Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2021:1016 - Security Advisory
Issued:
2021-04-13
Updated:
2021-04-13

RHSA-2021:1016 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Low: OpenShift Container Platform 4.5.37 security update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 4.5.37 is now available with
updates to packages and images that fix several bugs and add enhancements.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.5.37. See the following advisory for the container images for
this release:

https://access.redhat.com/errata/RHBA-2021:1015

All OpenShift Container Platform 4.6 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster

  • between-minor.html#understanding-upgrade-channels_updating-cluster-between
  • minor

Security Fix(es):

  • golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
  • golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For OpenShift Container Platform 4.5 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html

Affected Products

  • Red Hat OpenShift Container Platform 4.5 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.5 for RHEL 7 x86_64
  • Red Hat OpenShift Container Platform for Power 4.5 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for Power 4.5 for RHEL 7 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.5 for RHEL 8 s390x
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.5 for RHEL 7 s390x

Fixes

  • BZ - 1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS
  • BZ - 1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
  • BZ - 1944040 - Placeholder bug for OCP 4.5.z rpm release

CVEs

  • CVE-2020-15586
  • CVE-2020-16845

References

  • https://access.redhat.com/security/updates/classification/#low
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenShift Container Platform 4.5 for RHEL 8

SRPM
ignition-0.35.1-12.rhaos4.5.gitb4d18ad.el8.src.rpm SHA-256: dff39250945a87fe872ca7afbdb88fc2b8d8cf2ac976b601ee18054fb3743a2e
podman-1.9.3-2.rhaos4.5.el8.src.rpm SHA-256: 63ba776774f4e3b62502bdc6d20b41b46d3d74e8f741190c9b6e5798094f4a7f
skopeo-1.1.1-2.rhaos4.5.el8.src.rpm SHA-256: 344e86df80d78308c13264816c48761ef0ace07b14dd1dae3e30d349b41e3d59
x86_64
containers-common-1.1.1-2.rhaos4.5.el8.x86_64.rpm SHA-256: e02fffda75332e62b0d26568846c8a133f6515960a966d5f47b3449c9214cb60
ignition-0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64.rpm SHA-256: e5677469299ec8911c5d712b69a0bca57900d3144e0715b23ccba870a5feb8d9
ignition-debuginfo-0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64.rpm SHA-256: 7b4571b035d3b1bd1f72f2df1d29c2082c65131d5326d02d515022460ce0d20a
ignition-debugsource-0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64.rpm SHA-256: 25a40582ee3c226fab30adc913ab91e7106a3423d22a7a3e969d59cb256f2eef
ignition-validate-0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64.rpm SHA-256: dc73728315a24def757b630bd297bf831c40b3159ac5c30d390b050788f14c52
ignition-validate-debuginfo-0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64.rpm SHA-256: b441df4ada7d7390f7f37c182ac8da7e68f2323cf1248de84befddf3d9158d8b
podman-1.9.3-2.rhaos4.5.el8.x86_64.rpm SHA-256: 74017eefd8982640257d68cd4a22fef41e2f9be7159c99f7e1ac93107ee98e27
podman-debuginfo-1.9.3-2.rhaos4.5.el8.x86_64.rpm SHA-256: 22eea2fe2341142992d8a137925983a361860229dc016ab97476b05742a2d747
podman-debugsource-1.9.3-2.rhaos4.5.el8.x86_64.rpm SHA-256: a55ca2cd6c3828e52e3301f9639441a892e12d7a49ea1d9d47aca097cf243d35
podman-docker-1.9.3-2.rhaos4.5.el8.noarch.rpm SHA-256: caf0fe67c62f39a1e514a5d9e010d2ccbb063ac7cb51becfe0f7300558a62ba1
podman-remote-1.9.3-2.rhaos4.5.el8.x86_64.rpm SHA-256: 03d4c7e00aa93d484f91048c826c94a7b3b8addcd783ce93a18726dc2a891d3e
podman-remote-debuginfo-1.9.3-2.rhaos4.5.el8.x86_64.rpm SHA-256: 8c5cadc06cedee9534bc97722c8a47d01fc6211af19f6327531627052f7dbd7b
podman-tests-1.9.3-2.rhaos4.5.el8.x86_64.rpm SHA-256: dd472b3d7933ccfc825a0cfdc0327b656cdd78f6456f0077971b0b8e8b352e85
skopeo-1.1.1-2.rhaos4.5.el8.x86_64.rpm SHA-256: 4bdb0e4bf914f4c5c823c2511431964fa0629eba9d0ca0a1508178df8e00937a
skopeo-debuginfo-1.1.1-2.rhaos4.5.el8.x86_64.rpm SHA-256: 1a493ed8d4703fee206951d7fccac6fe64262bae22926b1562b568693c6f4fda
skopeo-debugsource-1.1.1-2.rhaos4.5.el8.x86_64.rpm SHA-256: 83e8842495144e1ca506837009584ae3d8c183365e830dc28515bf3552d4eaa6
skopeo-tests-1.1.1-2.rhaos4.5.el8.x86_64.rpm SHA-256: 737f4aea2c09fb701ac0c50af73e5f2a8251fce6414cfb73a9e7592a8aac5824

