(RHSA-2016:0070) Important: Red Hat OpenShift Enterprise 3.1.1 bug fix and enhancement update

OpenShift Enterprise by Red Hat is the company’s cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or
private cloud deployments.

The following security issues are addressed with this release:

An authorization flaw was discovered in Kubernetes; the API server
did not properly check user permissions when handling certain
requests. An authenticated remote attacker could use this flaw to
gain additional access to resources such as RAM and disk space.
(CVE-2016-1905)

An authorization flaw was discovered in Kubernetes; the API server
did not properly check user permissions when handling certain build-
configuration strategies. A remote attacker could create build
configurations with strategies that violate policy. Although the
attacker could not launch the build themselves (launch fails when
the policy is violated), if the build configuration files were later
launched by other privileged services (such as automated triggers),
user privileges could be bypassed allowing attacker escalation.
(CVE-2016-1906)

An update for Jenkins Continuous Integration Server that addresses a
large number of security issues including XSS, CSRF, information
disclosure and code execution have been addressed as well.
(CVE-2013-2186, CVE-2014-1869, CVE-2014-3661, CVE-2014-3662
CVE-2014-3663, CVE-2014-3664, CVE-2014-3666, CVE-2014-3667
CVE-2014-3680, CVE-2014-3681, CVE-2015-1806, CVE-2015-1807
CVE-2015-1808, CVE-2015-1810, CVE-2015-1812, CVE-2015-1813
CVE-2015-1814, CVE-2015-5317, CVE-2015-5318, CVE-2015-5319
CVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323
CVE-2015-5324, CVE-2015-5325, CVE-2015-5326 ,CVE-2015-7537
CVE-2015-7538, CVE-2015-7539, CVE-2015-8103)

Space precludes documenting all of the bug fixes and enhancements in
this advisory. See the OpenShift Enterprise 3.1 Release Notes, which
will be updated shortly for release 3.1.1, for details about these
changes:

https://docs.openshift.com/enterprise/3.1/release_notes/ose_3_1_release_notes.html

All OpenShift Enterprise 3 users are advised to upgrade to these
updated packages.