Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2021:4008 - Security Advisory
Issued:
2021-11-03
Updated:
2021-11-03

RHSA-2021:4008 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: OpenShift Container Platform 4.6.49 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 4.6.49 is now available with
updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.6.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.49. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHBA-2021:4009

Security Fix(es):

  • coreos-installer: incorrect signature verification on gzip-compressed install images (CVE-2021-20319)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor

Solution

For OpenShift Container Platform 4.6 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html

Affected Products

  • Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.6 for RHEL 7 x86_64
  • Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8 s390x

Fixes

  • BZ - 2011862 - CVE-2021-20319 coreos-installer: incorrect signature verification on gzip-compressed install images

CVEs

  • CVE-2021-20319

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenShift Container Platform 4.6 for RHEL 8

SRPM
coreos-installer-0.6.0-4.rhaos4.6.el8.src.rpm SHA-256: b3ed7559f6f2686b583cadc4fceaa1bd35278ebcee9b4f2dbfd219eecbc43a7e
cri-o-1.19.4-4.rhaos4.6.git5d5a465.el8.src.rpm SHA-256: 68514f7aedbc230fde436391faa0141a0c52fced70c905e62c436902cdc634a0
podman-1.9.3-4.rhaos4.6.el8.src.rpm SHA-256: 2076caf923b58f0133b6a6b73382d1951e4a005ee1bcb122e07ce2a7f2a8007c
x86_64
coreos-installer-0.6.0-4.rhaos4.6.el8.x86_64.rpm SHA-256: 3e83f0124b80793999ed00bf1ef84ea5bb43db74754951aba27cd56e5301d5ed
coreos-installer-bootinfra-debuginfo-0.6.0-4.rhaos4.6.el8.x86_64.rpm SHA-256: 6bbe73f5b73aeaa822fcf0b211291950bd5a556407bc9f4367cdef42e014b153
coreos-installer-debuginfo-0.6.0-4.rhaos4.6.el8.x86_64.rpm SHA-256: 82e9ed3742acc811eb4b1301bb465bf857d82aca7d87b9aaac459780a90b1660
coreos-installer-debugsource-0.6.0-4.rhaos4.6.el8.x86_64.rpm SHA-256: 33b1b0133c6d82a2a81dfb579dcc8d1d2b6efee8b3365e56b5ad3eb0f47219a5
cri-o-1.19.4-4.rhaos4.6.git5d5a465.el8.x86_64.rpm SHA-256: 79e85eb599cf08f445eb890172a47e6423508c305ce659e2fbad161c8f1f1594
cri-o-debuginfo-1.19.4-4.rhaos4.6.git5d5a465.el8.x86_64.rpm SHA-256: 58db90491c29f8ca59aaa22938bbe1e47c474bbea812ee27316631d953284424
cri-o-debugsource-1.19.4-4.rhaos4.6.git5d5a465.el8.x86_64.rpm SHA-256: 7de140ed8b5d4c3af5cc0e5a660d4c97e16f31081919618906732c33261060c4
podman-1.9.3-4.rhaos4.6.el8.x86_64.rpm SHA-256: c24840eb0fe85ed1439e8a31424b53e8b666aae619fab4894008777dfba1120d
podman-debuginfo-1.9.3-4.rhaos4.6.el8.x86_64.rpm SHA-256: e4c1733f39216f9bde1530993f05a743e8a75d295132babb49772d1ac405cf18
podman-debugsource-1.9.3-4.rhaos4.6.el8.x86_64.rpm SHA-256: a24ec15425eb66502234f5576d66b859bba3e61919ce556da06e7622a6c8c3e2
podman-docker-1.9.3-4.rhaos4.6.el8.noarch.rpm SHA-256: 7aeb07f9d7c2b6fe2770dffee2e5ac3c0e790220fe293fbff6c40b9c3cd09673
podman-remote-1.9.3-4.rhaos4.6.el8.x86_64.rpm SHA-256: 0832cbba0c55af11c1904d67ee0afed9280b0a714235f2b3ee6dd4ed804f0f53
podman-remote-debuginfo-1.9.3-4.rhaos4.6.el8.x86_64.rpm SHA-256: d183f59501e5d925e8d0a9e7d0f932e88016b0d62d58250bbd0d62461462843c
podman-tests-1.9.3-4.rhaos4.6.el8.x86_64.rpm SHA-256: af49f736b843c31ba7b44bfab71b10f162dcf3c1523607ccc824947886d9a1e6

