(RHSA-2019:4075) Moderate: OpenShift Container Platform 4.2 library-go security update

Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the ose-cluster-kube-apiserver-operator-container and ose-cluster-kube-scheduler-operator-container images for Red Hat OpenShift Container Platform 4.2.9. These images have been rebuilt with an updated version of openshift/library-go to address the below security issue.

Security Fix(es):

• OpenShift Container Platform 4 did not sanitize secret data written to static Pod logs when an Operator’s log level was set to Debug or higher. A low privileged user could read Pod logs to discover secret material if the log level had already been modified in an Operator by a privileged user. (CVE-2019-14854)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.