(RHSA-2014:0487) Important: Red Hat OpenShift Enterprise 2.1 Release Advisory

2014-05-1300:00:00

access.redhat.com

EPSS

0.027

Percentile

90.5%

JSON

OpenShift Enterprise by Red Hat is the company’s cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or private
cloud deployments.

It was discovered that openshift-origin-broker configured several default
user names and passwords for services if no user name or password was
specified during installation. A remote attacker could use these default
user names and passwords to access various parts of the OpenShift
Enterprise installation with the privileges of an administrative user.
(CVE-2014-0234)

This issue was discovered by Kurt Seifried of the Red Hat Security
Response Team.

The OpenShift Enterprise 2.1 Release Notes provide information about new
features and notable technical changes in this release, as well as notes on
initial installations. For more information about OpenShift Enterprise,
see the documentation available at:

https://access.redhat.com/site/documentation/en-US/OpenShift_Enterprise/2/

All OpenShift Enterprise users are advised to upgrade to release 2.1.

OSVersionArchitecturePackageVersionFilename
RedHat6noarchrubygem-net-scp< 1.1.2-2.el6oprubygem-net-scp-1.1.2-2.el6op.noarch.rpm
RedHat6x86_64gd-debuginfo< 2.0.35-11.el6gd-debuginfo-2.0.35-11.el6.x86_64.rpm
RedHat6noarchrubygem-spruz< 0.2.5-4.el6oprubygem-spruz-0.2.5-4.el6op.noarch.rpm
RedHat6noarchperl-dbix-contextualfetch< 1.03-7.el6opperl-DBIx-ContextualFetch-1.03-7.el6op.noarch.rpm
RedHat6srcperl-app-cpanminus< 1.4008-1.el6opperl-App-cpanminus-1.4008-1.el6op.src.rpm
RedHat6srcopenshift-origin-cartridge-php< 1.23.3.4-1.el6opopenshift-origin-cartridge-php-1.23.3.4-1.el6op.src.rpm
RedHat6srcphp-pear-mdb2< 2.5.0-0.3.b3.el6opphp-pear-MDB2-2.5.0-0.3.b3.el6op.src.rpm
RedHat6x86_64ruby193-ruby-selinux-debuginfo< 2.0.94-3.el6opruby193-ruby-selinux-debuginfo-2.0.94-3.el6op.x86_64.rpm
RedHat6x86_64libwebp-devel< 0.3.0-2.el6oplibwebp-devel-0.3.0-2.el6op.x86_64.rpm
RedHat6srcrubygem-passenger< 3.0.21-9.el6oprubygem-passenger-3.0.21-9.el6op.src.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	6	noarch	rubygem-net-scp	< 1.1.2-2.el6op	rubygem-net-scp-1.1.2-2.el6op.noarch.rpm
RedHat	6	x86_64	gd-debuginfo	< 2.0.35-11.el6	gd-debuginfo-2.0.35-11.el6.x86_64.rpm
RedHat	6	noarch	rubygem-spruz	< 0.2.5-4.el6op	rubygem-spruz-0.2.5-4.el6op.noarch.rpm
RedHat	6	noarch	perl-dbix-contextualfetch	< 1.03-7.el6op	perl-DBIx-ContextualFetch-1.03-7.el6op.noarch.rpm
RedHat	6	src	perl-app-cpanminus	< 1.4008-1.el6op	perl-App-cpanminus-1.4008-1.el6op.src.rpm
RedHat	6	src	openshift-origin-cartridge-php	< 1.23.3.4-1.el6op	openshift-origin-cartridge-php-1.23.3.4-1.el6op.src.rpm
RedHat	6	src	php-pear-mdb2	< 2.5.0-0.3.b3.el6op	php-pear-MDB2-2.5.0-0.3.b3.el6op.src.rpm
RedHat	6	x86_64	ruby193-ruby-selinux-debuginfo	< 2.0.94-3.el6op	ruby193-ruby-selinux-debuginfo-2.0.94-3.el6op.x86_64.rpm
RedHat	6	x86_64	libwebp-devel	< 0.3.0-2.el6op	libwebp-devel-0.3.0-2.el6op.x86_64.rpm
RedHat	6	src	rubygem-passenger	< 3.0.21-9.el6op	rubygem-passenger-3.0.21-9.el6op.src.rpm

Rows per page:

1-10 of 6871

EPSS

0.027

Percentile

90.5%

JSON

Related for RHSA-2014:0487