Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2020:5260 - Security Advisory
Issued:
2020-12-14
Updated:
2020-12-14

RHSA-2020:5260 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: OpenShift Container Platform 4.6.8 security and packages update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 4.6.8 is now available with updates to packages and images that fix several bugs.

An update for ironic-images, openshift, openshift-ansible, openshift-clients, and python-eventlet, cri-o, openshift-kuryr, python-pyroute2 is now available for Red Hat OpenShift Container Platform 4.6. This release also includes a security update for for Red Hat OpenShift Container Platform 4.6.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private cloud deployments.

Security Fix(es):

  • kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider (CVE-2020-8563)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.8. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHSA-2020:5259

All OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.

Solution

For OpenShift Container Platform 4.6 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.

Affected Products

  • Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.6 for RHEL 7 x86_64
  • Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8 s390x

Fixes

  • BZ - 1886635 - CVE-2020-8563 kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider
  • BZ - 1902559 - Placeholder bug for OCP 4.6.0 rpm release

CVEs

  • CVE-2020-8563

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenShift Container Platform 4.6 for RHEL 8

SRPM
cri-o-1.19.0-26.rhaos4.6.git8a05a29.el8.src.rpm SHA-256: b36782db74b7d2e2f9b5f392c0ba1da78c4448148d718a56b14c1f4e7822a102
ironic-images-15.1-20201201.1.el8.src.rpm SHA-256: 8ab9f2df9694d3c94a0ea0a2e4101bcdaf972d1764d3db486c6a71a4c61119e8
openshift-4.6.0-202012051246.p0.git.94231.efc9027.el8.src.rpm SHA-256: 9da6b411c523c14cd800e1f64f8913e56739d17cc7ddccd6f69b6cf42664846b
openshift-clients-4.6.0-202011260456.p0.git.3798.fcf58ff.el8.src.rpm SHA-256: c8de828cc4cce3ddc9357d7a5be7cd57e1fd03f6d1d2c42e5741d259b544e06b
openshift-kuryr-4.6.0-202012042155.p0.git.2216.8a6f6a5.el8.src.rpm SHA-256: db92c0e5ad18b25cee3bd8551170da147c94bb7a7e750b6b28bb454dd676cd0c
python-eventlet-0.25.2-3.el8ost.src.rpm SHA-256: 02200e19b9f2a930f93cb36fc5c066436f94ddbed795b315672d7b0bc95ba516
python-pyroute2-0.5.13-1.el8ost.src.rpm SHA-256: 7c4b507618ceb41600edde3dfa19160ead4e9bd5826a24737747574b0df0a096
x86_64
cri-o-1.19.0-26.rhaos4.6.git8a05a29.el8.x86_64.rpm SHA-256: a2dc7411346891c914945bc0fc1d473fc1467fc3a2aa9a2d948185dd56410599
cri-o-debuginfo-1.19.0-26.rhaos4.6.git8a05a29.el8.x86_64.rpm SHA-256: 97d10992fe75ab883c551a7ba6ea8ca27e35619a9decaa831778ceba1351195b
cri-o-debugsource-1.19.0-26.rhaos4.6.git8a05a29.el8.x86_64.rpm SHA-256: a4ef7360e92109cc96c047ff715d5bd267e1207defd9ee2bdd5f6597122e1a28
ironic-images-15.1-20201201.1.el8.noarch.rpm SHA-256: af2720bd8f9b07108767bf30964d61b0609b0dcb3cc0b9c9d73adfe5c6ca7db2
ironic-images-all-15.1-20201201.1.el8.noarch.rpm SHA-256: b9fb38027e5d6bcff5dc9c888e866ff3a89084ae20b405691d35edd6a64b47b9
ironic-images-ipa-ppc64le-15.1-20201201.1.el8.noarch.rpm SHA-256: 3cce1bd2f3560e11c4d0a7d8cb5a0d9dc1eebe60e5042d7ae39b96b434ce140a
ironic-images-ipa-x86_64-15.1-20201201.1.el8.noarch.rpm SHA-256: a604401f870b0643e88754c464ef2b00ccdfeb86cdc808255c2a411aa9c662e1
openshift-clients-4.6.0-202011260456.p0.git.3798.fcf58ff.el8.x86_64.rpm SHA-256: 9cd1007081ae5e01052d6cc5bab99fae5e4eb7ee4fb2c6b827e44b10198824e9
openshift-clients-redistributable-4.6.0-202011260456.p0.git.3798.fcf58ff.el8.x86_64.rpm SHA-256: fe3f7d964156cc52dabed8af6eb835b1c6fc176111d1b80731ea1e97d64ffcc0
openshift-hyperkube-4.6.0-202012051246.p0.git.94231.efc9027.el8.x86_64.rpm SHA-256: 150f9653e3d5679e53da8eb30651338fe58b955e7f971f9df6a3fa37b27a206d
openshift-kuryr-cni-4.6.0-202012042155.p0.git.2216.8a6f6a5.el8.noarch.rpm SHA-256: ce05aefeea0439550730b7068d0e6f6534fab883b888814b450da598909fdde9
openshift-kuryr-common-4.6.0-202012042155.p0.git.2216.8a6f6a5.el8.noarch.rpm SHA-256: f6954d927a5bfcf836acfb07dfd0f7af8d42f0a37f8d32c780989be801134ee6
openshift-kuryr-controller-4.6.0-202012042155.p0.git.2216.8a6f6a5.el8.noarch.rpm SHA-256: 4ca4b90b23499ebc2b68ba9bfe288e87d3ed08776c66dbb4638d5659c5018a1a
python3-eventlet-0.25.2-3.el8ost.noarch.rpm SHA-256: b287cbc64bf2603d4fc9b3803a4105c11a18a8a457a2ef228d407553725b7004
python3-kuryr-kubernetes-4.6.0-202012042155.p0.git.2216.8a6f6a5.el8.noarch.rpm SHA-256: 59d5c07f80765eb45222ba4eb54fe1dd2ff4f58e986db5fd17975a9092d11a8a
python3-pyroute2-0.5.13-1.el8ost.noarch.rpm SHA-256: eaef759cc12b9b024d3d67cd3a5a53651d967523824b4d988f53d684a896dd25

