(RHSA-2016:2696) Moderate: atomic-openshift security and bug fix update

2016-11-1518:10:17

access.redhat.com

EPSS

0.001

Percentile

30.6%

JSON

Red Hat OpenShift Container Platform is the company’s cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or private
cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform release 3.3.1.4. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHBA-2016:2697

Security Fix(es):

The OpenShift Container Platform 3 router does not properly sort routes when processing newly added routes. An attacker with access to create routes can potentially overwrite existing routes and redirect network traffic for other users to their own site. (CVE-2016-8631)

This issue was discovered by Jordan Liggitt (Red Hat).

All OpenShift Container Platform 3 users are advised to upgrade to these updated packages and images.

OSVersionArchitecturePackageVersionFilename
RedHat7x86_64atomic-openshift< 3.3.1.4-1.git.0.7c8657c.el7atomic-openshift-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat7x86_64atomic-openshift-node< 3.3.1.4-1.git.0.7c8657c.el7atomic-openshift-node-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat7x86_64atomic-openshift-master< 3.3.1.4-1.git.0.7c8657c.el7atomic-openshift-master-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat7x86_64atomic-openshift-sdn-ovs< 3.3.1.4-1.git.0.7c8657c.el7atomic-openshift-sdn-ovs-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat7x86_64atomic-openshift-pod< 3.3.1.4-1.git.0.7c8657c.el7atomic-openshift-pod-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat7x86_64atomic-openshift-tests< 3.3.1.4-1.git.0.7c8657c.el7atomic-openshift-tests-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat7x86_64atomic-openshift-dockerregistry< 3.3.1.4-1.git.0.7c8657c.el7atomic-openshift-dockerregistry-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat7x86_64tuned-profiles-atomic-openshift-node< 3.3.1.4-1.git.0.7c8657c.el7tuned-profiles-atomic-openshift-node-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat7x86_64atomic-openshift-clients< 3.3.1.4-1.git.0.7c8657c.el7atomic-openshift-clients-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat7x86_64atomic-openshift-clients-redistributable< 3.3.1.4-1.git.0.7c8657c.el7atomic-openshift-clients-redistributable-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	x86_64	atomic-openshift	< 3.3.1.4-1.git.0.7c8657c.el7	atomic-openshift-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat	7	x86_64	atomic-openshift-node	< 3.3.1.4-1.git.0.7c8657c.el7	atomic-openshift-node-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat	7	x86_64	atomic-openshift-master	< 3.3.1.4-1.git.0.7c8657c.el7	atomic-openshift-master-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat	7	x86_64	atomic-openshift-sdn-ovs	< 3.3.1.4-1.git.0.7c8657c.el7	atomic-openshift-sdn-ovs-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat	7	x86_64	atomic-openshift-pod	< 3.3.1.4-1.git.0.7c8657c.el7	atomic-openshift-pod-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat	7	x86_64	atomic-openshift-tests	< 3.3.1.4-1.git.0.7c8657c.el7	atomic-openshift-tests-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat	7	x86_64	atomic-openshift-dockerregistry	< 3.3.1.4-1.git.0.7c8657c.el7	atomic-openshift-dockerregistry-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat	7	x86_64	tuned-profiles-atomic-openshift-node	< 3.3.1.4-1.git.0.7c8657c.el7	tuned-profiles-atomic-openshift-node-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat	7	x86_64	atomic-openshift-clients	< 3.3.1.4-1.git.0.7c8657c.el7	atomic-openshift-clients-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm
RedHat	7	x86_64	atomic-openshift-clients-redistributable	< 3.3.1.4-1.git.0.7c8657c.el7	atomic-openshift-clients-redistributable-3.3.1.4-1.git.0.7c8657c.el7.x86_64.rpm

EPSS

0.001

Percentile

30.6%

JSON

Related for RHSA-2016:2696