[RHSA-2016:0070-01] Important: Red Hat OpenShift Enterprise 3.1.1 bug fix and enhancement update

news · January 27, 2016

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

=====================================================================

Red Hat Security Advisory

Synopsis: Important: Red Hat OpenShift Enterprise 3.1.1 bug fix and enhancement update

Advisory ID: RHSA-2016:0070-01

Product: Red Hat OpenShift Enterprise

Advisory URL: https://access.redhat.com/errata/RHSA-2016:0070

Issue date: 2016-01-26

CVE Names: CVE-2013-2186 CVE-2014-1869 CVE-2014-3661

CVE-2014-3662 CVE-2014-3663 CVE-2014-3664

CVE-2014-3666 CVE-2014-3667 CVE-2014-3680

CVE-2014-3681 CVE-2015-1806 CVE-2015-1807

CVE-2015-1808 CVE-2015-1810 CVE-2015-1812

CVE-2015-1813 CVE-2015-1814 CVE-2015-5317

CVE-2015-5318 CVE-2015-5319 CVE-2015-5320

CVE-2015-5321 CVE-2015-5322 CVE-2015-5323

CVE-2015-5324 CVE-2015-5325 CVE-2015-5326

CVE-2015-7537 CVE-2015-7538 CVE-2015-7539

CVE-2015-8103 CVE-2016-1905 CVE-2016-1906

=====================================================================

1. Summary:

Red Hat OpenShift Enterprise release 3.1.1 is now available with

updates to packages that fix several security issues, bugs and

introduce feature enhancements.

Red Hat Product Security has rated this update as having Important

security impact. Common Vulnerability Scoring System (CVSS) base

scores, which give detailed severity ratings, are available for each

vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

RHOSE 3.1 - noarch, x86_64

3. Description:

OpenShift Enterprise by Red Hat is the company's cloud computing

Platform-as-a-Service (PaaS) solution designed for on-premise or

private cloud deployments.

The following security issues are addressed with this release:

An authorization flaw was discovered in Kubernetes; the API server

did not properly check user permissions when handling certain

requests. An authenticated remote attacker could use this flaw to

gain additional access to resources such as RAM and disk space.

(CVE-2016-1905)

An authorization flaw was discovered in Kubernetes; the API server

did not properly check user permissions when handling certain build-

configuration strategies. A remote attacker could create build

configurations with strategies that violate policy. Although the

attacker could not launch the build themselves (launch fails when

the policy is violated), if the build configuration files were later

launched by other privileged services (such as automated triggers),

user privileges could be bypassed allowing attacker escalation.

(CVE-2016-1906)

An update for Jenkins Continuous Integration Server that addresses a

large number of security issues including XSS, CSRF, information

disclosure and code execution have been addressed as well.

(CVE-2013-2186, CVE-2014-1869, CVE-2014-3661, CVE-2014-3662

CVE-2014-3663, CVE-2014-3664, CVE-2014-3666, CVE-2014-3667

CVE-2014-3680, CVE-2014-3681, CVE-2015-1806, CVE-2015-1807

CVE-2015-1808, CVE-2015-1810, CVE-2015-1812, CVE-2015-1813

CVE-2015-1814, CVE-2015-5317, CVE-2015-5318, CVE-2015-5319

CVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323

CVE-2015-5324, CVE-2015-5325, CVE-2015-5326 ,CVE-2015-7537

CVE-2015-7538, CVE-2015-7539, CVE-2015-8103)

Space precludes documenting all of the bug fixes and enhancements in

this advisory. See the OpenShift Enterprise 3.1 Release Notes, which

will be updated shortly for release 3.1.1, for details about these

changes:

https://docs.openshift.com/enterprise/3.1/release_notes/ose_3_1_release_not

es.html

All OpenShift Enterprise 3 users are advised to upgrade to these

updated packages.

4. Solution:

Before applying this update, make sure all previously released

errata relevant to your system have been applied.

See the OpenShift Enterprise 3.1 documentation, which will be

updated shortly for release 3.1.1, for important instructions on how

to upgrade your OpenShift cluster and fully apply this asynchronous

errata update:

https://docs.openshift.com/enterprise/3.1/release_notes/ose_3_1_release_not

es.html

This update is available via the Red Hat Network. Details on how to

use the Red Hat Network to apply this update are available at

https://access.redhat.com/articles/11258.

