OpenShift Enterprise by Red Hat is the company’s cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or
private cloud deployments.
An access flaw was discovered in OpenShift; the
/etc/origin/master/master-config.yaml configuration file, which could
contain Active Directory credentials, was world-readable. A local user
could exploit this flaw to obtain authentication credentials from the
master-config.yaml file. (CVE-2016-2142)
If you believe that the password in this file has been viewed by an
attacker you should reset the password after installing this update.
All installations with Active Directory integration are advised to upgrade
to the updated software, which contains a backported patch to correct this
issue.
This update includes the following images:
openshift3/ose:v3.1.1.6-19
openshift3/ose-deployer:v3.1.1.6-18
openshift3/ose-docker-builder:v3.1.1.6-17
openshift3/ose-f5-router:v3.1.1.6-18
openshift3/ose-sti-builder:v3.1.1.6-17
openshift3/node:v3.1.1.6-18
aep3_beta/aep-deployer:v3.1.1.6-18
aep3_beta/aep-f5-router:v3.1.1.6-18
aep3_beta/aep:v3.1.1.6-19
aep3_beta/node:v3.1.1.6-18