Red Hat Customer Portal

Skip to main content

Main Navigation

  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Automation Platform
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat Advanced Cluster Management for Kubernetes
      • Red Hat Quay
      • Red Hat CodeReady Workspaces
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Openshift Container Storage
    • Runtimes
      • Back
      • Red Hat Runtimes
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat Data Grid
      • Red Hat JBoss Web Server
      • Red Hat Single Sign On
      • Red Hat support for Spring Boot
      • Red Hat build of Node.js
      • Red Hat build of Thorntail
      • Red Hat build of Eclipse Vert.x
      • Red Hat build of OpenJDK
      • Red Hat build of Quarkus
      • Red Hat CodeReady Studio
    • Integration and Automation
      • Back
      • Red Hat Integration
      • Red Hat Fuse
      • Red Hat AMQ
      • Red Hat 3scale API Management
      • Red Hat JBoss Data Virtualization
      • Red Hat Process Automation
      • Red Hat Process Automation Manager
      • Red Hat Decision Manager
    • Support
    • Production Support
    • Development Support
    • Product Life Cycles
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem Catalog
    • Partner Resources
    • Red Hat in the Public Cloud
  • Tools
    • Back
    • Red Hat Insights
    • Tools
    • Troubleshoot a product issue
    • Packages
    • Errata
    • Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Security
    • Troubleshooting
  • Security
    • Back
    • Product Security Center
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • 한국어
    • 日本語
    • 中文 (中国)
Red Hat Customer Portal
  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Automation Platform
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat Advanced Cluster Management for Kubernetes
      • Red Hat Quay
      • Red Hat CodeReady Workspaces
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Openshift Container Storage
    • Runtimes
      • Back
      • Red Hat Runtimes
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat Data Grid
      • Red Hat JBoss Web Server
      • Red Hat Single Sign On
      • Red Hat support for Spring Boot
      • Red Hat build of Node.js
      • Red Hat build of Thorntail
      • Red Hat build of Eclipse Vert.x
      • Red Hat build of OpenJDK
      • Red Hat build of Quarkus
      • Red Hat CodeReady Studio
    • Integration and Automation
      • Back
      • Red Hat Integration
      • Red Hat Fuse
      • Red Hat AMQ
      • Red Hat 3scale API Management
      • Red Hat JBoss Data Virtualization
      • Red Hat Process Automation
      • Red Hat Process Automation Manager
      • Red Hat Decision Manager
    • Support
    • Production Support
    • Development Support
    • Product Life Cycles
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem Catalog
    • Partner Resources
    • Red Hat in the Public Cloud
  • Tools
    • Back
    • Red Hat Insights
    • Tools
    • Troubleshoot a product issue
    • Packages
    • Errata
    • Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Security
    • Troubleshooting
  • Security
    • Back
    • Product Security Center
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • 한국어
    • 日本語
    • 中文 (中国)
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Search
  • Log In
  • Language
Or troubleshoot an issue.

Log in to Your Red Hat Account

Log In

Your Red Hat account gives you access to your profile, preferences, and services, depending on your status.

Register

If you are a new customer, register now for access to product evaluations and purchasing capabilities.

Need access to an account?

If your company has an existing Red Hat account, your organization administrator can grant you access.

If you have any questions, please contact customer service.

Red Hat Account Number:

Red Hat Account

  • Account Details
  • User Management
  • Account Maintenance
  • Account Team

Customer Portal

  • My Profile
  • Notifications
  • Help

For your security, if you’re on a public computer and have finished using your Red Hat services, please be sure to log out.

Log Out

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)
Red Hat Customer Portal Red Hat Customer Portal
  • Products & Services
  • Tools
  • Security
  • Community
  • Infrastructure and Management

  • Cloud Computing

  • Storage

  • Runtimes

  • Integration and Automation

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS
  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat Openshift Container Storage
  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus
  • Red Hat CodeReady Studio
  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
View All Products
  • Support
  • Production Support
  • Development Support
  • Product Life Cycles

Services

  • Consulting
  • Technical Account Management
  • Training & Certifications
  • Documentation
  • Red Hat Enterprise Linux
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Ecosystem Catalog
  • Red Hat in the Public Cloud
  • Partner Resources

Tools

  • Troubleshoot a product issue
  • Packages
  • Errata
  • Customer Portal Labs
  • Configuration
  • Deployment
  • Security
  • Troubleshooting

Red Hat Insights

Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

  • Learn more
  • Go to Insights

Red Hat Product Security Center

Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

Product Security Center

Security Updates

  • Security Advisories
  • Red Hat CVE Database
  • Security Labs

Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

  • View Responses

Resources

  • Overview
  • Security Blog
  • Security Measurement
  • Severity Ratings
  • Backporting Policies
  • Product Signing (GPG) Keys

Customer Portal Community

  • Discussions
  • Blogs
  • Private Groups
  • Community Activity

Customer Events

  • Red Hat Convergence
  • Red Hat Summit

Stories

  • Red Hat Subscription Value
  • You Asked. We Acted.
  • Open Source Communities
Red Hat Product Errata RHSA-2016:2915 - Security Advisory
Issued:
2016-12-07
Updated:
2016-12-07

RHSA-2016:2915 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: atomic-openshift security and bug fix update

Type/Severity

Security Advisory: Important

Topic

An update for atomic-openshift is now available for Red Hat OpenShift
Container Platform 3.1, 3.2, and 3.3.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is the company's cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or private
cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container
Platform releases 3.3.1.7, 3.2.1.21, and 3.1.1.10. See the following
advisory for the container images for these releases:

https://access.redhat.com/errata/RHBA-2016:2916

Security Fix(es):

  • An input validation flaw was found in the way OpenShift handles requests

for images. A user, with a copy of the manifest associated with an image,
can pull an image even if they do not have access to the image normally,
resulting in the disclosure of any information contained within the image.
(CVE-2016-8651)

Bug Fix(es) for OpenShift Container Platform 3.3:

  • Previously when rapidly updating multiple namespaces

controlled by a single ClusterResourceQuota, the status.total.used can get
out of sync with the sum of the status.namespaces[*].used. This bug fix
ensures the ClusterResourceQuota objects are properly updated. (BZ#1400200)

  • When using the `oc new-app --search` command in an environment where

OpenShift Container Platform (OCP) could not reach Docker Hub, the command
failed for any query. OCP now prints a warning and continues with what was
found in other sources. (BZ#1388524)

  • The OpenShift Container Platform node daemon did not recover properly

from restarts, and it lost information about attached and mounted volumes.
In rare cases, the daemon deleted all data on a mounted volume, thinking
that it has been already unmounted while it was only missing its node's
cache. This bug fix ensures node caches are recovered after restarts, and
as a result no data loss occurs on the mounted volumes. (BZ#1398417)

  • Previously, ScheduledJobs were not cleaned up on project deletion. If a

new project was created with the same project name, the previously-defined
ScheduledJobs would re-appear. This bug fix ensures ScheduledJobs are
removed when a project is removed. (BZ#1399700)

Bug Fix(es) for OpenShift Container Platform 3.2:

  • When using the `oc new-app --search` command in an environment where

OpenShift Container Platform (OCP) could not reach Docker Hub, the command
failed for any query. OCP now prints a warning and continues with what was
found in other sources. (BZ#1388522)

All OpenShift Container Platform users are advised to upgrade to these
updated packages and images.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To apply this update, see the following cluster upgrade documentation that
relates to your installed version of OpenShift Container Platform.

For OpenShift Container Platform 3.3:

https://docs.openshift.com/container-platform/3.3/install_config/upgrading/automated_upgrades.html#upgrading-to-ocp-3-3-asynchronous-releases

For OpenShift Container Platform 3.2:

https://docs.openshift.com/enterprise/3.2/install_config/upgrading/automated_upgrades.html#upgrading-to-openshift-enterprise-3-2-asynchronous-releases

For OpenShift Container Platform 3.1:

https://docs.openshift.com/enterprise/3.1/install_config/upgrading/automated_upgrades.html#upgrading-to-openshift-enterprise-3-1-asynchronous-releases

Affected Products

  • Red Hat OpenShift Container Platform 3.3 x86_64
  • Red Hat OpenShift Container Platform 3.1 x86_64

Fixes

  • BZ - 1388522 - [backport] (3.2) Failed to "oc new-app --search" at the offline environment disconnected to the Internet
  • BZ - 1388524 - [backport] (3.3) Failed to "oc new-app --search" at the offline environment disconnected to the Internet
  • BZ - 1397987 - CVE-2016-8651 OpenShift Enterprise 3: Pulling of any image is possible with it manifest
  • BZ - 1398417 - Data from persistent volumes is wiped after a node service restart
  • BZ - 1399700 - Scheduledjob not deleted when project has been deleted
  • BZ - 1400200 - ClusterResourceQuota status total doesn't match sum of namespaces

CVEs

  • CVE-2016-8651

References

  • https://access.redhat.com/security/updates/classification/#important
  • Note: More recent versions of these packages may be available. Click a package name for more details.