5. Bugs fixed (https://bugzilla.redhat.com/):

974814 - CVE-2013-2186 Apache commons-fileupload: Arbitrary file upload via deserialization

1063099 - CVE-2014-1869 stapler-adjunct-zeroclipboard: multiple cross-site scripting (XSS) flaws

1147758 - CVE-2014-3661 jenkins: denial of service (SECURITY-87)

1147759 - CVE-2014-3662 jenkins: username discovery (SECURITY-110)

1147764 - CVE-2014-3663 jenkins: job configuration issues (SECURITY-127, SECURITY-128)

1147765 - CVE-2014-3664 jenkins: directory traversal flaw (SECURITY-131)

1147766 - CVE-2014-3681 jenkins: cross-site scripting flaw in Jenkins core (SECURITY-143)

1147769 - CVE-2014-3666 jenkins: remote code execution flaw (SECURITY-150)

1147770 - CVE-2014-3667 jenkins: plug-in code can be downloaded by anyone with read access (SECURITY-155)

1148645 - CVE-2014-3680 jenkins: password exposure in DOM (SECURITY-138)

1205615 - CVE-2015-1812 CVE-2015-1813 jenkins: Reflective XSS vulnerability (SECURITY-171, SECURITY-177)

1205616 - CVE-2015-1814 jenkins: forced API token change (SECURITY-180)

1205620 - CVE-2015-1806 jenkins: Combination filter Groovy script unsecured (SECURITY-125)

1205622 - CVE-2015-1807 jenkins: directory traversal from artifacts via symlink (SECURITY-162)

1205623 - CVE-2015-1808 jenkins: update center metadata retrieval DoS attack (SECURITY-163)

1205627 - CVE-2015-1810 jenkins: HudsonPrivateSecurityRealm allows creation of reserved names (SECURITY-166)

1243514 - there is possibly a race / error / startup dependency condition where the master's node/sdn doesn't start up properly on boot

1247523 - [RFE]-UI only includes first port in generated service

1254880 - Secure communication for Heapster metric collection

1256869 - Deleting Users and Identity does not remove Authorization Settings

1268478 - docker builder cannot retrieve source from git when user name is not a private git repository.

1273739 - Event shows "Cloud provider not initialized properly" when creating pod with cinder PV

1277329 - Core dump when running openshift for several days

1277383 - ovs-port wasn't deleted when openshift deleted pods

1277608 - NFS Recycler Fails in containerized Kubernetes

1278232 - if build fails to schedule because of quota, and pod count is reduced, build never automatically starts

1278630 - oc rollback says it is doing something, but doesn't appear to do it

1279404 - The clustered mysql pod keeps CrashLoopBackOff for cannot create directory '/var/lib/mysql/data/mysql': Permission denied

1279744 - postgresql-92-rhel7 cannot startup on AEP env

1279925 - After installation, openshift-sdn didn't make /etc/openshift-sdn/config.env, and can't access to the pod

1280216 - Setting env vars via Web UI not visible in the assemble phase of STI build (https://github.com/openshift/origin/issues/5817)

1280497 - [supportability] Build OpenShift with DWARF

1282359 - CVE-2015-5317 jenkins: Project name disclosure via fingerprints (SECURITY-153)

1282361 - CVE-2015-5318 jenkins: Public value used for CSRF protection salt (SECURITY-169)

1282362 - CVE-2015-5319 jenkins: XXE injection into job configurations via CLI (SECURITY-173)

1282363 - CVE-2015-5320 jenkins: Secret key not verified when connecting a slave (SECURITY-184)

1282364 - CVE-2015-5321 jenkins: Information disclosure via sidepanel (SECURITY-192)

1282365 - CVE-2015-5322 jenkins: Local file inclusion vulnerability (SECURITY-195)

1282366 - CVE-2015-5323 jenkins: API tokens of other users available to admins (SECURITY-200)

1282367 - CVE-2015-5324 jenkins: Queue API did show items not visible to the current user (SECURITY-186)

1282368 - CVE-2015-5325 jenkins: JNLP slaves not subject to slave-to-master access control (SECURITY-206)

1282369 - CVE-2015-5326 jenkins: Stored XSS vulnerability in slave offline status message (SECURITY-214)

1282371 - CVE-2015-8103 jenkins: Remote code execution vulnerability due to unsafe deserialization in Jenkins remoting (SECURITY-218)

1282426 - The secret cannot be recognized which was added via .docker/config.json

1282738 - Mysql Can't handle MYSQL_USER=root case

1283952 - Default haproxy 503 response lack HTTP response header

1284506 - tuned-profiles-atomic-openshift-node man is not updated to "atomic-openshift-X" new naming

1287414 - Wrong prompt message for oc attach regardless of parameter values

1287943 - When cancel a build the build status always become failed

1288014 - Panic, if redhat/openshift-ovs-multitenant is enabled.

1289603 - oc login fails with Unauthorized error sometimes on HA etcd environment

1289965 - node crashed

1290643 - Wrong Forwarded Header format

1290967 - Hostsubnet is not created and OSE node host doesn't do OVS setup

1291795 - CVE-2015-7537 jenkins: CSRF vulnerability in some administrative actions (SECURITY-225)

1291797 - CVE-2015-7538 jenkins: CSRF protection ineffective (SECURITY-233)

1291798 - CVE-2015-7539 jenkins: Jenkins plugin manager vulnerable to MITM attacks (SECURITY-234)

1292621 - jenkins-ephemeral template points at centos instead of rhel

1293251 - Can not access service endpoint between different nodes.

1293252 - Can not push images to docker-registry

1293829 - Return 'read time outÃ¢Â€Â˜ in jenkins webconsole when trigger a build more than 2 minites

1293877 - Postgresql pod is CrashLoopBackOff after add nfs volume to dc/rc

1294115 - Get error status 404 when trying to push result image to internal docker registry if registry is temporarily down and resumed immediately

1294798 - BuildConfig field for 'Perform builds in OpenShift' build step in Jenkins configure Job form is populated with default value of 'frontend' instead of actual stored value.

1296457 - Sometimes Persistent Volume can not become available after it is created

1297910 - CVE-2016-1905 Kubernetes api server: patch operation should use patched object to check admission control

1297916 - CVE-2016-1906 Kubernetes api server: build config to a strategy that isn't allowed by policy

6. Package List:

RHOSE 3.1:

Source:

