Issued:: 2018-04-30
Updated:: 2018-04-30

RHSA-2018:1237 - Security Advisory

Overview
Updated Packages

Synopsis

Critical: OpenShift Container Platform 3.4 security update

Type/Severity

Security Advisory: Critical

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat OpenShift Container Platform 3.4.

Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.

This advisory contains RPM packages for this release. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHBA-2018:1236

Security Fix(es):

source-to-image: Improper path sanitization in ExtractTarStreamFromTarReader in tar/tar.go (CVE-2018-1102)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat OpenShift Container Platform 3.4 x86_64

Fixes

BZ - 1552613 - Failed to start pods consuming Config Maps as volumes at OCP 3.4.1.44.38
BZ - 1562246 - CVE-2018-1102 source-to-image: Improper path sanitization in ExtractTarStreamFromTarReader in tar/tar.go

CVEs

CVE-2018-1102

References

https://access.redhat.com/security/updates/classification/#critical

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenShift Container Platform 3.4

SRPM
atomic-openshift-3.4.1.44.53-1.git.0.d7eb028.el7.src.rpm	SHA-256: f94715cc9f2e09f2468b68f724d5fa8116aa4f6da2ac64791209537072254e2e
openshift-ansible-3.4.168-1.git.0.bb73aad.el7.src.rpm	SHA-256: da23d9d2cab170046ba9b5bf0b6fcce7f4ba7d57ca1b33730bd47ffc4d7a833b
python-ruamel-yaml-0.12.14-9.el7.src.rpm	SHA-256: 205dbdf62ac4bb0a191e2ab43eaffe9bc9d0f51a18ac8a163cb482c6c6315e4c
x86_64
atomic-openshift-3.4.1.44.53-1.git.0.d7eb028.el7.x86_64.rpm	SHA-256: 329978f4c838fcb9e224ab85a7f0d1042ed69f7b8c494a6d3bd10f58fc4ce421
atomic-openshift-clients-3.4.1.44.53-1.git.0.d7eb028.el7.x86_64.rpm	SHA-256: 8fedc531594378e5df2df97860744383dc9e412b5f288dd644d34541edb94d10
atomic-openshift-clients-redistributable-3.4.1.44.53-1.git.0.d7eb028.el7.x86_64.rpm	SHA-256: ed2c7148eb65465b0b6d5a46f78c02555c4d2e0cddc0a891c545fc7481880bcd
atomic-openshift-docker-excluder-3.4.1.44.53-1.git.0.d7eb028.el7.noarch.rpm	SHA-256: d048ed9c1f35d6af0509c66cbc0fb9d06c0e927d9ee08845c5a7873fb2328e44
atomic-openshift-dockerregistry-3.4.1.44.53-1.git.0.d7eb028.el7.x86_64.rpm	SHA-256: 377df6065f7b184b443fd9d4f0bdf7da43cd79aeeb805d6a147872438f4bcec3
atomic-openshift-excluder-3.4.1.44.53-1.git.0.d7eb028.el7.noarch.rpm	SHA-256: 7ced21d5542c3654e4c417256d8e86a2ba28a9e30869f1dfb74f47567df332b1
atomic-openshift-master-3.4.1.44.53-1.git.0.d7eb028.el7.x86_64.rpm	SHA-256: 30b9e666ec896c0ebf2bf87d7d36c70e42ef8d23b96ec3db51b1747790e133a0
atomic-openshift-node-3.4.1.44.53-1.git.0.d7eb028.el7.x86_64.rpm	SHA-256: 3afa1eb97310a9ad11eb328f92760718c82b711662e9a0fc0e028f1bdaf920bc
atomic-openshift-pod-3.4.1.44.53-1.git.0.d7eb028.el7.x86_64.rpm	SHA-256: 737a6c2a9e960cb2a14326931b7eaf04937a3e99e7a9ef831401507eaa859956
atomic-openshift-sdn-ovs-3.4.1.44.53-1.git.0.d7eb028.el7.x86_64.rpm	SHA-256: 79d61a5d6bd540e290c954ed977913bcbad061893dadc3f87a9eac5e1d18c7e4
atomic-openshift-tests-3.4.1.44.53-1.git.0.d7eb028.el7.x86_64.rpm	SHA-256: df5be273bfae5606bf9452a30037f7e74989aef855a72d2efbd54d9eb4be73a9
atomic-openshift-utils-3.4.168-1.git.0.bb73aad.el7.noarch.rpm	SHA-256: 9c319b57cc58aa38b4255fad426594c6830e6a932d97ca441c616dee4d87db80
openshift-ansible-3.4.168-1.git.0.bb73aad.el7.noarch.rpm	SHA-256: 848623868f2d26bc54f758774aac12f4b5338876ba0a5cc3e3a89ce4a4e7698a
openshift-ansible-callback-plugins-3.4.168-1.git.0.bb73aad.el7.noarch.rpm	SHA-256: c4f458b1d072c0b0721b8aa8cfa2a7e8ac329148381cc5156a38aa1748ff8441
openshift-ansible-docs-3.4.168-1.git.0.bb73aad.el7.noarch.rpm	SHA-256: ef8d8f17459bc168dddf7e1a92d70ec4f3b793e8b0d29960555881328f2660dc
openshift-ansible-filter-plugins-3.4.168-1.git.0.bb73aad.el7.noarch.rpm	SHA-256: 0f3068ad3892aa1f938600926af057018d7cff2521c2a1efee79ffc583a85ff1
openshift-ansible-lookup-plugins-3.4.168-1.git.0.bb73aad.el7.noarch.rpm	SHA-256: ae3b4c72136685293676e1cebe26c70a77db1dc32ee6e5348ebede0dfe2c9b85
openshift-ansible-playbooks-3.4.168-1.git.0.bb73aad.el7.noarch.rpm	SHA-256: 9631b95568163ed1f2a3ee8ec68fb8aecf65f6cf35e2a079659e6715fa2d69da
openshift-ansible-roles-3.4.168-1.git.0.bb73aad.el7.noarch.rpm	SHA-256: d5783af1a44a4ede87670bf3537a4c58169290ce24a756b2885d54ade995cd2c
python-ruamel-yaml-debuginfo-0.12.14-9.el7.x86_64.rpm	SHA-256: 5eb059b62ef50784dc0af4fd9b7eaaeb2862f88f597f7d8ea792f10e6be6bbf6
python2-ruamel-yaml-0.12.14-9.el7.x86_64.rpm	SHA-256: afcb3c4904b0319ff89969fee070d1d7843237a5f5691caef47ebfe2933cda87
tuned-profiles-atomic-openshift-node-3.4.1.44.53-1.git.0.d7eb028.el7.x86_64.rpm	SHA-256: a6f12a5a81bbe10133a8fe1193b92a3644b4dbeb1495fbd267c8240b75e115b5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation