Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2021:3930 - Security Advisory
Issued:
2021-10-27
Updated:
2021-10-27

RHSA-2021:3930 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: OpenShift Container Platform 4.7.36 security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 4.7.36 is now available with
updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.36. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHBA-2021:3931

Security Fix(es):

  • coreos-installer: incorrect signature verification on gzip-compressed install images (CVE-2021-20319)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor

Bug Fix(es):

  • Placeholder bug for OCP 4.7.0 rpm release (BZ#2015779)

Solution

For OpenShift Container Platform 4.7 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html

Affected Products

  • Red Hat OpenShift Container Platform 4.7 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.7 for RHEL 7 x86_64
  • Red Hat OpenShift Container Platform for Power 4.7 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.7 for RHEL 8 s390x

Fixes

  • BZ - 2011862 - CVE-2021-20319 coreos-installer: incorrect signature verification on gzip-compressed install images
  • BZ - 2015779 - Placeholder bug for OCP 4.7.0 rpm release

CVEs

  • CVE-2021-20319

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenShift Container Platform 4.7 for RHEL 8

SRPM
coreos-installer-0.8.0-4.rhaos4.7.el8.src.rpm SHA-256: 985228f7ff0f7336258b277d9d8760a389d77d74a4d4f2fa1324438816048784
cri-o-1.20.5-6.rhaos4.7.gitec973a2.el8.src.rpm SHA-256: d0d954eb5945390cd5ab3f1b7c38568b55c9467b5c36e9bf9629a8d4125f6dc7
ironic-images-15.2-20211013.1.el8.src.rpm SHA-256: 77e3f6804402b3f3e368d609c3e42f14f63ec898d02667a915486ad5737b1325
openstack-ironic-python-agent-6.4.4-0.20210811101217.48ffbaa.el8.src.rpm SHA-256: 3f8b759c0ac7b77a3c8ebd07a95833e1657927d64045ec7aae8ddcb8ec3d8278
x86_64
coreos-installer-0.8.0-4.rhaos4.7.el8.x86_64.rpm SHA-256: d7bb41de36c14ffbb70e93fb479448d4fe6b5322799aa458b55349fa216e2770
coreos-installer-bootinfra-debuginfo-0.8.0-4.rhaos4.7.el8.x86_64.rpm SHA-256: 87deadb02da9417b9e8d29dbd21328df22cf2b7d4c4bd7f6c35811f5dfc04685
coreos-installer-debuginfo-0.8.0-4.rhaos4.7.el8.x86_64.rpm SHA-256: 132e0d039e46d7cd273118e02f89b37a836d2d91507ca74c19a54807e969cfc9
coreos-installer-debugsource-0.8.0-4.rhaos4.7.el8.x86_64.rpm SHA-256: 9d95c3b62ae2f52e463677a53fbbacc8b83d5b4f29299cc349d5ed1673d0374b
cri-o-1.20.5-6.rhaos4.7.gitec973a2.el8.x86_64.rpm SHA-256: bac1fc3241710d7c914c7158bca2c56df8bc768904928ca1bfa122f99edbf0da
cri-o-debuginfo-1.20.5-6.rhaos4.7.gitec973a2.el8.x86_64.rpm SHA-256: 4ed8c30e57543dc9b753139648af24186389ef60b0b6499ce6571fff928f5891
cri-o-debugsource-1.20.5-6.rhaos4.7.gitec973a2.el8.x86_64.rpm SHA-256: e9d92f7f8dfdef976e92e02acd0090ece913b3b476e233d0800577f35b5bf6a1
ironic-images-15.2-20211013.1.el8.noarch.rpm SHA-256: 0282f2ff6739551508a7a83d050fdbc9cf42a82282e3010d370627828165baf3
ironic-images-all-15.2-20211013.1.el8.noarch.rpm SHA-256: 82475d9ec85bb44443a0a0f342e6f85a7a33c8e7469cf3262cba880b744f369f
ironic-images-ipa-ppc64le-15.2-20211013.1.el8.noarch.rpm SHA-256: b68767f8b573e5eb995e5b22aa4ea94eab54c7155e6c7ee3deaea625a9264876
ironic-images-ipa-x86_64-15.2-20211013.1.el8.noarch.rpm SHA-256: 129ba91f7231c81ab470a822f134f2880191f2e872cd3091cbd22036a2303dbe
openstack-ironic-python-agent-6.4.4-0.20210811101217.48ffbaa.el8.noarch.rpm SHA-256: 02b407652d0f221c48e56d065f7686b52e8b209d48b8568dbe1329ecc15e4eaa
python3-ironic-python-agent-6.4.4-0.20210811101217.48ffbaa.el8.noarch.rpm SHA-256: 7b36ae2d4bb9bb572788a023ce4ca2fb3207a22e8675cd77c2967e50e2923f3d

