Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2021:0172 - Security Advisory
Issued:
2021-01-25
Updated:
2021-01-25

RHSA-2021:0172 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: OpenShift Container Platform 4.6.13 packages and security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 4.6.13 is now available with updates to packages and images that fix several bugs.

A security update for cri-o, openshift, openshift-clients, openshift-kuryr, and skopeo is now also available for Red Hat OpenShift Container Platform 4.6.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

Security Fix(es):

  • kubernetes: Docker config secrets leaked when file is malformed and loglevel >= 4 (CVE-2020-8564)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.6.13. See the following advisory for the container images for
this release:

https://access.redhat.com/errata/RHSA-2021:0171

All OpenShift Container Platform 4.6 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.

Solution

For OpenShift Container Platform 4.6 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.

Affected Products

  • Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.6 for RHEL 7 x86_64
  • Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8 s390x

Fixes

  • BZ - 1886637 - CVE-2020-8564 kubernetes: Docker config secrets leaked when file is malformed and loglevel >= 4
  • BZ - 1917413 - Placeholder bug for OCP 4.6.0 rpm release

CVEs

  • CVE-2020-8564
  • CVE-2020-15586
  • CVE-2020-16845
  • CVE-2020-28362

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenShift Container Platform 4.6 for RHEL 8

SRPM
cri-o-1.19.1-4.rhaos4.6.git3846aab.el8.src.rpm SHA-256: f3bcaccbd505d823e476327e780c832b8c2839e54f665123b640ff9bb98e80e1
openshift-4.6.0-202101160934.p0.git.94242.fc5242e.el8.src.rpm SHA-256: 1d044c97b074553e549f60bafb79f72eee6c39d3fb2119703dc9c5a42c9843a7
openshift-clients-4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src.rpm SHA-256: 7b82cd6874cb9cfc83b9a0d6534cfe6e4034b6b4afd135356b8a59e1b17b384f
openshift-kuryr-4.6.0-202101151835.p0.git.2220.40847e5.el8.src.rpm SHA-256: 3131bb0d2bd3ff038dfce533ec118a0c062f6ec28d2ec494bf16f28db0a7a933
skopeo-1.1.1-3.rhaos4.6.el8.src.rpm SHA-256: db0ceec50b7d707ce1aef4217acb0cf7bc7a4c33b2edc19a0871eb1c23b4ee73
x86_64
containers-common-1.1.1-3.rhaos4.6.el8.x86_64.rpm SHA-256: 0533e0282c341a1574c981bcfa2fd884e2cfaa83bc4cd894f75ad71fa58ad55b
cri-o-1.19.1-4.rhaos4.6.git3846aab.el8.x86_64.rpm SHA-256: 0689f5ff431b37b63c300e94e04191af1f8b042d5cf7538067eda901f19ebd7a
cri-o-debuginfo-1.19.1-4.rhaos4.6.git3846aab.el8.x86_64.rpm SHA-256: 06b9db9a752256362a277f6ab43d5825a1226ab5bf4b15e06e89a60d48e5e0a9
cri-o-debugsource-1.19.1-4.rhaos4.6.git3846aab.el8.x86_64.rpm SHA-256: a5f952aa25fb65cc21f36ed119e6d6b77fa4996c43d223650744354e346c84a8
openshift-clients-4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64.rpm SHA-256: 4a346cdde70beb124340e9d3d323a7bf35bba84514d3656dacb852c32acff020
openshift-clients-redistributable-4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64.rpm SHA-256: 654bbdc1df8290ad97985b5246c08686ddd1301217a04207ca8950aa403748ca
openshift-hyperkube-4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64.rpm SHA-256: 1f51969b438d5268dfa33b9ef473a710a9fa8ed8dd162baa2578ad4aa343bf6f
openshift-kuryr-cni-4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch.rpm SHA-256: 803bb2bc65513c43fa22cd69d31b0c4a802bd6115e5dc8e14ddbc3d4f47886b8
openshift-kuryr-common-4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch.rpm SHA-256: 6520a0ca7c7c954fc2c1ff601d942af848271b90c8553ed02318c2ea986dbc38
openshift-kuryr-controller-4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch.rpm SHA-256: d3ed2b0b12d82529d4ef3c02272f74a24e7168ad4108620f2a6052db336ae952
python3-kuryr-kubernetes-4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch.rpm SHA-256: 99e0aa38e56826019bdda8bd6ec77cfefe05ae13c47ce424ba34b99c9dfd471b
skopeo-1.1.1-3.rhaos4.6.el8.x86_64.rpm SHA-256: 7f5f3ea0cca7f05e886c04e825b21f789541575134b61e244553da6c281719dc
skopeo-debuginfo-1.1.1-3.rhaos4.6.el8.x86_64.rpm SHA-256: 7e18025d1a4e48b0f9f9f7170cbae5dfc3b9dd5f9f85346f8fc4e6ac3e1153b6
skopeo-debugsource-1.1.1-3.rhaos4.6.el8.x86_64.rpm SHA-256: 72c6b7ce2ddb7ba1f260f66a4c4e9002a16f0e51770ebc4ceae99d40e4beec63
skopeo-tests-1.1.1-3.rhaos4.6.el8.x86_64.rpm SHA-256: 355ce242aeadeb2cb4b1ea1faf9c253e19f72cb2dc08eec82c6979559f4f7d04

Red Hat OpenShift Container Platform 4.6 for RHEL 7

SRPM
openshift-4.6.0-202101160934.p0.git.94242.fc5242e.el7.src.rpm SHA-256: b8ef2a66b5ea88e73b6d5da73da45aa76dc39b5e23809acc772151533d5e63a4
openshift-clients-4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src.rpm SHA-256: b333f70b42cd0be0f45df33415c9cdfd27a1a3b87ba4710ff4d31bcf0209d83f
x86_64
openshift-clients-4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64.rpm SHA-256: f86a94a5a690ff65b21ab18da01807a52722a1f46f2509c8908107f3eedb75db
openshift-clients-redistributable-4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64.rpm SHA-256: bd0ef8ab3a96acab9b9b80dd8e7138141996456ba5e7830bfe4ccada7f1eaf35
openshift-hyperkube-4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64.rpm SHA-256: d49810e5e79cbeabbbd7cfda35654dda4fea607976088c20f1587d082193459a

Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8

SRPM
cri-o-1.19.1-4.rhaos4.6.git3846aab.el8.src.rpm SHA-256: f3bcaccbd505d823e476327e780c832b8c2839e54f665123b640ff9bb98e80e1
openshift-4.6.0-202101160934.p0.git.94242.fc5242e.el8.src.rpm SHA-256: 1d044c97b074553e549f60bafb79f72eee6c39d3fb2119703dc9c5a42c9843a7
openshift-clients-4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src.rpm SHA-256: 7b82cd6874cb9cfc83b9a0d6534cfe6e4034b6b4afd135356b8a59e1b17b384f
openshift-kuryr-4.6.0-202101151835.p0.git.2220.40847e5.el8.src.rpm SHA-256: 3131bb0d2bd3ff038dfce533ec118a0c062f6ec28d2ec494bf16f28db0a7a933
skopeo-1.1.1-3.rhaos4.6.el8.src.rpm SHA-256: db0ceec50b7d707ce1aef4217acb0cf7bc7a4c33b2edc19a0871eb1c23b4ee73
ppc64le
containers-common-1.1.1-3.rhaos4.6.el8.ppc64le.rpm SHA-256: ccd060e735958e13483ef5d92402593d2efcac4d9ef5de72e1a163fafe460b2d
cri-o-1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le.rpm SHA-256: 466a84738d63cbf4aee907aea6a0c36f1464ebb599fed4a7d131bb1721834337
cri-o-debuginfo-1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le.rpm SHA-256: d999d8287cffed811c441b9d9656c31c9c6182e1dc76a599e75847c3e7d34c29
cri-o-debugsource-1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le.rpm SHA-256: 3c9680217b7017c0d282331c72487ea4857e425ca85b06913fe6a30e3b7f3449
openshift-clients-4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le.rpm SHA-256: ad6811f688314041d9b2deb597802364747653e47f31198fdf950c4e908dc81d
openshift-hyperkube-4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le.rpm SHA-256: 208d6489fd30e06fc182204b92da07920b3711eef6d154689eb55d0b2c0a7a27
openshift-kuryr-cni-4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch.rpm SHA-256: 803bb2bc65513c43fa22cd69d31b0c4a802bd6115e5dc8e14ddbc3d4f47886b8
openshift-kuryr-common-4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch.rpm SHA-256: 6520a0ca7c7c954fc2c1ff601d942af848271b90c8553ed02318c2ea986dbc38
openshift-kuryr-controller-4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch.rpm SHA-256: d3ed2b0b12d82529d4ef3c02272f74a24e7168ad4108620f2a6052db336ae952
python3-kuryr-kubernetes-4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch.rpm SHA-256: 99e0aa38e56826019bdda8bd6ec77cfefe05ae13c47ce424ba34b99c9dfd471b
skopeo-1.1.1-3.rhaos4.6.el8.ppc64le.rpm SHA-256: 65c64bed3909d1578fd4585e4ac3da96a5c35f157bb92139b6aec85cfbb11d70
skopeo-debuginfo-1.1.1-3.rhaos4.6.el8.ppc64le.rpm SHA-256: 0e08e10bd3798b291feed453c1034026c09f3422c8a9fe8f9d388e373e853e83
skopeo-debugsource-1.1.1-3.rhaos4.6.el8.ppc64le.rpm SHA-256: 60b8d9644a01dc49b45126f88dccbe8466c8c7cd0d5bba0364dd4f00f1fffdd9
skopeo-tests-1.1.1-3.rhaos4.6.el8.ppc64le.rpm SHA-256: 77589b75663ad9a9f5d31fddc7c3a1029935a2e3767d7bd12ed53181eb6bab99

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8

SRPM
cri-o-1.19.1-4.rhaos4.6.git3846aab.el8.src.rpm SHA-256: f3bcaccbd505d823e476327e780c832b8c2839e54f665123b640ff9bb98e80e1
openshift-4.6.0-202101160934.p0.git.94242.fc5242e.el8.src.rpm SHA-256: 1d044c97b074553e549f60bafb79f72eee6c39d3fb2119703dc9c5a42c9843a7
openshift-clients-4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src.rpm SHA-256: 7b82cd6874cb9cfc83b9a0d6534cfe6e4034b6b4afd135356b8a59e1b17b384f
openshift-kuryr-4.6.0-202101151835.p0.git.2220.40847e5.el8.src.rpm SHA-256: 3131bb0d2bd3ff038dfce533ec118a0c062f6ec28d2ec494bf16f28db0a7a933
skopeo-1.1.1-3.rhaos4.6.el8.src.rpm SHA-256: db0ceec50b7d707ce1aef4217acb0cf7bc7a4c33b2edc19a0871eb1c23b4ee73
s390x
containers-common-1.1.1-3.rhaos4.6.el8.s390x.rpm SHA-256: ad8ed977775932ba39a7986656cb3bef924a021b945882d304d706d023f23237
cri-o-1.19.1-4.rhaos4.6.git3846aab.el8.s390x.rpm SHA-256: 3cb86dc77127c7353a76f03ee3b0cf5640b9aa863e99318ee8bf077903a60e6c
cri-o-debuginfo-1.19.1-4.rhaos4.6.git3846aab.el8.s390x.rpm SHA-256: 9175389c0efdd0334a61295e78ae55e5775e9952d1d8f8a9a90e7786d9673c6d
cri-o-debugsource-1.19.1-4.rhaos4.6.git3846aab.el8.s390x.rpm SHA-256: 13e3689e1b285c271533c23c822799884e1c7eacd1ce383c73f4405b80cdd705
openshift-clients-4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x.rpm SHA-256: e56268182792fb380ea3c563db52015f86f44bfed6f1b7f434b8b51bc1232f29
openshift-hyperkube-4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x.rpm SHA-256: ab58b6302fd50a6ee50095c49abf4623dbf5ec7c279f9957bbcdd089f5545d34
openshift-kuryr-cni-4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch.rpm SHA-256: 803bb2bc65513c43fa22cd69d31b0c4a802bd6115e5dc8e14ddbc3d4f47886b8
openshift-kuryr-common-4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch.rpm SHA-256: 6520a0ca7c7c954fc2c1ff601d942af848271b90c8553ed02318c2ea986dbc38
openshift-kuryr-controller-4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch.rpm SHA-256: d3ed2b0b12d82529d4ef3c02272f74a24e7168ad4108620f2a6052db336ae952
python3-kuryr-kubernetes-4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch.rpm SHA-256: 99e0aa38e56826019bdda8bd6ec77cfefe05ae13c47ce424ba34b99c9dfd471b
skopeo-1.1.1-3.rhaos4.6.el8.s390x.rpm SHA-256: 1fc991502e3226fa043b1ef66d051d7d31eacfc21e807d9665f846e1cba2a8df
skopeo-debuginfo-1.1.1-3.rhaos4.6.el8.s390x.rpm SHA-256: 97acec8ed80f7120c55893b7eb973c9eea97cb442633a27c56295d9b084d8585
skopeo-debugsource-1.1.1-3.rhaos4.6.el8.s390x.rpm SHA-256: 601a1f30a12c0d3a6cd14873e1ae836ab68bda43fcf3522d10b6e1852dd116cb
skopeo-tests-1.1.1-3.rhaos4.6.el8.s390x.rpm SHA-256: 17b7155758c7b09e82e79a917a55d7821341b91b1697ff959a35ae2941c61871

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter