(RHSA-2020:3519) Important: OpenShift Container Platform 4.5.7 jenkins and openshift packages security update

2020-08-2414:33:15

access.redhat.com

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

20.8%

JSON

Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron.

Security Fix(es):

jenkins: Stored XSS vulnerability in job build time trend (CVE-2020-2220)
jenkins: Stored XSS vulnerability in upstream cause (CVE-2020-2221)
jenkins: Stored XSS vulnerability in ‘keep forever’ badge icons (CVE-2020-2222)
jenkins: Stored XSS vulnerability in console links (CVE-2020-2223)
kubernetes: Node disk DOS by writing to container /etc/hosts (CVE-2020-8557)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8ppc64leopenshift-hyperkube< 4.5.0-202008130146.p0.git.0.aaf1d57.el8openshift-hyperkube-4.5.0-202008130146.p0.git.0.aaf1d57.el8.ppc64le.rpm
RedHat7s390xopenshift-hyperkube< 4.5.0-202008130146.p0.git.0.aaf1d57.el7openshift-hyperkube-4.5.0-202008130146.p0.git.0.aaf1d57.el7.s390x.rpm
RedHat8s390xopenshift-hyperkube< 4.5.0-202008130146.p0.git.0.aaf1d57.el8openshift-hyperkube-4.5.0-202008130146.p0.git.0.aaf1d57.el8.s390x.rpm
RedHat8x86_64openshift-hyperkube< 4.5.0-202008130146.p0.git.0.aaf1d57.el8openshift-hyperkube-4.5.0-202008130146.p0.git.0.aaf1d57.el8.x86_64.rpm
RedHat7noarchjenkins< 2.235.2.1597312414-1.el7jenkins-2.235.2.1597312414-1.el7.noarch.rpm
RedHat7ppc64leopenshift-hyperkube< 4.5.0-202008130146.p0.git.0.aaf1d57.el7openshift-hyperkube-4.5.0-202008130146.p0.git.0.aaf1d57.el7.ppc64le.rpm
RedHat7x86_64openshift-hyperkube< 4.5.0-202008130146.p0.git.0.aaf1d57.el7openshift-hyperkube-4.5.0-202008130146.p0.git.0.aaf1d57.el7.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	ppc64le	openshift-hyperkube	< 4.5.0-202008130146.p0.git.0.aaf1d57.el8	openshift-hyperkube-4.5.0-202008130146.p0.git.0.aaf1d57.el8.ppc64le.rpm
RedHat	7	s390x	openshift-hyperkube	< 4.5.0-202008130146.p0.git.0.aaf1d57.el7	openshift-hyperkube-4.5.0-202008130146.p0.git.0.aaf1d57.el7.s390x.rpm
RedHat	8	s390x	openshift-hyperkube	< 4.5.0-202008130146.p0.git.0.aaf1d57.el8	openshift-hyperkube-4.5.0-202008130146.p0.git.0.aaf1d57.el8.s390x.rpm
RedHat	8	x86_64	openshift-hyperkube	< 4.5.0-202008130146.p0.git.0.aaf1d57.el8	openshift-hyperkube-4.5.0-202008130146.p0.git.0.aaf1d57.el8.x86_64.rpm
RedHat	7	noarch	jenkins	< 2.235.2.1597312414-1.el7	jenkins-2.235.2.1597312414-1.el7.noarch.rpm
RedHat	7	ppc64le	openshift-hyperkube	< 4.5.0-202008130146.p0.git.0.aaf1d57.el7	openshift-hyperkube-4.5.0-202008130146.p0.git.0.aaf1d57.el7.ppc64le.rpm
RedHat	7	x86_64	openshift-hyperkube	< 4.5.0-202008130146.p0.git.0.aaf1d57.el7	openshift-hyperkube-4.5.0-202008130146.p0.git.0.aaf1d57.el7.x86_64.rpm