Red Hat OpenShift Container Platform 4.6 for RHEL 7

SRPM
openshift-4.6.0-202012051246.p0.git.94231.efc9027.el7.src.rpm SHA-256: ef5c4ffff69a2537f66743bac77828e9bc430e6a0f4cf51e6c5a6d94c2b572ad
openshift-ansible-4.6.0-202011260456.p0.git.0.e7caea2.el7.src.rpm SHA-256: 02bd352114d2ba92759e62572af13004d1b5b8581b6cb417b9cd55b1a2ce00a4
openshift-clients-4.6.0-202011260456.p0.git.3798.fcf58ff.el7.src.rpm SHA-256: be026f2a0136485e00c17c35ef5893e6fd8dfee8a762345e6e60891038ec58ce
x86_64
openshift-ansible-4.6.0-202011260456.p0.git.0.e7caea2.el7.noarch.rpm SHA-256: f52c98fee4d10433a6db9cd276837b998e87a856153e2424b74aac1d3e813262
openshift-ansible-test-4.6.0-202011260456.p0.git.0.e7caea2.el7.noarch.rpm SHA-256: 4cf2dafc6f8df71517e07f336c31616ae56483d65f6b52a011805017b0f79bf6
openshift-clients-4.6.0-202011260456.p0.git.3798.fcf58ff.el7.x86_64.rpm SHA-256: 343647a2c621809bfa4e65ff51fe909b5d3ce6778e547f53c9208d4f797de66b
openshift-clients-redistributable-4.6.0-202011260456.p0.git.3798.fcf58ff.el7.x86_64.rpm SHA-256: 8cc667faea564bdc471250d9161039148e917234b38f62439518bf3e7113cadc
openshift-hyperkube-4.6.0-202012051246.p0.git.94231.efc9027.el7.x86_64.rpm SHA-256: e7410d7692057082d5c4fb57387dd0e718b39adf5356c80d94165f38fc8132a7

Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8

SRPM
cri-o-1.19.0-26.rhaos4.6.git8a05a29.el8.src.rpm SHA-256: b36782db74b7d2e2f9b5f392c0ba1da78c4448148d718a56b14c1f4e7822a102
ironic-images-15.1-20201201.1.el8.src.rpm SHA-256: 8ab9f2df9694d3c94a0ea0a2e4101bcdaf972d1764d3db486c6a71a4c61119e8
openshift-4.6.0-202012051246.p0.git.94231.efc9027.el8.src.rpm SHA-256: 9da6b411c523c14cd800e1f64f8913e56739d17cc7ddccd6f69b6cf42664846b
openshift-clients-4.6.0-202011260456.p0.git.3798.fcf58ff.el8.src.rpm SHA-256: c8de828cc4cce3ddc9357d7a5be7cd57e1fd03f6d1d2c42e5741d259b544e06b
openshift-kuryr-4.6.0-202012042155.p0.git.2216.8a6f6a5.el8.src.rpm SHA-256: db92c0e5ad18b25cee3bd8551170da147c94bb7a7e750b6b28bb454dd676cd0c
python-pyroute2-0.5.13-1.el8ost.src.rpm SHA-256: 7c4b507618ceb41600edde3dfa19160ead4e9bd5826a24737747574b0df0a096
ppc64le
cri-o-1.19.0-26.rhaos4.6.git8a05a29.el8.ppc64le.rpm SHA-256: 728aed2713498ed2cd1fa3057b06691387dc81ad4641a334e345de3609c30fb7
cri-o-debuginfo-1.19.0-26.rhaos4.6.git8a05a29.el8.ppc64le.rpm SHA-256: e6b24f20f9afc744b36594e9a8f65b9c1aff444de5a8383c360012f0126b3caf
cri-o-debugsource-1.19.0-26.rhaos4.6.git8a05a29.el8.ppc64le.rpm SHA-256: 8d7d8c97bb83a51a9d0d663756f7d78b02b70e3d548e92bcaea4d94dd2e9136c
ironic-images-15.1-20201201.1.el8.noarch.rpm SHA-256: af2720bd8f9b07108767bf30964d61b0609b0dcb3cc0b9c9d73adfe5c6ca7db2
ironic-images-all-15.1-20201201.1.el8.noarch.rpm SHA-256: b9fb38027e5d6bcff5dc9c888e866ff3a89084ae20b405691d35edd6a64b47b9
ironic-images-ipa-ppc64le-15.1-20201201.1.el8.noarch.rpm SHA-256: 3cce1bd2f3560e11c4d0a7d8cb5a0d9dc1eebe60e5042d7ae39b96b434ce140a
ironic-images-ipa-x86_64-15.1-20201201.1.el8.noarch.rpm SHA-256: a604401f870b0643e88754c464ef2b00ccdfeb86cdc808255c2a411aa9c662e1
openshift-clients-4.6.0-202011260456.p0.git.3798.fcf58ff.el8.ppc64le.rpm SHA-256: c7da1c84e2fb65992282fdbd4e8e53eace6e69c0403dfe8b7d0417b411a079fa
openshift-hyperkube-4.6.0-202012051246.p0.git.94231.efc9027.el8.ppc64le.rpm SHA-256: 8cca6d4dbcf26c44cce8c43b1e40d4bb6975658757ac2a65e1784a900165624f
openshift-kuryr-cni-4.6.0-202012042155.p0.git.2216.8a6f6a5.el8.noarch.rpm SHA-256: ce05aefeea0439550730b7068d0e6f6534fab883b888814b450da598909fdde9
openshift-kuryr-common-4.6.0-202012042155.p0.git.2216.8a6f6a5.el8.noarch.rpm SHA-256: f6954d927a5bfcf836acfb07dfd0f7af8d42f0a37f8d32c780989be801134ee6
openshift-kuryr-controller-4.6.0-202012042155.p0.git.2216.8a6f6a5.el8.noarch.rpm SHA-256: 4ca4b90b23499ebc2b68ba9bfe288e87d3ed08776c66dbb4638d5659c5018a1a
python3-kuryr-kubernetes-4.6.0-202012042155.p0.git.2216.8a6f6a5.el8.noarch.rpm SHA-256: 59d5c07f80765eb45222ba4eb54fe1dd2ff4f58e986db5fd17975a9092d11a8a
python3-pyroute2-0.5.13-1.el8ost.noarch.rpm SHA-256: eaef759cc12b9b024d3d67cd3a5a53651d967523824b4d988f53d684a896dd25