    Red Hat OpenShift Container Platform 3.3

    SRPM
    atomic-openshift-3.3.1.7-1.git.0.0988966.el7.src.rpm SHA-256: 431bce991887a1ccfe3bbf2b633771bc0842718b0912e49831c55b48570a12dd
    x86_64
    atomic-openshift-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm SHA-256: 368424e294a567c16263668af8f4f14462a424206eea5c28eaf49e2a3958a0d0
    atomic-openshift-clients-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm SHA-256: 2cc6e36f28d846e51584db94f97df3d66196b44c406c04c14f1ae99993c6fc61
    atomic-openshift-clients-redistributable-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm SHA-256: 40e1d8281e77fc6813fb96abcb790cb214dfaac4d2832bed390b62ac1abcb080
    atomic-openshift-docker-excluder-3.3.1.7-1.git.0.0988966.el7.noarch.rpm SHA-256: f7e60ec48049265fdd8586b7c903d60f9a35b23b37591916a847f037cca91036
    atomic-openshift-dockerregistry-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm SHA-256: 2746f08797d81b931b45bad1df1d07560c120d410efd67cf231c6c890b769024
    atomic-openshift-excluder-3.3.1.7-1.git.0.0988966.el7.noarch.rpm SHA-256: 6f4fb9963fa168de004c1964da1dd102bc827be7c739f773cc00bcf181955545
    atomic-openshift-master-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm SHA-256: 4a4d8c9579232d38c2b5e33e50f40223b76c069f51c023957f109914a1783559
    atomic-openshift-node-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm SHA-256: 194be3eeea7cf9fb4c8e307d58b301309e7d4cc15320608bfedde6615ab8c973
    atomic-openshift-pod-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm SHA-256: 26574191bae75d8144fc189e1ef6dd566fafbd90f74b0418d7df21db450838ea
    atomic-openshift-sdn-ovs-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm SHA-256: 3c99d5e31a8c2f66df5f5e04b16c247286518adfb97648864faaa917699d43f4
    atomic-openshift-tests-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm SHA-256: 23b4e216296443c96455a3a61b6a757ce5de80d5aa54290d874acf6a98e056b6
    tuned-profiles-atomic-openshift-node-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm SHA-256: 7c0b7d4fca28f9b3fb68c7b3bc281faa17646284d0716b2693f6a04dea120517

    Red Hat OpenShift Container Platform 3.2

    SRPM
    atomic-openshift-3.2.1.21-1.git.0.4250771.el7.src.rpm SHA-256: da003316d2c17effa4c637bc576495cd67d5920de9013a9844124a4af7cd32e6
    x86_64

    Red Hat OpenShift Container Platform 3.1

    SRPM
    atomic-openshift-3.1.1.10-1.git.0.efeef8d.el7aos.src.rpm SHA-256: ac77288bfd3f81b3411a5c708cbde719c5b56b225b873445b4da6d90d3c086a5
    x86_64
    atomic-openshift-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm SHA-256: 45eacf89c4ed6b87f93a90c53ab228458c0f9627025b01f8d7a9f00d1dcc54fe
    atomic-openshift-clients-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm SHA-256: 7b4034de0bc0342adf26701d34d3720ff5ff6378ec945e2df8ef359bf463a4f6
    atomic-openshift-clients-redistributable-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm SHA-256: 5755347f9958b9406e6163715604fe4e335f2fb0048e626dc17b86a1cec2d056
    atomic-openshift-docker-excluder-3.1.1.10-1.git.0.efeef8d.el7aos.noarch.rpm SHA-256: 5b0157881518ab5827f25ca6a67731172ce7f83738b5ec43536740aec1a1aa67
    atomic-openshift-dockerregistry-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm SHA-256: dd2099d20afd68b70a4d83b7e53a43938d0ffef5e284a4b0602044da94d0bf25
    atomic-openshift-excluder-3.1.1.10-1.git.0.efeef8d.el7aos.noarch.rpm SHA-256: a86646e8deda4f06f96719375ed8cb346492a557863273efc92ba37bc8dad2a1
    atomic-openshift-master-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm SHA-256: 11f80422628a0ef4de37afd26b17ade94935aaf78a9d99e8d552c8618389faf7
    atomic-openshift-node-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm SHA-256: 91c91ccce0b773a0eeb35571284becbbceb54aa8de722e65f151e18ea266aaa4
    atomic-openshift-pod-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm SHA-256: 7be160b2b4eff682c38129efafcd6bd6df262f01ca96ff8a2a4873ba5d05c1fb
    atomic-openshift-recycle-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm SHA-256: b09a75fe99e7813220be337025085b5fadde683b80722fa7bf93e423597d9c16
    atomic-openshift-sdn-ovs-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm SHA-256: 4231ebb02f1f7d50f08c9f03480ea8f143df7513284216d1eeedc04642262238
    tuned-profiles-atomic-openshift-node-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm SHA-256: 9d4702907497b6af6033587dc2b3980573fe26cccc873a61030c0588f9495d1a

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

    Red Hat

    Quick Links

    • Downloads
    • Subscriptions
    • Support Cases
    • Customer Service
    • Product Documentation

    Help

    • Contact Us
    • Customer Portal FAQ
    • Log-in Assistance

    Site Info

    • Trust Red Hat
    • Browser Support Policy
    • Accessibility
    • Awards and Recognition
    • Colophon

    Related Sites

    • redhat.com
    • openshift.com
    • developers.redhat.com
    • connect.redhat.com
    • cloud.redhat.com

    About

    • Red Hat Subscription Value
    • About Red Hat
    • Red Hat Jobs
    Copyright © 2021 Red Hat, Inc.
    • Privacy Statement
    • Customer Portal Terms of Use
    • All Policies and Guidelines
    Red Hat Summit
    Twitter Facebook