Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2022:0565 - Security Advisory
Issued:
2022-02-25
Updated:
2022-02-25

RHSA-2022:0565 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: OpenShift Container Platform 4.6.55 packages and security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 4.6.55 is now available with updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.6.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.55. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHBA-2022:0566

Security Fix(es):

  • jenkins-2-plugins/docker-commons: does not sanitize the name of an image or a tag which could result in an OS command execution (CVE-2022-20617)
  • jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF (CVE-2022-20612)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html

Solution

For OpenShift Container Platform 4.6 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html

Affected Products

  • Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.6 for RHEL 7 x86_64
  • Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8 s390x

Fixes

  • BZ - 2044460 - CVE-2022-20612 jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF
  • BZ - 2044502 - CVE-2022-20617 jenkins-2-plugins/docker-commons: does not sanitize the name of an image or a tag which could result in an OS command execution

CVEs

  • CVE-2022-20612
  • CVE-2022-20617

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenShift Container Platform 4.6 for RHEL 8

SRPM
cri-o-1.19.4-6.rhaos4.6.git391175b.el8.src.rpm SHA-256: 9434d5a7073edc29f761ed6d42d1dd5cf765e7e658ae3250b207bc8cc77c1db3
jenkins-2-plugins-4.6.1643965689-1.el8.src.rpm SHA-256: a400ac73a384dfb802dce4191c17f2b73dec975e57bd5b0d74dd74a75200480c
jenkins-2.319.2.1643964085-1.el8.src.rpm SHA-256: 42a51e88ca8eeed7a0641c69f1317e37ef356016c9f98e607fd477df6ee78c7a
openshift-4.6.0-202201200342.p0.g35fca9a.assembly.stream.el8.src.rpm SHA-256: b0b7070f57302b375e93d4660fedd108247ad01f6f048a59645b5cee47c01f79
openshift-kuryr-4.6.0-202201261116.p0.g74cd766.assembly.stream.el8.src.rpm SHA-256: 8eb096f3eda4cb31c0d2dfd8f8a446aa1352dfd06431df85efbc154675663b43
x86_64
cri-o-1.19.4-6.rhaos4.6.git391175b.el8.x86_64.rpm SHA-256: 8e70bb0d54e82c764963f0199341aedfc296bac1ccb7dc316b72e5463d4cdae6
cri-o-debuginfo-1.19.4-6.rhaos4.6.git391175b.el8.x86_64.rpm SHA-256: 98c63584fbb6bd4102f1062b415616a47b0f5a64d910dd97fcf6e652703e2ac0
cri-o-debugsource-1.19.4-6.rhaos4.6.git391175b.el8.x86_64.rpm SHA-256: 1370265e0cd9d729496f0db34ff04f117296042d97ae929a69fdd86db016f380
jenkins-2-plugins-4.6.1643965689-1.el8.noarch.rpm SHA-256: a7005f19c628fc399f78ae4d3e07807d7f318a3c20bff3cd4c706717b3d9cdca
jenkins-2.319.2.1643964085-1.el8.noarch.rpm SHA-256: efa7339bf0e5b0d78ac937dfb7058b0cf19ca86ce916a88ff3c0d04b1ac49189
openshift-hyperkube-4.6.0-202201200342.p0.g35fca9a.assembly.stream.el8.x86_64.rpm SHA-256: 1a403da18fe5bd4ff4be5d9a60ea66f7e497e6909be19905c7267afad3af7e18
openshift-kuryr-cni-4.6.0-202201261116.p0.g74cd766.assembly.stream.el8.noarch.rpm SHA-256: 2500c1f2c289309a16fab64fbff7fb3e2df1caad89d2ad44fe4ce1c341085cb1
openshift-kuryr-common-4.6.0-202201261116.p0.g74cd766.assembly.stream.el8.noarch.rpm SHA-256: 574535e978c79f7036d97646a5ab633478f15bcd0abc6cfe921255831cefd3f7
openshift-kuryr-controller-4.6.0-202201261116.p0.g74cd766.assembly.stream.el8.noarch.rpm SHA-256: bc539fb521658f8c5dac0bb4a9dd535286fd161bdfcfbe0e7f7269509a701665
python3-kuryr-kubernetes-4.6.0-202201261116.p0.g74cd766.assembly.stream.el8.noarch.rpm SHA-256: f8fd996141dbd9cbbf4a94a96021f2cbfb59a8f713845722213cc90028573852

