Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2021:0956 - Security Advisory
Issued:
2021-03-30
Updated:
2021-03-30

RHSA-2021:0956 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Low: OpenShift Container Platform 4.6.23 security update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 4.6.23 is now available with
updates to packages and images that fix several bugs and add enhancements.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

ed Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.6.23. See the following advisory for the container images for
this release:

https://access.redhat.com/errata/RHBA-2021:0952

All OpenShift Container Platform 4.6 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster

  • between-minor.html#understanding-upgrade-channels_updating-cluster-between
  • minor.

Security Fix(es):

  • golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
  • golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For OpenShift Container Platform 4.6 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.

Affected Products

  • Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.6 for RHEL 7 x86_64
  • Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8 s390x

Fixes

  • BZ - 1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS
  • BZ - 1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
  • BZ - 1941433 - Placeholder bug for OCP 4.6.0 rpm release

CVEs

  • CVE-2020-15586
  • CVE-2020-16845
  • CVE-2020-28362

References

  • https://access.redhat.com/security/updates/classification/#low
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenShift Container Platform 4.6 for RHEL 8

SRPM
openshift-4.6.0-202103210832.p0.git.94284.834ccc7.el8.src.rpm SHA-256: 6b704aa37906f320f53773d277ee777036f7df8dc9adce1bdef5ed29fc875922
openshift-clients-4.6.0-202103200039.p0.git.3841.3e951a5.el8.src.rpm SHA-256: ee01ca2a418cdf44c2fa4ec3583a95c93d3d89badca0caa4b93a6e7b23b2a932
openshift-eventrouter-0.2-6.git7c289cc.el8.src.rpm SHA-256: 1d0317592044581b31a9c55d9d2b6b87fc07400f9773cdca1e607c0f786d6b53
openshift-kuryr-4.6.0-202103192141.p0.git.2234.cba9525.el8.src.rpm SHA-256: 79e11c6f4d36c68038e2f53e52c3bb964b0d47c210e17b2f9af278e5a5c8d45e
x86_64
openshift-clients-4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64.rpm SHA-256: 0ed0858809292ea3d2c1bb5834aaa1392dca157913c7d67b931d1e15c7d1b7d5
openshift-clients-redistributable-4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64.rpm SHA-256: 7c76bdd3a5ec9278ff6511a1920f999aaec5c072827cb7ade255e45da36ddb52
openshift-eventrouter-0.2-6.git7c289cc.el8.x86_64.rpm SHA-256: f8517b2f109353e323f9cf03c8ccb328ee040d6a6a41d957561a7539e1b0fed8
openshift-eventrouter-debuginfo-0.2-6.git7c289cc.el8.x86_64.rpm SHA-256: d30970b4a0bdab974d621f65da66c5da49ebe398a5e06c255f2fdff499560fca
openshift-eventrouter-debugsource-0.2-6.git7c289cc.el8.x86_64.rpm SHA-256: 56ee54690ae4fd757892d994497d3ee13632363b0927765f34a077d8955b33d6
openshift-hyperkube-4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64.rpm SHA-256: 6a8a6b44003fa8d5c73b7930d735460e73d0673b18155466537d63eb0aea4747
openshift-kuryr-cni-4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch.rpm SHA-256: a2bf68cd475e0ac3895f01adaec794aecb11d3f982c095b37272c09dc6042a10
openshift-kuryr-common-4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch.rpm SHA-256: f466456056506bf3cb275a0e53e2d42c6749fae068b9579226449fc82edd1a0b
openshift-kuryr-controller-4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch.rpm SHA-256: 0534a6e5bd44012b4d13a6ca225adee4730ad16e6eaa29c8c246c93bde309fd9
python3-kuryr-kubernetes-4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch.rpm SHA-256: 27dc7b53d90d02b7a5ac4d7c29fa13832e4f1562c4c2ec6cf3633c94a0ed0016

Red Hat OpenShift Container Platform 4.6 for RHEL 7

SRPM
openshift-4.6.0-202103210832.p0.git.94284.834ccc7.el7.src.rpm SHA-256: 176db8a142b0c45f0f8067922d92dafaa6eb364291dcc46e65a687cafb63b9cf
openshift-ansible-4.6.0-202103192141.p0.git.0.d1b612b.el7.src.rpm SHA-256: 15cc58f6a6ddb087d300e38a5dfb8b91328269445af957e93beb9bf5e0cfd25b
openshift-clients-4.6.0-202103200039.p0.git.3841.3e951a5.el7.src.rpm SHA-256: c967079ea8fd15bb54795b9bbfb767f996456841d011bb7f87020ff64c23335b
x86_64
openshift-ansible-4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch.rpm SHA-256: 0b50750e4e0562b537b9070075b71e4049d57599d2987d590ba3b613c07b48b4
openshift-ansible-test-4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch.rpm SHA-256: faf3c388aee4daff3ecf10ef992776437c8fa93d39acefb7dd9443a0099a1c4e
openshift-clients-4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64.rpm SHA-256: de4a9e3c7b1c9f4937abfdfa4a552a22c71f5381ebf3d0cf290221c7f15063fc
openshift-clients-redistributable-4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64.rpm SHA-256: 23e56529c734756a737ef80c07dd14e03257da47375a893525dbe756e97358aa
openshift-hyperkube-4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64.rpm SHA-256: 5d2a3146bbf5eb404f1cc02db61a1a3958d888e5de5af4b57a36d98edda8da23

Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8

SRPM
openshift-4.6.0-202103210832.p0.git.94284.834ccc7.el8.src.rpm SHA-256: 6b704aa37906f320f53773d277ee777036f7df8dc9adce1bdef5ed29fc875922
openshift-clients-4.6.0-202103200039.p0.git.3841.3e951a5.el8.src.rpm SHA-256: ee01ca2a418cdf44c2fa4ec3583a95c93d3d89badca0caa4b93a6e7b23b2a932
openshift-eventrouter-0.2-6.git7c289cc.el8.src.rpm SHA-256: 1d0317592044581b31a9c55d9d2b6b87fc07400f9773cdca1e607c0f786d6b53
openshift-kuryr-4.6.0-202103192141.p0.git.2234.cba9525.el8.src.rpm SHA-256: 79e11c6f4d36c68038e2f53e52c3bb964b0d47c210e17b2f9af278e5a5c8d45e
ppc64le
openshift-clients-4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le.rpm SHA-256: cf6248eacfa80d121d2e6bc09bac256f43dd1b6b7438dc810ffdd6d9706445a2
openshift-eventrouter-0.2-6.git7c289cc.el8.ppc64le.rpm SHA-256: 6e433486fa42025b8e8f08fb4563289866bc7073179e10c65acb791eb339d2ba
openshift-eventrouter-debuginfo-0.2-6.git7c289cc.el8.ppc64le.rpm SHA-256: 2c30722b87fe79563bbf051e1af0bffe50b7b31e8a2703cb131857c7fa02fb1a
openshift-eventrouter-debugsource-0.2-6.git7c289cc.el8.ppc64le.rpm SHA-256: ab7532e31feed72a93efdc4b4229c0d75ab8bd31bfbf39af564d2fdc6c0f69a1
openshift-hyperkube-4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le.rpm SHA-256: b01dc97e2c7ecc147ee31e2618ac15e5843feb413770952ab790c7d05d411ed1
openshift-kuryr-cni-4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch.rpm SHA-256: a2bf68cd475e0ac3895f01adaec794aecb11d3f982c095b37272c09dc6042a10
openshift-kuryr-common-4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch.rpm SHA-256: f466456056506bf3cb275a0e53e2d42c6749fae068b9579226449fc82edd1a0b
openshift-kuryr-controller-4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch.rpm SHA-256: 0534a6e5bd44012b4d13a6ca225adee4730ad16e6eaa29c8c246c93bde309fd9
python3-kuryr-kubernetes-4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch.rpm SHA-256: 27dc7b53d90d02b7a5ac4d7c29fa13832e4f1562c4c2ec6cf3633c94a0ed0016

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8

SRPM
openshift-4.6.0-202103210832.p0.git.94284.834ccc7.el8.src.rpm SHA-256: 6b704aa37906f320f53773d277ee777036f7df8dc9adce1bdef5ed29fc875922
openshift-clients-4.6.0-202103200039.p0.git.3841.3e951a5.el8.src.rpm SHA-256: ee01ca2a418cdf44c2fa4ec3583a95c93d3d89badca0caa4b93a6e7b23b2a932
openshift-eventrouter-0.2-6.git7c289cc.el8.src.rpm SHA-256: 1d0317592044581b31a9c55d9d2b6b87fc07400f9773cdca1e607c0f786d6b53
openshift-kuryr-4.6.0-202103192141.p0.git.2234.cba9525.el8.src.rpm SHA-256: 79e11c6f4d36c68038e2f53e52c3bb964b0d47c210e17b2f9af278e5a5c8d45e
s390x
openshift-clients-4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x.rpm SHA-256: 68b4a8fb3b6f4453a6193ec0057ca628cc0277822b14c271a9453adf26c35487
openshift-eventrouter-0.2-6.git7c289cc.el8.s390x.rpm SHA-256: ccb37776a75d4399403e48324a8fba235c0b4a9ff9268ce0eef1801fdcf10441
openshift-eventrouter-debuginfo-0.2-6.git7c289cc.el8.s390x.rpm SHA-256: 8994a8d8f5da05e4d6fde23607b8e13a002e3b47ce177bd35c8e38d8d871eba4
openshift-eventrouter-debugsource-0.2-6.git7c289cc.el8.s390x.rpm SHA-256: e575a8c30c35bf68f9e67cfb7d7b7ffe993e07e950876df011a50dfda4f47595
openshift-hyperkube-4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x.rpm SHA-256: c42c47f8feca2e5953701615f6f04f1fa11f26b4a70f2dca31fb04261f52b24f
openshift-kuryr-cni-4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch.rpm SHA-256: a2bf68cd475e0ac3895f01adaec794aecb11d3f982c095b37272c09dc6042a10
openshift-kuryr-common-4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch.rpm SHA-256: f466456056506bf3cb275a0e53e2d42c6749fae068b9579226449fc82edd1a0b
openshift-kuryr-controller-4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch.rpm SHA-256: 0534a6e5bd44012b4d13a6ca225adee4730ad16e6eaa29c8c246c93bde309fd9
python3-kuryr-kubernetes-4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch.rpm SHA-256: 27dc7b53d90d02b7a5ac4d7c29fa13832e4f1562c4c2ec6cf3633c94a0ed0016

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat X (formerly Twitter)

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility