(RHSA-2020:1937) Moderate: OpenShift Container Platform 4.4.3 cri-o security update

ID RHSA-2020:1937
Type redhat
Reporter RedHat
Modified 2020-05-04T14:00:25


Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

Security Fix(es):

  • proglottis/gpgme: Use-after-free in GPGME bindings during container image pull (CVE-2020-8945)

  • containers/image: Container images read entire image manifest into memory (CVE-2020-1702)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.