Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2022:4947 - Security Advisory
Issued:
2022-06-17
Updated:
2022-06-17

RHSA-2022:4947 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: OpenShift Container Platform 4.6.59 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 4.6.59 is now available with
updates to packages and images that fix several bugs and add enhancements.

This release includes a security update for Red Hat OpenShift Container Platform 4.6.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.59. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHBA-2022:4948

Security Fix(es):

  • credentials: Stored XSS vulnerabilities in jenkins plugin

(CVE-2022-29036)

  • subversion: Stored XSS vulnerabilities in Jenkins subversion plugin

(CVE-2022-29046)

  • cri-o: memory exhaustion on the node when access to the kube api

(CVE-2022-1708)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

All OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html

Solution

For OpenShift Container Platform 4.6 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html

Affected Products

  • Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.6 for RHEL 7 x86_64
  • Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8 s390x

Fixes

  • BZ - 2074847 - CVE-2022-29036 credentials: Stored XSS vulnerabilities in jenkins plugin
  • BZ - 2074851 - CVE-2022-29046 subversion: Stored XSS vulnerabilities in Jenkins subversion plugin
  • BZ - 2085361 - CVE-2022-1708 cri-o: memory exhaustion on the node when access to the kube api

CVEs

  • CVE-2022-1708
  • CVE-2022-29036
  • CVE-2022-29046

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenShift Container Platform 4.6 for RHEL 8

SRPM
conmon-2.0.21-3.rhaos4.6.el8.src.rpm SHA-256: a3ead7749505b31271c38ff31c4d430745103a970bfbebb6b259f30129cf89b2
cri-o-1.19.7-2.rhaos4.6.git3c20b65.el8.src.rpm SHA-256: 19d68fbd8e06766c2dfff107a7cdb594ea724ee6b68f8677545c5b83507a3540
cri-tools-1.19.0-7.el8.src.rpm SHA-256: b91da3ce941de484738fff951163623fcc39cbad071f7b649082ce5e930783ec
ignition-2.6.0-9.rhaos4.6.git947598e.el8.src.rpm SHA-256: b23e6618e63d6a32e75b5ef4598cfb08ea9b1fe4cb50278fd8bc50a30bb7e1fe
jenkins-2-plugins-4.6.1653312933-1.el8.src.rpm SHA-256: 4a5bcd60cce5d469b3affc9ef746f871bbc4962f183a04fc80bc01b9630b6a9d
openshift-4.6.0-202205181042.p0.g8203b20.assembly.stream.el8.src.rpm SHA-256: abb8e4c8f330558ca950428a79c4ec91e503688d96e304e438cb94320771fb77
x86_64
conmon-2.0.21-3.rhaos4.6.el8.x86_64.rpm SHA-256: c673ca66a0ac7763ca0f1bdac5f5dfc039525dad8c1fcd02ae3493b956e48e92
cri-o-1.19.7-2.rhaos4.6.git3c20b65.el8.x86_64.rpm SHA-256: 7e0f3d802b949288ae112147af1811251476aa41b000b74604b438388ee3859c
cri-o-debuginfo-1.19.7-2.rhaos4.6.git3c20b65.el8.x86_64.rpm SHA-256: 3185ffca5ad5c614ea40bf7b113bc4ae1ed0f6f7f6b9c7902dcb8c4e9cd08f7f
cri-o-debugsource-1.19.7-2.rhaos4.6.git3c20b65.el8.x86_64.rpm SHA-256: 133e2d1017c152887136c38268b55f200ca6f06e2ff4ef1e79dd62b30232bff7
cri-tools-1.19.0-7.el8.x86_64.rpm SHA-256: d1066b2196041712eb4d08b4b7a95dadbce78c430d5694ec5f71af0ed5f1845b
cri-tools-debuginfo-1.19.0-7.el8.x86_64.rpm SHA-256: 8fe5a740f24082d608d5740d19407e7ab9ec2ac8d4ecdd5e516f91f35dafe9b0
cri-tools-debugsource-1.19.0-7.el8.x86_64.rpm SHA-256: c364b3c222c65adca8465bf5e72c660c51f1c4e754fe0b7035becca3f3447401
ignition-2.6.0-9.rhaos4.6.git947598e.el8.x86_64.rpm SHA-256: 56e47668b7b505b702d988e6a6a9bd6226f4e308dd0ff131d69f7cafc732c185
ignition-debuginfo-2.6.0-9.rhaos4.6.git947598e.el8.x86_64.rpm SHA-256: 1d8935087097732626803f48186cbc124e9777907fa6577aabee204e181d1dd6
ignition-debugsource-2.6.0-9.rhaos4.6.git947598e.el8.x86_64.rpm SHA-256: 5a475c0afbe51b8c3eabf06c382a38b3eb5686e98714982044afc69be4acd6e3
ignition-validate-2.6.0-9.rhaos4.6.git947598e.el8.x86_64.rpm SHA-256: dcb1e3332204aaf0b2ddf0797a54795d15d6d49f25388db0071fda4d5c6dda49
ignition-validate-debuginfo-2.6.0-9.rhaos4.6.git947598e.el8.x86_64.rpm SHA-256: d4f2c2ba4bf07ddecfb6c0bb978ab6c82beb5c41c8ecbaf4135e5a5f48320626
jenkins-2-plugins-4.6.1653312933-1.el8.noarch.rpm SHA-256: c09748174f9fa7631a22f11d020c854b258c34081a7269cdf91817c864eb1625
openshift-hyperkube-4.6.0-202205181042.p0.g8203b20.assembly.stream.el8.x86_64.rpm SHA-256: 500c0316851a96ab6a706e9a496fed9271cc8b34d08273c3e36f6cc38d016825