Red Hat OpenShift Container Platform 4.7 for RHEL 7

SRPM
cri-o-1.20.5-6.rhaos4.7.gitec973a2.el7.src.rpm SHA-256: ff6546b846fe30634055b0142356d7592434ae57881b69000e7bc6153f142b72
x86_64
cri-o-1.20.5-6.rhaos4.7.gitec973a2.el7.x86_64.rpm SHA-256: d3646b0bad2920a0556e7122e417e78252794ec60d71e9cc4c8ea934e37d3d80
cri-o-debuginfo-1.20.5-6.rhaos4.7.gitec973a2.el7.x86_64.rpm SHA-256: b4358aaad394be62ae68f86d903b3fcf0fc1758163491522350304c5f5745bda

Red Hat OpenShift Container Platform for Power 4.7 for RHEL 8

SRPM
coreos-installer-0.8.0-4.rhaos4.7.el8.src.rpm SHA-256: 985228f7ff0f7336258b277d9d8760a389d77d74a4d4f2fa1324438816048784
cri-o-1.20.5-6.rhaos4.7.gitec973a2.el8.src.rpm SHA-256: d0d954eb5945390cd5ab3f1b7c38568b55c9467b5c36e9bf9629a8d4125f6dc7
ironic-images-15.2-20211013.1.el8.src.rpm SHA-256: 77e3f6804402b3f3e368d609c3e42f14f63ec898d02667a915486ad5737b1325
openstack-ironic-python-agent-6.4.4-0.20210811101217.48ffbaa.el8.src.rpm SHA-256: 3f8b759c0ac7b77a3c8ebd07a95833e1657927d64045ec7aae8ddcb8ec3d8278
ppc64le
coreos-installer-0.8.0-4.rhaos4.7.el8.ppc64le.rpm SHA-256: 5aff63c0f465b8c2a1adee8fd0e66c029a5e4d9a97e35cac6f08748cf0751b2d
coreos-installer-bootinfra-0.8.0-4.rhaos4.7.el8.ppc64le.rpm SHA-256: fc947a9687b7fecc119ff87f0f222ace5acdde03069747834557079146537069
coreos-installer-bootinfra-debuginfo-0.8.0-4.rhaos4.7.el8.ppc64le.rpm SHA-256: e893ffa495416ee2b4115c79ecaa88b878ed19538e13743b08b4ac63a66f195c
coreos-installer-debuginfo-0.8.0-4.rhaos4.7.el8.ppc64le.rpm SHA-256: 62b92b66a32a0e8e0084d165d11465dbcb342e597f2390fe3f479467393f0edb
coreos-installer-debugsource-0.8.0-4.rhaos4.7.el8.ppc64le.rpm SHA-256: 04083a48b64fb5bf17ab762233c79679d37be610b30b9c7852d5c2e6e143b35e
cri-o-1.20.5-6.rhaos4.7.gitec973a2.el8.ppc64le.rpm SHA-256: 8bba1622d4c2724da41481b75ca3abb6ccd7fc1f2a91c9aeb758561ccb60d267
cri-o-debuginfo-1.20.5-6.rhaos4.7.gitec973a2.el8.ppc64le.rpm SHA-256: 999d1fc9d0fc8822959542f50b40119f22f3c0eafc73c75eba5225b4d7e6eaa3
cri-o-debugsource-1.20.5-6.rhaos4.7.gitec973a2.el8.ppc64le.rpm SHA-256: e42a652cf5f0c650343775cde63be979ee1589f9328882171380dc5bc7c88083
ironic-images-15.2-20211013.1.el8.noarch.rpm SHA-256: 0282f2ff6739551508a7a83d050fdbc9cf42a82282e3010d370627828165baf3
ironic-images-all-15.2-20211013.1.el8.noarch.rpm SHA-256: 82475d9ec85bb44443a0a0f342e6f85a7a33c8e7469cf3262cba880b744f369f
ironic-images-ipa-ppc64le-15.2-20211013.1.el8.noarch.rpm SHA-256: b68767f8b573e5eb995e5b22aa4ea94eab54c7155e6c7ee3deaea625a9264876
ironic-images-ipa-x86_64-15.2-20211013.1.el8.noarch.rpm SHA-256: 129ba91f7231c81ab470a822f134f2880191f2e872cd3091cbd22036a2303dbe
openstack-ironic-python-agent-6.4.4-0.20210811101217.48ffbaa.el8.noarch.rpm SHA-256: 02b407652d0f221c48e56d065f7686b52e8b209d48b8568dbe1329ecc15e4eaa
python3-ironic-python-agent-6.4.4-0.20210811101217.48ffbaa.el8.noarch.rpm SHA-256: 7b36ae2d4bb9bb572788a023ce4ca2fb3207a22e8675cd77c2967e50e2923f3d

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.7 for RHEL 8

SRPM
coreos-installer-0.8.0-4.rhaos4.7.el8.src.rpm SHA-256: 985228f7ff0f7336258b277d9d8760a389d77d74a4d4f2fa1324438816048784
cri-o-1.20.5-6.rhaos4.7.gitec973a2.el8.src.rpm SHA-256: d0d954eb5945390cd5ab3f1b7c38568b55c9467b5c36e9bf9629a8d4125f6dc7
ironic-images-15.2-20211013.1.el8.src.rpm SHA-256: 77e3f6804402b3f3e368d609c3e42f14f63ec898d02667a915486ad5737b1325
openstack-ironic-python-agent-6.4.4-0.20210811101217.48ffbaa.el8.src.rpm SHA-256: 3f8b759c0ac7b77a3c8ebd07a95833e1657927d64045ec7aae8ddcb8ec3d8278
s390x
coreos-installer-0.8.0-4.rhaos4.7.el8.s390x.rpm SHA-256: 9dd01272326d676ca7a3a4ab9c28ee0a336c6ad2e95c94f8372723e6065aedf1
coreos-installer-bootinfra-0.8.0-4.rhaos4.7.el8.s390x.rpm SHA-256: 650e6789b082ed749288c6152487b2c290dbd85b40d47f990d64f315ccb0cbe6
coreos-installer-bootinfra-debuginfo-0.8.0-4.rhaos4.7.el8.s390x.rpm SHA-256: f085b025f0ffe38e45b061a750f6190875de82ac637e8a390f1fc2b57979bbfb
coreos-installer-debuginfo-0.8.0-4.rhaos4.7.el8.s390x.rpm SHA-256: ce054f0e1f6b7a54f28d2aaf3aaa3da61573bdef548801606fafb93a9bf61545
coreos-installer-debugsource-0.8.0-4.rhaos4.7.el8.s390x.rpm SHA-256: 940246fee71b199d502fa690f76ced3df95f76995b6169ff3a68f229416d560b
cri-o-1.20.5-6.rhaos4.7.gitec973a2.el8.s390x.rpm SHA-256: c95f87d11c8371f9c5d4f08456447d405ba26571042b05dad7067255ff973aa0
cri-o-debuginfo-1.20.5-6.rhaos4.7.gitec973a2.el8.s390x.rpm SHA-256: 30b4b24db5e30953617396d5f42913c2e22f2e9e1327630d97a30140db4b1c7f
cri-o-debugsource-1.20.5-6.rhaos4.7.gitec973a2.el8.s390x.rpm SHA-256: dae13ac977bc06027ab2b5878f1fb0f46a44c1dc7142230423ed1a316e91e78c
ironic-images-15.2-20211013.1.el8.noarch.rpm SHA-256: 0282f2ff6739551508a7a83d050fdbc9cf42a82282e3010d370627828165baf3
ironic-images-all-15.2-20211013.1.el8.noarch.rpm SHA-256: 82475d9ec85bb44443a0a0f342e6f85a7a33c8e7469cf3262cba880b744f369f
ironic-images-ipa-ppc64le-15.2-20211013.1.el8.noarch.rpm SHA-256: b68767f8b573e5eb995e5b22aa4ea94eab54c7155e6c7ee3deaea625a9264876
ironic-images-ipa-x86_64-15.2-20211013.1.el8.noarch.rpm SHA-256: 129ba91f7231c81ab470a822f134f2880191f2e872cd3091cbd22036a2303dbe
openstack-ironic-python-agent-6.4.4-0.20210811101217.48ffbaa.el8.noarch.rpm SHA-256: 02b407652d0f221c48e56d065f7686b52e8b209d48b8568dbe1329ecc15e4eaa
python3-ironic-python-agent-6.4.4-0.20210811101217.48ffbaa.el8.noarch.rpm SHA-256: 7b36ae2d4bb9bb572788a023ce4ca2fb3207a22e8675cd77c2967e50e2923f3d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Terms of Use
  • All Policies and Guidelines
We've updated our <a href='http://www.redhat.com/en/about/privacy-policy' class='privacy-policy'>Privacy Statement</a> effective September 15, 2023.
Red Hat Summit Red Hat Summit
Twitter