atomic-openshift-3.1.1.6-1.git.0.b57e8bd.el7aos.src.rpm

heapster-0.18.2-3.gitaf4752e.el7aos.src.rpm

jenkins-1.625.3-2.el7aos.src.rpm

nodejs-align-text-0.1.3-2.el7aos.src.rpm

nodejs-ansi-green-0.1.1-1.el7aos.src.rpm

nodejs-ansi-wrap-0.1.0-1.el7aos.src.rpm

nodejs-anymatch-1.3.0-1.el7aos.src.rpm

nodejs-arr-diff-2.0.0-1.el7aos.src.rpm

nodejs-arr-flatten-1.0.1-1.el7aos.src.rpm

nodejs-array-unique-0.2.1-1.el7aos.src.rpm

nodejs-arrify-1.0.0-1.el7aos.src.rpm

nodejs-async-each-1.0.0-1.el7aos.src.rpm

nodejs-binary-extensions-1.3.1-1.el7aos.src.rpm

nodejs-braces-1.8.2-2.el7aos.src.rpm

nodejs-capture-stack-trace-1.0.0-2.el7aos.src.rpm

nodejs-chokidar-1.4.1-2.el7aos.src.rpm

nodejs-configstore-1.4.0-1.el7aos.src.rpm

nodejs-create-error-class-2.0.1-2.el7aos.src.rpm

nodejs-deep-extend-0.3.2-2.el7aos.src.rpm

nodejs-duplexer-0.1.1-2.el7aos.src.rpm

nodejs-duplexify-3.4.2-1.el7aos.src.rpm

nodejs-end-of-stream-1.1.0-2.el7aos.src.rpm

nodejs-error-ex-1.2.0-1.el7aos.src.rpm

nodejs-es6-promise-3.0.2-2.el7aos.src.rpm

nodejs-event-stream-3.3.2-1.el7aos.src.rpm

nodejs-expand-brackets-0.1.4-1.el7aos.src.rpm

nodejs-expand-range-1.8.1-1.el7aos.src.rpm

nodejs-extglob-0.3.1-1.el7aos.src.rpm

nodejs-filename-regex-2.0.0-1.el7aos.src.rpm

nodejs-fill-range-2.2.3-1.el7aos.src.rpm

nodejs-for-in-0.1.4-1.el7aos.src.rpm

nodejs-for-own-0.1.3-1.el7aos.src.rpm

nodejs-from-0.1.3-2.el7aos.src.rpm

nodejs-glob-base-0.3.0-1.el7aos.src.rpm

nodejs-glob-parent-2.0.0-1.el7aos.src.rpm

nodejs-got-5.2.1-1.el7aos.src.rpm

nodejs-graceful-fs-4.1.2-1.el7aos.src.rpm

nodejs-ini-1.1.0-6.el7aos.src.rpm

nodejs-is-binary-path-1.0.1-1.el7aos.src.rpm

nodejs-is-dotfile-1.0.2-1.el7aos.src.rpm

nodejs-is-equal-shallow-0.1.3-1.el7aos.src.rpm

nodejs-is-extendable-0.1.1-1.el7aos.src.rpm

nodejs-is-extglob-1.0.0-1.el7aos.src.rpm

nodejs-is-glob-2.0.1-1.el7aos.src.rpm

nodejs-is-npm-1.0.0-1.el7aos.src.rpm

nodejs-is-number-2.1.0-1.el7aos.src.rpm

nodejs-is-plain-obj-1.0.0-1.el7aos.src.rpm

nodejs-is-primitive-2.0.0-1.el7aos.src.rpm

nodejs-is-redirect-1.0.0-1.el7aos.src.rpm

nodejs-is-stream-1.0.1-2.el7aos.src.rpm

nodejs-isobject-2.0.0-1.el7aos.src.rpm

nodejs-kind-of-3.0.2-1.el7aos.src.rpm

nodejs-latest-version-2.0.0-1.el7aos.src.rpm

nodejs-lazy-cache-1.0.2-1.el7aos.src.rpm

nodejs-lodash.assign-3.2.0-1.el7aos.src.rpm

nodejs-lodash.baseassign-3.2.0-1.el7aos.src.rpm

nodejs-lodash.basecopy-3.0.1-1.el7aos.src.rpm

nodejs-lodash.bindcallback-3.0.1-1.el7aos.src.rpm

nodejs-lodash.createassigner-3.1.1-1.el7aos.src.rpm