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8

SRPM
cri-o-1.19.0-26.rhaos4.6.git8a05a29.el8.src.rpm SHA-256: b36782db74b7d2e2f9b5f392c0ba1da78c4448148d718a56b14c1f4e7822a102
ironic-images-15.1-20201201.1.el8.src.rpm SHA-256: 8ab9f2df9694d3c94a0ea0a2e4101bcdaf972d1764d3db486c6a71a4c61119e8
openshift-4.6.0-202012051246.p0.git.94231.efc9027.el8.src.rpm SHA-256: 9da6b411c523c14cd800e1f64f8913e56739d17cc7ddccd6f69b6cf42664846b
openshift-clients-4.6.0-202011260456.p0.git.3798.fcf58ff.el8.src.rpm SHA-256: c8de828cc4cce3ddc9357d7a5be7cd57e1fd03f6d1d2c42e5741d259b544e06b
openshift-kuryr-4.6.0-202012042155.p0.git.2216.8a6f6a5.el8.src.rpm SHA-256: db92c0e5ad18b25cee3bd8551170da147c94bb7a7e750b6b28bb454dd676cd0c
python-pyroute2-0.5.13-1.el8ost.src.rpm SHA-256: 7c4b507618ceb41600edde3dfa19160ead4e9bd5826a24737747574b0df0a096
s390x
cri-o-1.19.0-26.rhaos4.6.git8a05a29.el8.s390x.rpm SHA-256: 874be865aa45c09b2dbe9644c50889289321d20dd7948cfd2a1ad9a778876354
cri-o-debuginfo-1.19.0-26.rhaos4.6.git8a05a29.el8.s390x.rpm SHA-256: eb595c94e69072be3b0141ade021174b023fd89d30d5dccd25903e1f3de5341f
cri-o-debugsource-1.19.0-26.rhaos4.6.git8a05a29.el8.s390x.rpm SHA-256: bae7ccc03f37840446686fe5a0200e806592be46872428c3fd1469d1baeb3419
ironic-images-15.1-20201201.1.el8.noarch.rpm SHA-256: af2720bd8f9b07108767bf30964d61b0609b0dcb3cc0b9c9d73adfe5c6ca7db2
ironic-images-all-15.1-20201201.1.el8.noarch.rpm SHA-256: b9fb38027e5d6bcff5dc9c888e866ff3a89084ae20b405691d35edd6a64b47b9
ironic-images-ipa-ppc64le-15.1-20201201.1.el8.noarch.rpm SHA-256: 3cce1bd2f3560e11c4d0a7d8cb5a0d9dc1eebe60e5042d7ae39b96b434ce140a
ironic-images-ipa-x86_64-15.1-20201201.1.el8.noarch.rpm SHA-256: a604401f870b0643e88754c464ef2b00ccdfeb86cdc808255c2a411aa9c662e1
openshift-clients-4.6.0-202011260456.p0.git.3798.fcf58ff.el8.s390x.rpm SHA-256: fe62ed41cc90316b79268ec73517412281f55963af9c67733b32d0fc5a6122c8
openshift-hyperkube-4.6.0-202012051246.p0.git.94231.efc9027.el8.s390x.rpm SHA-256: 4a4edf2e013d3f6896ea32a9883e106f69251772d94acc173fd02cd8291e25ef
openshift-kuryr-cni-4.6.0-202012042155.p0.git.2216.8a6f6a5.el8.noarch.rpm SHA-256: ce05aefeea0439550730b7068d0e6f6534fab883b888814b450da598909fdde9
openshift-kuryr-common-4.6.0-202012042155.p0.git.2216.8a6f6a5.el8.noarch.rpm SHA-256: f6954d927a5bfcf836acfb07dfd0f7af8d42f0a37f8d32c780989be801134ee6
openshift-kuryr-controller-4.6.0-202012042155.p0.git.2216.8a6f6a5.el8.noarch.rpm SHA-256: 4ca4b90b23499ebc2b68ba9bfe288e87d3ed08776c66dbb4638d5659c5018a1a
python3-kuryr-kubernetes-4.6.0-202012042155.p0.git.2216.8a6f6a5.el8.noarch.rpm SHA-256: 59d5c07f80765eb45222ba4eb54fe1dd2ff4f58e986db5fd17975a9092d11a8a
python3-pyroute2-0.5.13-1.el8ost.noarch.rpm SHA-256: eaef759cc12b9b024d3d67cd3a5a53651d967523824b4d988f53d684a896dd25

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter