(RHSA-2015:1650) Important: openshift security update

2015-08-20T23:17:04
ID RHSA-2015:1650
Type redhat
Reporter RedHat
Modified 2018-03-19T16:27:53

Description

Red Hat OpenShift Enterprise is a cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.

An improper permission check issue was discovered in the server admission control component in OpenShift. A user with build permissions could use this flaw to execute arbitrary shell commands on a build pod with the privileges of the root user. (CVE-2015-5222)

This issue was discovered by Cesar Wong of the Red Hat OpenShift Enterprise Team.

All OpenShift Enterprise users are advised to upgrade to these updated packages, which correct this issue.