Red Hat OpenShift Container Platform 4.6 for RHEL 7

SRPM
cri-o-1.19.4-4.rhaos4.6.git5d5a465.el7.src.rpm SHA-256: 7142eb77c78bdb1dc40b3544c3f49fe4c7c945ed038185e78cdb4e0b4113556a
x86_64
cri-o-1.19.4-4.rhaos4.6.git5d5a465.el7.x86_64.rpm SHA-256: 41cce56350133180180660794fdfabba2d3b030ee1e71e018c86b8b35c0c1533
cri-o-debuginfo-1.19.4-4.rhaos4.6.git5d5a465.el7.x86_64.rpm SHA-256: 6bfdf782b40494890ebeefab0779ad00b2572fec3e717c75764299b9ceff8c67

Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8

SRPM
coreos-installer-0.6.0-4.rhaos4.6.el8.src.rpm SHA-256: b3ed7559f6f2686b583cadc4fceaa1bd35278ebcee9b4f2dbfd219eecbc43a7e
cri-o-1.19.4-4.rhaos4.6.git5d5a465.el8.src.rpm SHA-256: 68514f7aedbc230fde436391faa0141a0c52fced70c905e62c436902cdc634a0
podman-1.9.3-4.rhaos4.6.el8.src.rpm SHA-256: 2076caf923b58f0133b6a6b73382d1951e4a005ee1bcb122e07ce2a7f2a8007c
ppc64le
coreos-installer-0.6.0-4.rhaos4.6.el8.ppc64le.rpm SHA-256: 252bf0bc4839fdc8bfb4d664d2b6126760be7ccbc0a5d3f8686d7b192d25df0a
coreos-installer-bootinfra-0.6.0-4.rhaos4.6.el8.ppc64le.rpm SHA-256: 5cbd570f7e2307b9566f12baac4ae7c33447ee1cdf20b289228de358dafde792
coreos-installer-bootinfra-debuginfo-0.6.0-4.rhaos4.6.el8.ppc64le.rpm SHA-256: 0f9df92e27375f22bcee375d06bd023ae07934b4169a81aeaa00391db33d4a7c
coreos-installer-debuginfo-0.6.0-4.rhaos4.6.el8.ppc64le.rpm SHA-256: 2482cbc02122b42ce9b254de4b90a4d6fb9a596936804242d1ed744d223f28d2
coreos-installer-debugsource-0.6.0-4.rhaos4.6.el8.ppc64le.rpm SHA-256: aba5029bbb9759d0b2a0a0c179151de0685dc165ceae89387d4f4e171be37aad
cri-o-1.19.4-4.rhaos4.6.git5d5a465.el8.ppc64le.rpm SHA-256: be17a26afbf8620603decddfe8dc242e18618213f2c463ae2540ebf105d3170f
cri-o-debuginfo-1.19.4-4.rhaos4.6.git5d5a465.el8.ppc64le.rpm SHA-256: 6b2a96aa0d6b7ecd4ccdebb6a16bf50052120740d515361c3a4cdf8e2ee25c67
cri-o-debugsource-1.19.4-4.rhaos4.6.git5d5a465.el8.ppc64le.rpm SHA-256: baa8369868e7eeead99f4a6c795836fb54ecf455c6efb909a3b25dbefea11e5c
podman-1.9.3-4.rhaos4.6.el8.ppc64le.rpm SHA-256: cf4ae7278f7c62d2070ef97645bf2a4b6d21d8ade2af8d798f12bf97ce653ec7
podman-debuginfo-1.9.3-4.rhaos4.6.el8.ppc64le.rpm SHA-256: 4d42b7b2e3465cb25170937f0c0c31230c1c696ab7aa930c5c38e9f9a3736cd7
podman-debugsource-1.9.3-4.rhaos4.6.el8.ppc64le.rpm SHA-256: fa4e25c9ef11909e63e29e87774c6ec3b5f7a30435f0289527930b708a096000
podman-docker-1.9.3-4.rhaos4.6.el8.noarch.rpm SHA-256: 7aeb07f9d7c2b6fe2770dffee2e5ac3c0e790220fe293fbff6c40b9c3cd09673
podman-remote-1.9.3-4.rhaos4.6.el8.ppc64le.rpm SHA-256: ac378521f5fc0435dba524a32f6068b793f6f6d5d55be43bedad8b25260565b2
podman-remote-debuginfo-1.9.3-4.rhaos4.6.el8.ppc64le.rpm SHA-256: 861f1226e59329f9712767a3c3816c9bf6f03b6581001af364523a8c9c7b7fe6
podman-tests-1.9.3-4.rhaos4.6.el8.ppc64le.rpm SHA-256: 19906a0e5611dc831f05b9cf9e7b88f2468150c916a37bdd067b878ac2e9a44a

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8

SRPM
coreos-installer-0.6.0-4.rhaos4.6.el8.src.rpm SHA-256: b3ed7559f6f2686b583cadc4fceaa1bd35278ebcee9b4f2dbfd219eecbc43a7e
cri-o-1.19.4-4.rhaos4.6.git5d5a465.el8.src.rpm SHA-256: 68514f7aedbc230fde436391faa0141a0c52fced70c905e62c436902cdc634a0
podman-1.9.3-4.rhaos4.6.el8.src.rpm SHA-256: 2076caf923b58f0133b6a6b73382d1951e4a005ee1bcb122e07ce2a7f2a8007c
s390x
coreos-installer-0.6.0-4.rhaos4.6.el8.s390x.rpm SHA-256: 4eada23f60c3ef6e595123f1288ec5b64a64db460c2e998223f793cfedec2021
coreos-installer-bootinfra-0.6.0-4.rhaos4.6.el8.s390x.rpm SHA-256: 4c9d4c2d93b6a808f8a4f05289b9c53aaa7e1b7e538d420278bfb7c9ccda01ba
coreos-installer-bootinfra-debuginfo-0.6.0-4.rhaos4.6.el8.s390x.rpm SHA-256: 2e62ffbe304c2d812e2906f3130f08a991ae7210ec550bf89cdeb1ccc4b3d7fe
coreos-installer-debuginfo-0.6.0-4.rhaos4.6.el8.s390x.rpm SHA-256: 37b3c4959231c2c79a6e7617e82bfb5394684a9fa3221d9c0887dd3887c92194
coreos-installer-debugsource-0.6.0-4.rhaos4.6.el8.s390x.rpm SHA-256: 74d5514e300b46e10f1807227b19f81bd2d4a534b03df39b72c50b055e60357c
cri-o-1.19.4-4.rhaos4.6.git5d5a465.el8.s390x.rpm SHA-256: bb6db433b62495022028f237f372cb9bfa2fb56f0fc30ff6a56d0550f451f9b9
cri-o-debuginfo-1.19.4-4.rhaos4.6.git5d5a465.el8.s390x.rpm SHA-256: 5b035e11a3992618e35607520ca4c987eac314b79a47132ebe2f3f2921667531
cri-o-debugsource-1.19.4-4.rhaos4.6.git5d5a465.el8.s390x.rpm SHA-256: 9e49c3607ce9cd7b2b278e61061e4d3f413d60a9ebffcf3b9b59eefc7adcdb49
podman-1.9.3-4.rhaos4.6.el8.s390x.rpm SHA-256: 7a8cafa943cedab9bf50bfc9f7bfc41e9e886c588d0b7a32c366fd3435581fb8
podman-debuginfo-1.9.3-4.rhaos4.6.el8.s390x.rpm SHA-256: 6347f4b8949401641fca93801fd82e40f9189908f7926b47fee0132cf9019bba
podman-debugsource-1.9.3-4.rhaos4.6.el8.s390x.rpm SHA-256: 459286387941ea270c8dca6d36a24a0453bd577643ce0b2e5765fcda21bdfd72
podman-docker-1.9.3-4.rhaos4.6.el8.noarch.rpm SHA-256: 7aeb07f9d7c2b6fe2770dffee2e5ac3c0e790220fe293fbff6c40b9c3cd09673
podman-remote-1.9.3-4.rhaos4.6.el8.s390x.rpm SHA-256: 18d933223ac08a3ba773deb6cdc0e52ddea55bbd05530383f296ce046bdea567
podman-remote-debuginfo-1.9.3-4.rhaos4.6.el8.s390x.rpm SHA-256: fbe5ae425e9a43f180c68dd4b5c3aee9a23182cbfdd1203f097a88a140cc1ac4
podman-tests-1.9.3-4.rhaos4.6.el8.s390x.rpm SHA-256: 9184473b65729d1d9a5b936ee5818616dfcdbba6e074b199518705e7d247e106

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility