RHBA-2020:3307 - Bug Fix Advisory
Bug Fix Advisory
This erratum updates the current JWS 5.3 images to provide a fix for dbus CVE-2020-12049 and for multiple java-1.8.0-openjdk and java-11-openjdk CVEs. It also updates the images to consume the JWS 5.3.2 release.
Red Hat xPaaS provides images for many of the Red Hat Middleware products for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments.
The current JWS 5.3 OpenShift images have been updated to address dbus CVE-2020-12049. The JDK8 image has been updated for java-1.8.0-openjdk CVEs (CVE-2020-14556, CVE-2020-14577,
CVE-2020-14578, CVE-2020-14579, CVE-2020-14583, CVE-2020-14593, CVE-2020-14621) and the JDK11 image has been updated for java-11-openjdk CVEs (CVE-2020-14556, CVE-2020-14562, CVE-2020-14573, CVE-2020-14577, CVE-2020-14583, CVE-2020-14593, CVE-2020-14621). The images have been updated to consume the JWS 5.3.2 release.
These images can be used with OpenShift Container Platform 3.10 and 3.11.
To update to the latest JWS 5.3 for OpenShift image, run the following steps to pull in the content:
On your master host(s), ensure you are logged into the CLI as a cluster administrator or user that has project administrator access to the global "openshift" project.
$ oc login -u system:admin
Then, run the following command to update the core JWS 5.3 tomcat 9 OpenShift image stream in the "openshift" project:
For updating the core JWS 5.3 tomcat 9 with OpenJDK8 OpenShift image please run
$ oc -n openshift import-image jboss-webserver53-openjdk8-tomcat9-openshift:1.0
For updating the core JWS 5.3 tomcat 9 with OpenJDK11 OpenShift image please run
$ oc -n openshift import-image jboss-webserver53-openjdk11-tomcat9-openshift:1.0
- Red Hat OpenShift Container Platform 3.11 x86_64
- Red Hat OpenShift Container Platform 3.10 x86_64
- BZ - 1849041 - CVE-2020-12049 dbus: denial of service via file descriptor leak
Red Hat OpenShift Container Platform 3.11
Red Hat OpenShift Container Platform 3.10