079 lists several packages such as atomic-openshift and atomic-openshift-metrics-server that require updates.

Published Jan 20, 2021

Updated

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.374. See the following advisory for the container images for this release: <a href="https://access.redhat.com/errata/RHBA-2021:0080" target="blank">https://access.redhat.com/errata/RHBA-2021:0080</a> Security Fix(es): <li> golang.org/x/crypto: Keystream loop in amd64 assembly when overflowing 32-bit counter (CVE-2019-11840)</li> <li> kubernetes: MITM using LoadBalancer or ExternalIPs (CVE-2020-8554)</li> <li> python-urllib3: CRLF injection via HTTP request method (CVE-2020-26137)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software

79 affected componentsFixes available

redhat/atomic-enterprise-service-catalog<3.11.374-1.git.1675.738abcc.el7

3.11.374-1.git.1675.738abcc.el7

redhat/atomic-openshift<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-cluster-autoscaler<3.11.374-1.git.0.2996f62.el7

3.11.374-1.git.0.2996f62.el7

redhat/atomic-openshift-descheduler<3.11.374-1.git.299.f128e96.el7

3.11.374-1.git.299.f128e96.el7

redhat/atomic-openshift-dockerregistry<3.11.374-1.git.481.e6a880c.el7

3.11.374-1.git.481.e6a880c.el7

redhat/atomic-openshift-metrics-server<3.11.374-1.git.53.9df25a9.el7

3.11.374-1.git.53.9df25a9.el7

redhat/atomic-openshift-node-problem-detector<3.11.374-1.git.263.28335fb.el7

3.11.374-1.git.263.28335fb.el7

redhat/atomic-openshift-service-idler<3.11.374-1.git.15.523a1f7.el7

3.11.374-1.git.15.523a1f7.el7

redhat/atomic-openshift-web-console<3.11.374-1.git.647.9e78d83.el7

3.11.374-1.git.647.9e78d83.el7

redhat/golang-github-openshift-oauth-proxy<3.11.374-1.git.439.966c536.el7

3.11.374-1.git.439.966c536.el7

redhat/golang-github-prometheus-alertmanager<3.11.374-1.git.0.3abd2a5.el7

3.11.374-1.git.0.3abd2a5.el7

redhat/golang-github-prometheus-prometheus<3.11.374-1.git.5026.29379c4.el7

3.11.374-1.git.5026.29379c4.el7

redhat/openshift-ansible<3.11.374-1.git.0.92f5956.el7

3.11.374-1.git.0.92f5956.el7

redhat/openshift-enterprise-autoheal<3.11.374-1.git.218.9cf7939.el7

3.11.374-1.git.218.9cf7939.el7

redhat/openshift-enterprise-cluster-capacity<3.11.374-1.git.379.80bd08f.el7

3.11.374-1.git.379.80bd08f.el7

redhat/openshift-kuryr<3.11.374-1.git.1478.ef11824.el7

3.11.374-1.git.1478.ef11824.el7

redhat/python-urllib3<1.26.2-1.el7

1.26.2-1.el7

redhat/atomic-enterprise-service-catalog<3.11.374-1.git.1675.738abcc.el7

3.11.374-1.git.1675.738abcc.el7

redhat/atomic-enterprise-service-catalog-svcat<3.11.374-1.git.1675.738abcc.el7

3.11.374-1.git.1675.738abcc.el7

redhat/atomic-openshift<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-clients<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-clients-redistributable<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-cluster-autoscaler<3.11.374-1.git.0.2996f62.el7

3.11.374-1.git.0.2996f62.el7

redhat/atomic-openshift-descheduler<3.11.374-1.git.299.f128e96.el7

3.11.374-1.git.299.f128e96.el7

redhat/atomic-openshift-docker-excluder<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-dockerregistry<3.11.374-1.git.481.e6a880c.el7

3.11.374-1.git.481.e6a880c.el7

redhat/atomic-openshift-excluder<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-hyperkube<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-hypershift<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-master<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-metrics-server<3.11.374-1.git.53.9df25a9.el7

3.11.374-1.git.53.9df25a9.el7

redhat/atomic-openshift-node<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-node-problem-detector<3.11.374-1.git.263.28335fb.el7

3.11.374-1.git.263.28335fb.el7

redhat/atomic-openshift-pod<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-sdn-ovs<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-service-idler<3.11.374-1.git.15.523a1f7.el7

3.11.374-1.git.15.523a1f7.el7

redhat/atomic-openshift-template-service-broker<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-tests<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-web-console<3.11.374-1.git.647.9e78d83.el7

3.11.374-1.git.647.9e78d83.el7

redhat/golang-github-openshift-oauth-proxy<3.11.374-1.git.439.966c536.el7

3.11.374-1.git.439.966c536.el7

redhat/openshift-ansible<3.11.374-1.git.0.92f5956.el7

3.11.374-1.git.0.92f5956.el7

redhat/openshift-ansible-docs<3.11.374-1.git.0.92f5956.el7

3.11.374-1.git.0.92f5956.el7

redhat/openshift-ansible-playbooks<3.11.374-1.git.0.92f5956.el7

3.11.374-1.git.0.92f5956.el7

redhat/openshift-ansible-roles<3.11.374-1.git.0.92f5956.el7

3.11.374-1.git.0.92f5956.el7

redhat/openshift-enterprise-autoheal<3.11.374-1.git.218.9cf7939.el7

3.11.374-1.git.218.9cf7939.el7

redhat/openshift-enterprise-cluster-capacity<3.11.374-1.git.379.80bd08f.el7

3.11.374-1.git.379.80bd08f.el7

redhat/openshift-kuryr-cni<3.11.374-1.git.1478.ef11824.el7

3.11.374-1.git.1478.ef11824.el7

redhat/openshift-kuryr-common<3.11.374-1.git.1478.ef11824.el7

3.11.374-1.git.1478.ef11824.el7

redhat/openshift-kuryr-controller<3.11.374-1.git.1478.ef11824.el7

3.11.374-1.git.1478.ef11824.el7

redhat/prometheus<3.11.374-1.git.5026.29379c4.el7

3.11.374-1.git.5026.29379c4.el7

redhat/prometheus-alertmanager<3.11.374-1.git.0.3abd2a5.el7

3.11.374-1.git.0.3abd2a5.el7

redhat/prometheus-node-exporter<3.11.374-1.git.1062.490d6d5.el7

3.11.374-1.git.1062.490d6d5.el7

redhat/python2-kuryr-kubernetes<3.11.374-1.git.1478.ef11824.el7

3.11.374-1.git.1478.ef11824.el7

redhat/python2-urllib3<1.26.2-1.el7

1.26.2-1.el7

redhat/atomic-enterprise-service-catalog<3.11.374-1.git.1675.738abcc.el7

3.11.374-1.git.1675.738abcc.el7

redhat/atomic-enterprise-service-catalog-svcat<3.11.374-1.git.1675.738abcc.el7

3.11.374-1.git.1675.738abcc.el7

redhat/atomic-openshift<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-clients<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-cluster-autoscaler<3.11.374-1.git.0.2996f62.el7

3.11.374-1.git.0.2996f62.el7

redhat/atomic-openshift-descheduler<3.11.374-1.git.299.f128e96.el7

3.11.374-1.git.299.f128e96.el7

redhat/atomic-openshift-hyperkube<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-hypershift<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-master<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-metrics-server<3.11.374-1.git.53.9df25a9.el7

3.11.374-1.git.53.9df25a9.el7

redhat/atomic-openshift-node<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-node-problem-detector<3.11.374-1.git.263.28335fb.el7

3.11.374-1.git.263.28335fb.el7

redhat/atomic-openshift-pod<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-sdn-ovs<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-service-idler<3.11.374-1.git.15.523a1f7.el7

3.11.374-1.git.15.523a1f7.el7

redhat/atomic-openshift-template-service-broker<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-tests<3.11.374-1.git.0.ebd3ee9.el7

3.11.374-1.git.0.ebd3ee9.el7

redhat/atomic-openshift-web-console<3.11.374-1.git.647.9e78d83.el7

3.11.374-1.git.647.9e78d83.el7

redhat/golang-github-openshift-oauth-proxy<3.11.374-1.git.439.966c536.el7

3.11.374-1.git.439.966c536.el7

redhat/openshift-ansible-test<3.11.374-1.git.0.92f5956.el7

3.11.374-1.git.0.92f5956.el7

redhat/openshift-enterprise-autoheal<3.11.374-1.git.218.9cf7939.el7

3.11.374-1.git.218.9cf7939.el7

redhat/openshift-enterprise-cluster-capacity<3.11.374-1.git.379.80bd08f.el7

3.11.374-1.git.379.80bd08f.el7

redhat/prometheus<3.11.374-1.git.5026.29379c4.el7

3.11.374-1.git.5026.29379c4.el7

redhat/prometheus-alertmanager<3.11.374-1.git.0.3abd2a5.el7

3.11.374-1.git.0.3abd2a5.el7

redhat/prometheus-node-exporter<3.11.374-1.git.1062.490d6d5.el7

3.11.374-1.git.1062.490d6d5.el7

Remediation

Event History

Dec 5, 2024

Advisory Published

via Red Hat·02:21 AM

Frequently Asked Questions

What is the severity of RHSA-2021:0079?

The severity of RHSA-2021:0079 is classified by Red Hat as important.

How do I fix RHSA-2021:0079?

To fix RHSA-2021:0079, update the affected RPM packages to the specified versions in the advisory.

Which versions of OpenShift does RHSA-2021:0079 affect?

RHSA-2021:0079 affects specific versions of the Red Hat OpenShift Container Platform, particularly 3.11.374 and earlier.

What is the purpose of the update in RHSA-2021:0079?

The update in RHSA-2021:0079 addresses vulnerabilities in the OpenShift Container Platform to enhance security.

Are there any specific packages to be updated for RHSA-2021:0079?

Yes, RHSA-2021:0079 lists several packages such as atomic-openshift and atomic-openshift-metrics-server that require updates.

RHSA-2021:0079: Moderate: OpenShift Container Platform 3.11.374 bug fix and security update

Affected Software

Remediation

Event History

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of RHSA-2021:0079?

How do I fix RHSA-2021:0079?

Which versions of OpenShift does RHSA-2021:0079 affect?

What is the purpose of the update in RHSA-2021:0079?

Are there any specific packages to be updated for RHSA-2021:0079?

Company

Resources

Contact