nodejs-lodash.defaults-3.1.2-1.el7aos.src.rpm

nodejs-lodash.getnative-3.9.1-1.el7aos.src.rpm

nodejs-lodash.isarguments-3.0.4-1.el7aos.src.rpm

nodejs-lodash.isarray-3.0.4-1.el7aos.src.rpm

nodejs-lodash.isiterateecall-3.0.9-1.el7aos.src.rpm

nodejs-lodash.keys-3.1.2-1.el7aos.src.rpm

nodejs-lodash.restparam-3.6.1-1.el7aos.src.rpm

nodejs-lowercase-keys-1.0.0-2.el7aos.src.rpm

nodejs-map-stream-0.1.0-2.el7aos.src.rpm

nodejs-micromatch-2.3.5-2.el7aos.src.rpm

nodejs-mkdirp-0.5.0-2.el7aos.src.rpm

nodejs-node-status-codes-1.0.0-1.el7aos.src.rpm

nodejs-nodemon-1.8.1-2.el7aos.src.rpm

nodejs-normalize-path-2.0.1-1.el7aos.src.rpm

nodejs-object-assign-4.0.1-1.el7aos.src.rpm

nodejs-object.omit-2.0.0-1.el7aos.src.rpm

nodejs-optimist-0.4.0-5.el7aos.src.rpm

nodejs-os-homedir-1.0.1-1.el7aos.src.rpm

nodejs-os-tmpdir-1.0.1-1.el7aos.src.rpm

nodejs-osenv-0.1.0-2.el7aos.src.rpm

nodejs-package-json-2.3.0-1.el7aos.src.rpm

nodejs-parse-glob-3.0.4-1.el7aos.src.rpm

nodejs-parse-json-2.2.0-2.el7aos.src.rpm

nodejs-pause-stream-0.0.11-2.el7aos.src.rpm

nodejs-pinkie-2.0.1-1.el7aos.src.rpm

nodejs-pinkie-promise-2.0.0-1.el7aos.src.rpm

nodejs-prepend-http-1.0.1-2.el7aos.src.rpm

nodejs-preserve-0.2.0-1.el7aos.src.rpm

nodejs-ps-tree-1.0.1-1.el7aos.src.rpm

nodejs-randomatic-1.1.5-1.el7aos.src.rpm

nodejs-rc-1.1.2-1.el7aos.src.rpm

nodejs-read-all-stream-3.0.1-3.el7aos.src.rpm

nodejs-readdirp-2.0.0-2.el7aos.src.rpm

nodejs-regex-cache-0.4.2-1.el7aos.src.rpm

nodejs-registry-url-3.0.3-1.el7aos.src.rpm

nodejs-repeat-element-1.1.2-1.el7aos.src.rpm

nodejs-semver-5.1.0-1.el7aos.src.rpm

nodejs-semver-diff-2.1.0-1.el7aos.src.rpm

nodejs-slide-1.1.5-3.el7aos.src.rpm

nodejs-split-0.3.3-2.el7aos.src.rpm

nodejs-stream-combiner-0.2.1-2.el7aos.src.rpm

nodejs-string-length-1.0.1-1.el7aos.src.rpm

nodejs-strip-json-comments-1.0.2-2.el7aos.src.rpm

nodejs-success-symbol-0.1.0-1.el7aos.src.rpm

nodejs-through-2.3.4-4.el7aos.src.rpm

nodejs-timed-out-2.0.0-3.el7aos.src.rpm

nodejs-touch-1.0.0-2.el7aos.src.rpm

nodejs-undefsafe-0.0.3-1.el7aos.src.rpm

nodejs-unzip-response-1.0.0-1.el7aos.src.rpm

nodejs-update-notifier-0.6.0-1.el7aos.src.rpm

nodejs-url-parse-lax-1.0.0-1.el7aos.src.rpm

nodejs-uuid-2.0.1-1.el7aos.src.rpm

nodejs-write-file-atomic-1.1.2-2.el7aos.src.rpm

nodejs-xdg-basedir-2.0.0-1.el7aos.src.rpm

nss_wrapper-1.0.3-1.el7.src.rpm

openshift-ansible-3.0.35-1.git.0.6a386dd.el7aos.src.rpm

openvswitch-2.4.0-1.el7.src.rpm

origin-kibana-0.5.0-1.el7aos.src.rpm

noarch:

atomic-openshift-utils-3.0.35-1.git.0.6a386dd.el7aos.noarch.rpm

jenkins-1.625.3-2.el7aos.noarch.rpm

nodejs-align-text-0.1.3-2.el7aos.noarch.rpm

nodejs-ansi-green-0.1.1-1.el7aos.noarch.rpm

nodejs-ansi-wrap-0.1.0-1.el7aos.noarch.rpm

nodejs-anymatch-1.3.0-1.el7aos.noarch.rpm

nodejs-arr-diff-2.0.0-1.el7aos.noarch.rpm

nodejs-arr-flatten-1.0.1-1.el7aos.noarch.rpm

nodejs-array-unique-0.2.1-1.el7aos.noarch.rpm

nodejs-arrify-1.0.0-1.el7aos.noarch.rpm

nodejs-async-each-1.0.0-1.el7aos.noarch.rpm

nodejs-binary-extensions-1.3.1-1.el7aos.noarch.rpm

nodejs-braces-1.8.2-2.el7aos.noarch.rpm

nodejs-capture-stack-trace-1.0.0-2.el7aos.noarch.rpm

nodejs-chokidar-1.4.1-2.el7aos.noarch.rpm

nodejs-configstore-1.4.0-1.el7aos.noarch.rpm

nodejs-create-error-class-2.0.1-2.el7aos.noarch.rpm

nodejs-deep-extend-0.3.2-2.el7aos.noarch.rpm

nodejs-duplexer-0.1.1-2.el7aos.noarch.rpm

nodejs-duplexify-3.4.2-1.el7aos.noarch.rpm

nodejs-end-of-stream-1.1.0-2.el7aos.noarch.rpm

nodejs-error-ex-1.2.0-1.el7aos.noarch.rpm

nodejs-es6-promise-3.0.2-2.el7aos.noarch.rpm

nodejs-event-stream-3.3.2-1.el7aos.noarch.rpm

nodejs-expand-brackets-0.1.4-1.el7aos.noarch.rpm

nodejs-expand-range-1.8.1-1.el7aos.noarch.rpm

nodejs-extglob-0.3.1-1.el7aos.noarch.rpm

nodejs-filename-regex-2.0.0-1.el7aos.noarch.rpm

nodejs-fill-range-2.2.3-1.el7aos.noarch.rpm

nodejs-for-in-0.1.4-1.el7aos.noarch.rpm

nodejs-for-own-0.1.3-1.el7aos.noarch.rpm

nodejs-from-0.1.3-2.el7aos.noarch.rpm

nodejs-glob-base-0.3.0-1.el7aos.noarch.rpm

nodejs-glob-parent-2.0.0-1.el7aos.noarch.rpm

nodejs-got-5.2.1-1.el7aos.noarch.rpm

nodejs-graceful-fs-4.1.2-1.el7aos.noarch.rpm

nodejs-ini-1.1.0-6.el7aos.noarch.rpm

nodejs-is-binary-path-1.0.1-1.el7aos.noarch.rpm

nodejs-is-dotfile-1.0.2-1.el7aos.noarch.rpm

nodejs-is-equal-shallow-0.1.3-1.el7aos.noarch.rpm

nodejs-is-extendable-0.1.1-1.el7aos.noarch.rpm

nodejs-is-extglob-1.0.0-1.el7aos.noarch.rpm

nodejs-is-glob-2.0.1-1.el7aos.noarch.rpm

nodejs-is-npm-1.0.0-1.el7aos.noarch.rpm

nodejs-is-number-2.1.0-1.el7aos.noarch.rpm

nodejs-is-plain-obj-1.0.0-1.el7aos.noarch.rpm

nodejs-is-primitive-2.0.0-1.el7aos.noarch.rpm

nodejs-is-redirect-1.0.0-1.el7aos.noarch.rpm

nodejs-is-stream-1.0.1-2.el7aos.noarch.rpm

nodejs-isobject-2.0.0-1.el7aos.noarch.rpm

nodejs-kind-of-3.0.2-1.el7aos.noarch.rpm

nodejs-latest-version-2.0.0-1.el7aos.noarch.rpm

nodejs-lazy-cache-1.0.2-1.el7aos.noarch.rpm

nodejs-lodash.assign-3.2.0-1.el7aos.noarch.rpm

nodejs-lodash.baseassign-3.2.0-1.el7aos.noarch.rpm

nodejs-lodash.basecopy-3.0.1-1.el7aos.noarch.rpm

nodejs-lodash.bindcallback-3.0.1-1.el7aos.noarch.rpm

nodejs-lodash.createassigner-3.1.1-1.el7aos.noarch.rpm

nodejs-lodash.defaults-3.1.2-1.el7aos.noarch.rpm

nodejs-lodash.getnative-3.9.1-1.el7aos.noarch.rpm

nodejs-lodash.isarguments-3.0.4-1.el7aos.noarch.rpm

nodejs-lodash.isarray-3.0.4-1.el7aos.noarch.rpm

nodejs-lodash.isiterateecall-3.0.9-1.el7aos.noarch.rpm

nodejs-lodash.keys-3.1.2-1.el7aos.noarch.rpm

nodejs-lodash.restparam-3.6.1-1.el7aos.noarch.rpm

nodejs-lowercase-keys-1.0.0-2.el7aos.noarch.rpm

nodejs-map-stream-0.1.0-2.el7aos.noarch.rpm

nodejs-micromatch-2.3.5-2.el7aos.noarch.rpm

nodejs-mkdirp-0.5.0-2.el7aos.noarch.rpm

nodejs-node-status-codes-1.0.0-1.el7aos.noarch.rpm

nodejs-nodemon-1.8.1-2.el7aos.noarch.rpm

nodejs-normalize-path-2.0.1-1.el7aos.noarch.rpm

nodejs-object-assign-4.0.1-1.el7aos.noarch.rpm

nodejs-object.omit-2.0.0-1.el7aos.noarch.rpm

nodejs-optimist-0.4.0-5.el7aos.noarch.rpm

nodejs-os-homedir-1.0.1-1.el7aos.noarch.rpm

nodejs-os-tmpdir-1.0.1-1.el7aos.noarch.rpm

nodejs-osenv-0.1.0-2.el7aos.noarch.rpm

nodejs-package-json-2.3.0-1.el7aos.noarch.rpm

nodejs-parse-glob-3.0.4-1.el7aos.noarch.rpm

nodejs-parse-json-2.2.0-2.el7aos.noarch.rpm

nodejs-pause-stream-0.0.11-2.el7aos.noarch.rpm

nodejs-pinkie-2.0.1-1.el7aos.noarch.rpm

nodejs-pinkie-promise-2.0.0-1.el7aos.noarch.rpm

nodejs-prepend-http-1.0.1-2.el7aos.noarch.rpm

nodejs-preserve-0.2.0-1.el7aos.noarch.rpm

nodejs-ps-tree-1.0.1-1.el7aos.noarch.rpm

nodejs-randomatic-1.1.5-1.el7aos.noarch.rpm

nodejs-rc-1.1.2-1.el7aos.noarch.rpm

nodejs-read-all-stream-3.0.1-3.el7aos.noarch.rpm

nodejs-readdirp-2.0.0-2.el7aos.noarch.rpm

nodejs-regex-cache-0.4.2-1.el7aos.noarch.rpm

nodejs-registry-url-3.0.3-1.el7aos.noarch.rpm

nodejs-repeat-element-1.1.2-1.el7aos.noarch.rpm

nodejs-semver-5.1.0-1.el7aos.noarch.rpm

nodejs-semver-diff-2.1.0-1.el7aos.noarch.rpm

nodejs-slide-1.1.5-3.el7aos.noarch.rpm

nodejs-split-0.3.3-2.el7aos.noarch.rpm

nodejs-stream-combiner-0.2.1-2.el7aos.noarch.rpm

nodejs-string-length-1.0.1-1.el7aos.noarch.rpm

nodejs-strip-json-comments-1.0.2-2.el7aos.noarch.rpm

nodejs-success-symbol-0.1.0-1.el7aos.noarch.rpm

nodejs-through-2.3.4-4.el7aos.noarch.rpm

nodejs-timed-out-2.0.0-3.el7aos.noarch.rpm

nodejs-touch-1.0.0-2.el7aos.noarch.rpm

nodejs-undefsafe-0.0.3-1.el7aos.noarch.rpm

nodejs-unzip-response-1.0.0-1.el7aos.noarch.rpm

nodejs-update-notifier-0.6.0-1.el7aos.noarch.rpm

nodejs-url-parse-lax-1.0.0-1.el7aos.noarch.rpm

nodejs-uuid-2.0.1-1.el7aos.noarch.rpm

nodejs-write-file-atomic-1.1.2-2.el7aos.noarch.rpm

nodejs-xdg-basedir-2.0.0-1.el7aos.noarch.rpm

openshift-ansible-3.0.35-1.git.0.6a386dd.el7aos.noarch.rpm

openshift-ansible-docs-3.0.35-1.git.0.6a386dd.el7aos.noarch.rpm

openshift-ansible-filter-plugins-3.0.35-1.git.0.6a386dd.el7aos.noarch.rpm

openshift-ansible-lookup-plugins-3.0.35-1.git.0.6a386dd.el7aos.noarch.rpm

openshift-ansible-playbooks-3.0.35-1.git.0.6a386dd.el7aos.noarch.rpm

openshift-ansible-roles-3.0.35-1.git.0.6a386dd.el7aos.noarch.rpm

openvswitch-test-2.4.0-1.el7.noarch.rpm

origin-kibana-0.5.0-1.el7aos.noarch.rpm

python-openvswitch-2.4.0-1.el7.noarch.rpm

x86_64:

atomic-openshift-3.1.1.6-1.git.0.b57e8bd.el7aos.x86_64.rpm

atomic-openshift-clients-3.1.1.6-1.git.0.b57e8bd.el7aos.x86_64.rpm

atomic-openshift-clients-redistributable-3.1.1.6-1.git.0.b57e8bd.el7aos.x86_64.rpm

atomic-openshift-dockerregistry-3.1.1.6-1.git.0.b57e8bd.el7aos.x86_64.rpm

atomic-openshift-master-3.1.1.6-1.git.0.b57e8bd.el7aos.x86_64.rpm

atomic-openshift-node-3.1.1.6-1.git.0.b57e8bd.el7aos.x86_64.rpm

atomic-openshift-pod-3.1.1.6-1.git.0.b57e8bd.el7aos.x86_64.rpm

atomic-openshift-recycle-3.1.1.6-1.git.0.b57e8bd.el7aos.x86_64.rpm

atomic-openshift-sdn-ovs-3.1.1.6-1.git.0.b57e8bd.el7aos.x86_64.rpm

heapster-0.18.2-3.gitaf4752e.el7aos.x86_64.rpm

nss_wrapper-1.0.3-1.el7.x86_64.rpm

nss_wrapper-debuginfo-1.0.3-1.el7.x86_64.rpm

openvswitch-2.4.0-1.el7.x86_64.rpm

openvswitch-debuginfo-2.4.0-1.el7.x86_64.rpm

openvswitch-devel-2.4.0-1.el7.x86_64.rpm

tuned-profiles-atomic-openshift-node-3.1.1.6-1.git.0.b57e8bd.el7aos.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and

details on how to verify the signature are available from

https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2013-2186

https://access.redhat.com/security/cve/CVE-2014-1869

https://access.redhat.com/security/cve/CVE-2014-3661

https://access.redhat.com/security/cve/CVE-2014-3662

https://access.redhat.com/security/cve/CVE-2014-3663

https://access.redhat.com/security/cve/CVE-2014-3664

https://access.redhat.com/security/cve/CVE-2014-3666

https://access.redhat.com/security/cve/CVE-2014-3667

https://access.redhat.com/security/cve/CVE-2014-3680

https://access.redhat.com/security/cve/CVE-2014-3681

https://access.redhat.com/security/cve/CVE-2015-1806

https://access.redhat.com/security/cve/CVE-2015-1807

https://access.redhat.com/security/cve/CVE-2015-1808

https://access.redhat.com/security/cve/CVE-2015-1810

https://access.redhat.com/security/cve/CVE-2015-1812

https://access.redhat.com/security/cve/CVE-2015-1813

https://access.redhat.com/security/cve/CVE-2015-1814

https://access.redhat.com/security/cve/CVE-2015-5317

https://access.redhat.com/security/cve/CVE-2015-5318

https://access.redhat.com/security/cve/CVE-2015-5319

https://access.redhat.com/security/cve/CVE-2015-5320

https://access.redhat.com/security/cve/CVE-2015-5321

https://access.redhat.com/security/cve/CVE-2015-5322

https://access.redhat.com/security/cve/CVE-2015-5323

https://access.redhat.com/security/cve/CVE-2015-5324

https://access.redhat.com/security/cve/CVE-2015-5325

https://access.redhat.com/security/cve/CVE-2015-5326

https://access.redhat.com/security/cve/CVE-2015-7537

https://access.redhat.com/security/cve/CVE-2015-7538

https://access.redhat.com/security/cve/CVE-2015-7539

https://access.redhat.com/security/cve/CVE-2015-8103

https://access.redhat.com/security/cve/CVE-2016-1905

https://access.redhat.com/security/cve/CVE-2016-1906

https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact

details at https://access.redhat.com/security/team/contact/

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1

iD8DBQFWp8WBXlSAg2UNWIIRApU1AJ9rfvzdqsJw+FiIJ738zkP8W9aUdQCgrpMI

HGjEZ3TomH8FH54NirLBZkg=

=biAq

-----END PGP SIGNATURE-----

--

Sign In

[RHSA-2016:0070-01] Important: Red Hat OpenShift Enterprise 3.1.1 bug fix and enhancement update

Recommended Posts

news 28

Share this post

Link to post

Please sign in to comment

Browse

Activity