Red Hat OpenShift Container Platform 4.6 for RHEL 7

SRPM
conmon-2.0.21-3.rhaos4.6.el7.src.rpm SHA-256: 6ff79d7f7b78f1a64247830bc2281bea0f59ec28f5f695a0420477899cbcb647
cri-o-1.19.7-2.rhaos4.6.git3c20b65.el7.src.rpm SHA-256: f5db0933d981ed0dc1b1a90e17ac098e9e984d575fe6e35ae4e054de1fed5e90
openshift-4.6.0-202205181042.p0.g8203b20.assembly.stream.el7.src.rpm SHA-256: a2596cb807a46128bf07ba3c4a1a49e5af1a2daffce167d13facb32bd1a7a698
x86_64
conmon-2.0.21-3.rhaos4.6.el7.x86_64.rpm SHA-256: 910a770b6f7f2966805922aefd972ac05caa4d396fba5a62f16dc26e0bbd1189
cri-o-1.19.7-2.rhaos4.6.git3c20b65.el7.x86_64.rpm SHA-256: d26d52f2328d9955e760bb3155670e05fb218c9cf2dea04e4429ae5b0ff875e3
cri-o-debuginfo-1.19.7-2.rhaos4.6.git3c20b65.el7.x86_64.rpm SHA-256: 20486c1bd60d2737fb0da234bcd53a86ce0a71b04e38d22b2f8889207a5b3e0f
openshift-hyperkube-4.6.0-202205181042.p0.g8203b20.assembly.stream.el7.x86_64.rpm SHA-256: 4a40bfef9d75b9ba1f051c59769b9d1657838a0a5889d751d2ec964b7729c23f

Red Hat OpenShift Container Platform for Power 4.6 for RHEL 8

SRPM
conmon-2.0.21-3.rhaos4.6.el8.src.rpm SHA-256: a3ead7749505b31271c38ff31c4d430745103a970bfbebb6b259f30129cf89b2
cri-o-1.19.7-2.rhaos4.6.git3c20b65.el8.src.rpm SHA-256: 19d68fbd8e06766c2dfff107a7cdb594ea724ee6b68f8677545c5b83507a3540
cri-tools-1.19.0-7.el8.src.rpm SHA-256: b91da3ce941de484738fff951163623fcc39cbad071f7b649082ce5e930783ec
ignition-2.6.0-9.rhaos4.6.git947598e.el8.src.rpm SHA-256: b23e6618e63d6a32e75b5ef4598cfb08ea9b1fe4cb50278fd8bc50a30bb7e1fe
jenkins-2-plugins-4.6.1653312933-1.el8.src.rpm SHA-256: 4a5bcd60cce5d469b3affc9ef746f871bbc4962f183a04fc80bc01b9630b6a9d
openshift-4.6.0-202205181042.p0.g8203b20.assembly.stream.el8.src.rpm SHA-256: abb8e4c8f330558ca950428a79c4ec91e503688d96e304e438cb94320771fb77
ppc64le
conmon-2.0.21-3.rhaos4.6.el8.ppc64le.rpm SHA-256: d5ec0714a9fdfec96f77584794cee0dd63d01c7c0519a53f9d8256f5c7f858ab
cri-o-1.19.7-2.rhaos4.6.git3c20b65.el8.ppc64le.rpm SHA-256: 1f0946b635cfb46b375fe12c21efd1fa1eff0a94e502ac860384a0739148fe62
cri-o-debuginfo-1.19.7-2.rhaos4.6.git3c20b65.el8.ppc64le.rpm SHA-256: 879d3114404b5153ebe01c06d575d8b4b8db6a723dc9cfea591ae0dc44f605a6
cri-o-debugsource-1.19.7-2.rhaos4.6.git3c20b65.el8.ppc64le.rpm SHA-256: aa42866dec3bb996241d5938318f8d035ca442b850ccdd21e1e4e8ad7cfdbee1
cri-tools-1.19.0-7.el8.ppc64le.rpm SHA-256: a775ea75b8144a77ad999518c79c4873fb117d24246abb76d0334650c05d819e
cri-tools-debuginfo-1.19.0-7.el8.ppc64le.rpm SHA-256: 984e83622a6842eb19168169ccbbeca7b98cfb16730b16fd68b87f8ea17b265a
cri-tools-debugsource-1.19.0-7.el8.ppc64le.rpm SHA-256: c480abeb6d97da4ca8fd0ce6ba75c460a64043f153c45d31f0b1e1baee65f08f
ignition-2.6.0-9.rhaos4.6.git947598e.el8.ppc64le.rpm SHA-256: ec4c034ef512b06383e3a2c031240a0357c1dc0ccef045c0abd37d424a4c6d07
ignition-debuginfo-2.6.0-9.rhaos4.6.git947598e.el8.ppc64le.rpm SHA-256: 4b4d9e6df4ef546bbca99e01afb21e4cc0c996657470b643beb6f5b7e5b6c210
ignition-debugsource-2.6.0-9.rhaos4.6.git947598e.el8.ppc64le.rpm SHA-256: a162b8a995efc056b9eed992449aa4d2d1a48a3566fbb61f3fda638025f860df
ignition-validate-2.6.0-9.rhaos4.6.git947598e.el8.ppc64le.rpm SHA-256: 0202c90bedd56b5d8512ebd4f9bf38e016d16fe690443b9418825dba85c12a6e
ignition-validate-debuginfo-2.6.0-9.rhaos4.6.git947598e.el8.ppc64le.rpm SHA-256: 2b57572ac5c5988db011efee226ab31c1d6b4573aa0a9c05608ce0ea730fb867
jenkins-2-plugins-4.6.1653312933-1.el8.noarch.rpm SHA-256: c09748174f9fa7631a22f11d020c854b258c34081a7269cdf91817c864eb1625
openshift-hyperkube-4.6.0-202205181042.p0.g8203b20.assembly.stream.el8.ppc64le.rpm SHA-256: e1ae6dec9b22efca5eeb64d2b0d179dfc3fbed711776622bafef3e03e470c05e

Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.6 for RHEL 8

SRPM
conmon-2.0.21-3.rhaos4.6.el8.src.rpm SHA-256: a3ead7749505b31271c38ff31c4d430745103a970bfbebb6b259f30129cf89b2
cri-o-1.19.7-2.rhaos4.6.git3c20b65.el8.src.rpm SHA-256: 19d68fbd8e06766c2dfff107a7cdb594ea724ee6b68f8677545c5b83507a3540
cri-tools-1.19.0-7.el8.src.rpm SHA-256: b91da3ce941de484738fff951163623fcc39cbad071f7b649082ce5e930783ec
ignition-2.6.0-9.rhaos4.6.git947598e.el8.src.rpm SHA-256: b23e6618e63d6a32e75b5ef4598cfb08ea9b1fe4cb50278fd8bc50a30bb7e1fe
jenkins-2-plugins-4.6.1653312933-1.el8.src.rpm SHA-256: 4a5bcd60cce5d469b3affc9ef746f871bbc4962f183a04fc80bc01b9630b6a9d
openshift-4.6.0-202205181042.p0.g8203b20.assembly.stream.el8.src.rpm SHA-256: abb8e4c8f330558ca950428a79c4ec91e503688d96e304e438cb94320771fb77
s390x
conmon-2.0.21-3.rhaos4.6.el8.s390x.rpm SHA-256: 191a90e095e9b76b10743637feba771b50dc9e1e733e0e6cd0bd3e34bd92f4b5
cri-o-1.19.7-2.rhaos4.6.git3c20b65.el8.s390x.rpm SHA-256: e206086fc956c68cd6a68c0be34f28d5fd4419fa08822371171e1a793c770cbf
cri-o-debuginfo-1.19.7-2.rhaos4.6.git3c20b65.el8.s390x.rpm SHA-256: e95d0ba627a9b87027c5991f1d3bac9e9191efbe4df276d34103c050d33dc7d3
cri-o-debugsource-1.19.7-2.rhaos4.6.git3c20b65.el8.s390x.rpm SHA-256: 7466060b8d1f9f858869350f673c6857343d8e7bb57d2ee2c20100b007548ff7
cri-tools-1.19.0-7.el8.s390x.rpm SHA-256: db9f292b8cb97a900bc1dfbc7e61bf7b129b7d5ebb0b2b7b2e2e491b090742d6
cri-tools-debuginfo-1.19.0-7.el8.s390x.rpm SHA-256: 6c8650d4d7ca430349bfc6f25075490f06072ec9c8ea894699f7e590314a6b40
cri-tools-debugsource-1.19.0-7.el8.s390x.rpm SHA-256: c54f7f9bbebf5c07dcf7618458ba5b309ca8ac56ab5628f8abdb7e047771161f
ignition-2.6.0-9.rhaos4.6.git947598e.el8.s390x.rpm SHA-256: f736633f85c842d01d9cf9bc3db0736d8a90543222aaaa3ed86aaad66255c2ee
ignition-debuginfo-2.6.0-9.rhaos4.6.git947598e.el8.s390x.rpm SHA-256: 588a08ffa262ec2b8e9fcfaeec5972864b22c2afd8accaf638d6fc97e3abc138
ignition-debugsource-2.6.0-9.rhaos4.6.git947598e.el8.s390x.rpm SHA-256: b04f60a0bbaaf61286eed748ecbac415d82849b4aa1326c988c4bea55f7c60fb
ignition-validate-2.6.0-9.rhaos4.6.git947598e.el8.s390x.rpm SHA-256: 37d974c07d9e4fff7e5f1b856efe8783fc74899ae14d38bd024da392c9d5c0eb
ignition-validate-debuginfo-2.6.0-9.rhaos4.6.git947598e.el8.s390x.rpm SHA-256: 129391ab5706a63452409f88b80c8eed1d33b44cf93cd61d7e7263fd65997a58
jenkins-2-plugins-4.6.1653312933-1.el8.noarch.rpm SHA-256: c09748174f9fa7631a22f11d020c854b258c34081a7269cdf91817c864eb1625
openshift-hyperkube-4.6.0-202205181042.p0.g8203b20.assembly.stream.el8.s390x.rpm SHA-256: 963c223b77b8845147d56cc0ab49eb20f6f2a9fdaf59f32325dee1744435b028

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Terms of Use
  • All Policies and Guidelines
We've updated our <a href='http://www.redhat.com/en/about/privacy-policy' class='privacy-policy'>Privacy Statement</a> effective September 15, 2023.
Red Hat Summit Red Hat Summit
Twitter