RHBA-2020:3304 - Bug Fix Advisory
Bug Fix Advisory
This erratum updates the current JWS 3.1 images to consume the JWS 3.1.10 release and to also provide a fix for dbus CVE-2020-12049 and for multiple java-1.8.0-openjdk CVEs.
Red Hat xPaaS provides images for many of the Red Hat Middleware products for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments.
The current JWS 3.1 OpenShift images have been updated to consume the JWS 3.1.10 release. They have also been updated to address dbus CVE-2020-12049 and java-1.8.0-openjdk CVEs (CVE-2020-14556, CVE-2020-14577, CVE-2020-14578, CVE-2020-14579, CVE-2020-14583, CVE-2020-14593, CVE-2020-14621). These images can be used with OpenShift Container Platform 3.10 and 3.11.
To update to the latest JWS for OpenShift image, run the following steps to pull in the content:
On your master host(s), ensure you are logged into the CLI as a cluster administrator or user that has project administrator access to the global "openshift" project.
$ oc login -u system:admin
Then, run the following command to update the core JWS 3.1 OpenShift image stream in the "openshift" project:
For updating the core JWS 3.1 tomcat 8 OpenShift image please run
$ oc -n openshift import-image jboss-webserver31-tomcat8-openshift:1.4
For updating the core JWS 3.1 tomcat 7 OpenShift image please run
$ oc -n openshift import-image jboss-webserver31-tomcat7-openshift:1.4
- Red Hat OpenShift Container Platform 3.11 x86_64
- Red Hat OpenShift Container Platform 3.10 x86_64
- BZ - 1849041 - CVE-2020-12049 dbus: denial of service via file descriptor leak
Red Hat OpenShift Container Platform 3.11
Red Hat OpenShift Container Platform 3.10