Red Hat OpenShift Container Platform 4.5 for RHEL 7

SRPM
kubefed-client-4.5.0-202002271711.git.2.3bd46d6.el7.src.rpm SHA-256: 60c42aebfdc69aca82d937cdadb89866cd4ffab846028aa2c29d02e731985e65
openshift-eventrouter-0.2-5.git7c289cc.el7.src.rpm SHA-256: 400afaae862bcbbb52fdd07939b7c2e6aa0d389e93ecc031f9b62eed5c1f0c0c
x86_64
kubefed-client-4.5.0-202002271711.git.2.3bd46d6.el7.x86_64.rpm SHA-256: 4dd4e8d0abfa3127151a5c848406e1319976fb913acbf1bb3c88cb1224e54676
openshift-eventrouter-0.2-5.git7c289cc.el7.x86_64.rpm SHA-256: b6c3ddbe72743e4bf341b3c8fb524458713ef9edf1b74083175a90a04760d5e6
openshift-eventrouter-debuginfo-0.2-5.git7c289cc.el7.x86_64.rpm SHA-256: 64a0f6511dbfc06568c78b0b10cb4c74b096dcbb58b8b20224afbe3980896691

Red Hat OpenShift Container Platform for Power 4.5 for RHEL 8

SRPM
ignition-0.35.1-12.rhaos4.5.gitb4d18ad.el8.src.rpm SHA-256: dff39250945a87fe872ca7afbdb88fc2b8d8cf2ac976b601ee18054fb3743a2e
podman-1.9.3-2.rhaos4.5.el8.src.rpm SHA-256: 63ba776774f4e3b62502bdc6d20b41b46d3d74e8f741190c9b6e5798094f4a7f
skopeo-1.1.1-2.rhaos4.5.el8.src.rpm SHA-256: 344e86df80d78308c13264816c48761ef0ace07b14dd1dae3e30d349b41e3d59
ppc64le
containers-common-1.1.1-2.rhaos4.5.el8.ppc64le.rpm SHA-256: cbbac335040ae6ee85f6bc2434dbd926df0492357e48cf13d03339b0ab888953
ignition-0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le.rpm SHA-256: dec372c9ddc29a65231763c2ff2d7f2091e633d60d1913d27f28d05eb8f1542e
ignition-debuginfo-0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le.rpm SHA-256: 2b0b074cd4e15d2888898da5236e51b7ae9d30bcdd5b88b2d2de2bdae3da1c1f
ignition-debugsource-0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le.rpm SHA-256: e0c1ef16fb0668347c58e654ce48d012b87e7fe745b7c28187150e16438f02e0
ignition-validate-0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le.rpm SHA-256: 54851a76904aa6f505faf911656b2b5b797789c8476cb9037ff708c1f2042662
ignition-validate-debuginfo-0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le.rpm SHA-256: f96e63f89a94aa438534ac96b42de9f50dc4ed93d64c259427a79c7b25834ae7
podman-1.9.3-2.rhaos4.5.el8.ppc64le.rpm SHA-256: 6239ec33d14039d0686c3afb007f6cf1c83da22fb97567ad374dd0fabb1ee800
podman-debuginfo-1.9.3-2.rhaos4.5.el8.ppc64le.rpm SHA-256: c799f25aab0bd7716d8ea3b7acd6258ea6bba6fbb3dce71b83115672742ec76d
podman-debugsource-1.9.3-2.rhaos4.5.el8.ppc64le.rpm SHA-256: 0e29ce9bdbb69d89d37e40600316b618cecce9c910d08a438a9a801e571af820
podman-docker-1.9.3-2.rhaos4.5.el8.noarch.rpm SHA-256: caf0fe67c62f39a1e514a5d9e010d2ccbb063ac7cb51becfe0f7300558a62ba1
podman-remote-1.9.3-2.rhaos4.5.el8.ppc64le.rpm SHA-256: 716672af7cf9d631a81b1c58894b1bccd323e517780e99f0bc2230d7de3742fd
podman-remote-debuginfo-1.9.3-2.rhaos4.5.el8.ppc64le.rpm SHA-256: 44ab3b6843c977d58bd655130ede0909bf74808186fa46c4b0f3af5fde2a3125
podman-tests-1.9.3-2.rhaos4.5.el8.ppc64le.rpm SHA-256: 2571755d75652b9edf8fed49b577cbeaae07dcd3e68ccfe7cbb8e457283774bb
skopeo-1.1.1-2.rhaos4.5.el8.ppc64le.rpm SHA-256: 328d3a08e704c7828d7339f416e056d88c3af950afcde4e415fb92a475d4abd9
skopeo-debuginfo-1.1.1-2.rhaos4.5.el8.ppc64le.rpm SHA-256: c50c26fe10ef4db3ad15c43b21b6d4bf2839df9b6f50f43e9b5d0e71c0d39f50
skopeo-debugsource-1.1.1-2.rhaos4.5.el8.ppc64le.rpm SHA-256: ae95dac3890c05af0f08ad9699404cabf175a426fe5a4b4fe8e13a8fa68c4a71
skopeo-tests-1.1.1-2.rhaos4.5.el8.ppc64le.rpm SHA-256: d82706898af951f40a9b32a47b4c03fac86823099d54eb530cc97543cf30601e

Red Hat OpenShift Container Platform for Power 4.5 for RHEL 7

SRPM
kubefed-client-4.5.0-202002271711.git.2.3bd46d6.el7.src.rpm SHA-256: 60c42aebfdc69aca82d937cdadb89866cd4ffab846028aa2c29d02e731985e65
openshift-eventrouter-0.2-5.git7c289cc.el7.src.rpm SHA-256: 400afaae862bcbbb52fdd07939b7c2e6aa0d389e93ecc031f9b62eed5c1f0c0c
ppc64le
kubefed-client-4.5.0-202002271711.git.2.3bd46d6.el7.ppc64le.rpm SHA-256: 84f75aff34dcee12ae98a75010467b0f4cfbe642edabddb2b0165d2da467b107
openshift-eventrouter-0.2-5.git7c289cc.el7.ppc64le.rpm SHA-256: c1ebd1eb5258a60a3415e3259a2058fe4bedc9328b9ea7d40228266cbf271624
openshift-eventrouter-debuginfo-0.2-5.git7c289cc.el7.ppc64le.rpm SHA-256: 77a03b093f856e80e5d50c704b65ea67c3bbaf7fbff6eb5c3e6c557f3e87182d

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.5 for RHEL 8

SRPM
ignition-0.35.1-12.rhaos4.5.gitb4d18ad.el8.src.rpm SHA-256: dff39250945a87fe872ca7afbdb88fc2b8d8cf2ac976b601ee18054fb3743a2e
podman-1.9.3-2.rhaos4.5.el8.src.rpm SHA-256: 63ba776774f4e3b62502bdc6d20b41b46d3d74e8f741190c9b6e5798094f4a7f
skopeo-1.1.1-2.rhaos4.5.el8.src.rpm SHA-256: 344e86df80d78308c13264816c48761ef0ace07b14dd1dae3e30d349b41e3d59
s390x
containers-common-1.1.1-2.rhaos4.5.el8.s390x.rpm SHA-256: c178cf27f702db2e97d7bb9cae36569b8c01513fea75ba5d6cd0f25ba3246ff0
ignition-0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x.rpm SHA-256: 148026aae871dc61046896c2d6c0de4e06e3f61c25d1e6dd8b943567754c5730
ignition-debuginfo-0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x.rpm SHA-256: 6c7c57fb4401164423fc3aa773eaf3fb8bd8258590983b647dcf9d98b46fbc6c
ignition-debugsource-0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x.rpm SHA-256: 96c21fd16a62c7d363dae162197c745c9e6c25b35d677618b7b240c0564b6992
ignition-validate-0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x.rpm SHA-256: 8700eb8fcea438228c04c255077215f99b12779abbf77345c79de812f76c5f20
ignition-validate-debuginfo-0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x.rpm SHA-256: 698cc311b8bfd4b12f40ab87e26dc0db8642e270a934644c15582c1c1d9c94b7
podman-1.9.3-2.rhaos4.5.el8.s390x.rpm SHA-256: a4bea01c9428fbd0295d86cc56ff15b94ec99de226c145a52ff64118e955b308
podman-debuginfo-1.9.3-2.rhaos4.5.el8.s390x.rpm SHA-256: e80acfddb376fb6cc9bae811ae34357850c619a467c08685b5845a08187e0291
podman-debugsource-1.9.3-2.rhaos4.5.el8.s390x.rpm SHA-256: 0ca8c1298ce5b98e672f551ab53bd7ec72e8ae473db3d481e76fd8f00c13cbee
podman-docker-1.9.3-2.rhaos4.5.el8.noarch.rpm SHA-256: caf0fe67c62f39a1e514a5d9e010d2ccbb063ac7cb51becfe0f7300558a62ba1
podman-remote-1.9.3-2.rhaos4.5.el8.s390x.rpm SHA-256: 887409544eceb2fb0ed7abd8a32c50d83e2b4ec41ee5157ede53a0f60b166202
podman-remote-debuginfo-1.9.3-2.rhaos4.5.el8.s390x.rpm SHA-256: 3a588ecdf0aec91890b283858bdd7d0cc46de47955e64e7b1a06f1ab76e5a012
podman-tests-1.9.3-2.rhaos4.5.el8.s390x.rpm SHA-256: c818499bead45aa857d69a33da33b3b7281ce5188cc5dd33eec25c2dd4f87d96
skopeo-1.1.1-2.rhaos4.5.el8.s390x.rpm SHA-256: bd83bd0d67c81a6dd2db185dcfc9f482ad3dd3eb7781c845be0357ad1acadea6
skopeo-debuginfo-1.1.1-2.rhaos4.5.el8.s390x.rpm SHA-256: 0a7a32b6ecf65e4e1bb50e3ac8de3582634216f06af4e608139db8b590dc09e8
skopeo-debugsource-1.1.1-2.rhaos4.5.el8.s390x.rpm SHA-256: aa918377cebea68fe64f1f5c7f05a3e918110f889d6ae51ececc8428216d0b77
skopeo-tests-1.1.1-2.rhaos4.5.el8.s390x.rpm SHA-256: eb33188f4e64c819d7571c6b6db55be543a94a56f5dd9dd80b84340aeb8de1c1

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.5 for RHEL 7

SRPM
kubefed-client-4.5.0-202002271711.git.2.3bd46d6.el7.src.rpm SHA-256: 60c42aebfdc69aca82d937cdadb89866cd4ffab846028aa2c29d02e731985e65
openshift-eventrouter-0.2-5.git7c289cc.el7.src.rpm SHA-256: 400afaae862bcbbb52fdd07939b7c2e6aa0d389e93ecc031f9b62eed5c1f0c0c
s390x
kubefed-client-4.5.0-202002271711.git.2.3bd46d6.el7.s390x.rpm SHA-256: 942c87c1ee4f564b5d25bfe19eac3869d07944f3960231f1b34c55b7e58ce822
openshift-eventrouter-0.2-5.git7c289cc.el7.s390x.rpm SHA-256: d56fe25d5224462f9261545433958e0f84bd8aaad2d2c8702fb3b315277da738
openshift-eventrouter-debuginfo-0.2-5.git7c289cc.el7.s390x.rpm SHA-256: 6e72a75e4a6fe92daf80f19467040891f2af3da6338b7b75f1267d5171779ea0

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Twitter Facebook