Red Hat OpenShift Container Platform 4.6 for RHEL 7

SRPM
cri-o-1.19.4-6.rhaos4.6.git391175b.el7.src.rpm SHA-256: a271820acaa65c4e7df958936768297a520ac0e84239e587491849782f07d57a
openshift-4.6.0-202201200342.p0.g35fca9a.assembly.stream.el7.src.rpm SHA-256: fde406ed5db2cb1cccfc5bd25a57457d1d7b85a55623c55edcee8c69e92fbcaa
x86_64
cri-o-1.19.4-6.rhaos4.6.git391175b.el7.x86_64.rpm SHA-256: a32367ed8fed463c78c63941e80efb509746c79c73fa71ee778394676dcce238
cri-o-debuginfo-1.19.4-6.rhaos4.6.git391175b.el7.x86_64.rpm SHA-256: 9f5dd90c0a3733f19d5aa4e71cd6c0c3902568d6c0f77b0cd1b8c8d1d606f5da
openshift-hyperkube-4.6.0-202201200342.p0.g35fca9a.assembly.stream.el7.x86_64.rpm SHA-256: 1ac31b8890b82eaf9baffefa9f109a3941ee81a7f6aef464421c5e5274435c20

Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8

SRPM
cri-o-1.19.4-6.rhaos4.6.git391175b.el8.src.rpm SHA-256: 9434d5a7073edc29f761ed6d42d1dd5cf765e7e658ae3250b207bc8cc77c1db3
jenkins-2-plugins-4.6.1643965689-1.el8.src.rpm SHA-256: a400ac73a384dfb802dce4191c17f2b73dec975e57bd5b0d74dd74a75200480c
jenkins-2.319.2.1643964085-1.el8.src.rpm SHA-256: 42a51e88ca8eeed7a0641c69f1317e37ef356016c9f98e607fd477df6ee78c7a
openshift-4.6.0-202201200342.p0.g35fca9a.assembly.stream.el8.src.rpm SHA-256: b0b7070f57302b375e93d4660fedd108247ad01f6f048a59645b5cee47c01f79
openshift-kuryr-4.6.0-202201261116.p0.g74cd766.assembly.stream.el8.src.rpm SHA-256: 8eb096f3eda4cb31c0d2dfd8f8a446aa1352dfd06431df85efbc154675663b43
ppc64le
cri-o-1.19.4-6.rhaos4.6.git391175b.el8.ppc64le.rpm SHA-256: 16a81e813a90b2a7e5e29f8fb151e99ef7fd45565c100f123d9e3d7c08a2dae3
cri-o-debuginfo-1.19.4-6.rhaos4.6.git391175b.el8.ppc64le.rpm SHA-256: fa6d879431a7f505c5e9a926e8d153892d9fa8bf62b423652fe50dd8d1679256
cri-o-debugsource-1.19.4-6.rhaos4.6.git391175b.el8.ppc64le.rpm SHA-256: 6b4548a50f4d2a6dfd3ece725fc30fb36ed6873ebaaaadc548679f289157cb87
jenkins-2-plugins-4.6.1643965689-1.el8.noarch.rpm SHA-256: a7005f19c628fc399f78ae4d3e07807d7f318a3c20bff3cd4c706717b3d9cdca
jenkins-2.319.2.1643964085-1.el8.noarch.rpm SHA-256: efa7339bf0e5b0d78ac937dfb7058b0cf19ca86ce916a88ff3c0d04b1ac49189
openshift-hyperkube-4.6.0-202201200342.p0.g35fca9a.assembly.stream.el8.ppc64le.rpm SHA-256: 08564d415376e5691db598f510f3a8f86c692bc391329bc898e93179fcb87574
openshift-kuryr-cni-4.6.0-202201261116.p0.g74cd766.assembly.stream.el8.noarch.rpm SHA-256: 2500c1f2c289309a16fab64fbff7fb3e2df1caad89d2ad44fe4ce1c341085cb1
openshift-kuryr-common-4.6.0-202201261116.p0.g74cd766.assembly.stream.el8.noarch.rpm SHA-256: 574535e978c79f7036d97646a5ab633478f15bcd0abc6cfe921255831cefd3f7
openshift-kuryr-controller-4.6.0-202201261116.p0.g74cd766.assembly.stream.el8.noarch.rpm SHA-256: bc539fb521658f8c5dac0bb4a9dd535286fd161bdfcfbe0e7f7269509a701665
python3-kuryr-kubernetes-4.6.0-202201261116.p0.g74cd766.assembly.stream.el8.noarch.rpm SHA-256: f8fd996141dbd9cbbf4a94a96021f2cbfb59a8f713845722213cc90028573852

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8

SRPM
cri-o-1.19.4-6.rhaos4.6.git391175b.el8.src.rpm SHA-256: 9434d5a7073edc29f761ed6d42d1dd5cf765e7e658ae3250b207bc8cc77c1db3
jenkins-2-plugins-4.6.1643965689-1.el8.src.rpm SHA-256: a400ac73a384dfb802dce4191c17f2b73dec975e57bd5b0d74dd74a75200480c
jenkins-2.319.2.1643964085-1.el8.src.rpm SHA-256: 42a51e88ca8eeed7a0641c69f1317e37ef356016c9f98e607fd477df6ee78c7a
openshift-4.6.0-202201200342.p0.g35fca9a.assembly.stream.el8.src.rpm SHA-256: b0b7070f57302b375e93d4660fedd108247ad01f6f048a59645b5cee47c01f79
openshift-kuryr-4.6.0-202201261116.p0.g74cd766.assembly.stream.el8.src.rpm SHA-256: 8eb096f3eda4cb31c0d2dfd8f8a446aa1352dfd06431df85efbc154675663b43
s390x
cri-o-1.19.4-6.rhaos4.6.git391175b.el8.s390x.rpm SHA-256: 69d8a3a27dc1037cc28d5864116721df014a9fe465a5fa9d4187aa22e3e5418a
cri-o-debuginfo-1.19.4-6.rhaos4.6.git391175b.el8.s390x.rpm SHA-256: 8abb1148379182356a1e8f4ad78bb2f371be02f5be8fd90c136e8e750c1c19a4
cri-o-debugsource-1.19.4-6.rhaos4.6.git391175b.el8.s390x.rpm SHA-256: 3f7383acc2520ae968ce2e3f14dda2bba3bfd61a503115c29ea46dd1cc26907f
jenkins-2-plugins-4.6.1643965689-1.el8.noarch.rpm SHA-256: a7005f19c628fc399f78ae4d3e07807d7f318a3c20bff3cd4c706717b3d9cdca
jenkins-2.319.2.1643964085-1.el8.noarch.rpm SHA-256: efa7339bf0e5b0d78ac937dfb7058b0cf19ca86ce916a88ff3c0d04b1ac49189
openshift-hyperkube-4.6.0-202201200342.p0.g35fca9a.assembly.stream.el8.s390x.rpm SHA-256: 0f2e0af8387621a9a078a6c8101cca6505261c2b44676d6a3ca8f2ca50d75bdc
openshift-kuryr-cni-4.6.0-202201261116.p0.g74cd766.assembly.stream.el8.noarch.rpm SHA-256: 2500c1f2c289309a16fab64fbff7fb3e2df1caad89d2ad44fe4ce1c341085cb1
openshift-kuryr-common-4.6.0-202201261116.p0.g74cd766.assembly.stream.el8.noarch.rpm SHA-256: 574535e978c79f7036d97646a5ab633478f15bcd0abc6cfe921255831cefd3f7
openshift-kuryr-controller-4.6.0-202201261116.p0.g74cd766.assembly.stream.el8.noarch.rpm SHA-256: bc539fb521658f8c5dac0bb4a9dd535286fd161bdfcfbe0e7f7269509a701665
python3-kuryr-kubernetes-4.6.0-202201261116.p0.g74cd766.assembly.stream.el8.noarch.rpm SHA-256: f8fd996141dbd9cbbf4a94a96021f2cbfb59a8f713845722213cc90028573852

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter