Moderate: Red Hat Bug Fix Advisory: Red Hat OpenShift Container Platform 3.9 RPM Release Advisory

Red Hat OpenShift Container Platform 3.9, which fixes several bugs and includes various enhancements, is now available. Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The OpenShift...

atomic-openshift: image import whitelist can be bypassed by creating an imagestream or using oc tag

The OpenShift image import whitelist failed to enforce restrictions correctly when running commands such as "oc tag", for example. This could allow a user with access to OpenShift to run images from registries that should not be allowed...

atomic-openshift: cluster-reader can escalate to creating builds via webhooks in any project

An improper authorization flaw in the atomic-openshift component of Openshift Container Platform 3.7 and earlier allows a user with cluster-reader project viewer permissions to trigger an application build. An attacker could use this flaw to trigger a build of an application when that should be...

CVE-2018-1085

OpenShift and Atomic Enterprise Ansible deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCDCLIENTCERTAUTH and ETCDPEERCLIENTCERTAUTH in etcd.conf result in etcd being configured to allow remote users to conne...

Red Hat OpenShift Enterprise Elevation of Privilege Vulnerability

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that builds, tests, deploys, and runs applications.OpenShift Enterprise is an open source version of the private cloud. A security vulnerability exists in Red Hat OpenShift Enterprise version 3.7. An...

Important: Red Hat Security Advisory: Red Hat OpenShift Container Platform security update

An update is now available for Red Hat OpenShift Container Platform 3.7, 3.6, 3.5, 3.4, and 3.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2018-1069

Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. An attacker could override the UserId and GroupId for GlusterFS and NFS to read and write any data on the network filesystem...

Design/Logic Flaw

Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. An attacker could override the UserId and GroupId for GlusterFS and NFS to read and write any data on the network filesystem...

CVE-2018-1069

Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. An attacker could override the UserId and GroupId for GlusterFS and NFS to read and write any data on the network filesystem...

CVE-2018-1069

Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. An attacker could override the UserId and GroupId for GlusterFS and NFS to read and write any data on the network filesystem...

CVE-2018-1069

OpenShift OpenShift Enterprise 3.7 is affected by CVE-2018-1069, where container network filesystems (GlusterFS/NFS) can have their UserID/GroupID restrictions overridden because Openshift does not validate them before transmission over the network. This can allow an attacker to read or write arb...

CVE-2018-1069

GlusterFS and NFS network filesystems rely on File System User ID and Group ID information in order to restrict access to file shares. However, it's possible to overwrite the Openshift restrictions on container UserId and GroupdId as they are not validated before being sent over the Openshift...

[SECURITY] Fedora 27 Update: heketi-5.0.1-1.fc27

Heketi provides a RESTful management interface which can be used to manage the life cycle of GlusterFS volumes. With Heketi, cloud services like OpenStack Manila, Kubernetes, and OpenShift can dynamically provision GlusterFS volumes with any of the supported durability types. Heketi will...

[SECURITY] Fedora 26 Update: heketi-5.0.1-1.fc26

Heketi provides a RESTful management interface which can be used to manage the life cycle of GlusterFS volumes. With Heketi, cloud services like OpenStack Manila, Kubernetes, and OpenShift can dynamically provision GlusterFS volumes with any of the supported durability types. Heketi will...

CVE-2013-4364

1 oo-analytics-export and 2 oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attack on an unspecified file in /tmp...

Design/Logic Flaw

1 oo-analytics-export and 2 oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attack on an unspecified file in /tmp...

CVE-2013-4364

The provided documents identify CVE-2013-4364 as a local-privilege issue in Red Hat OpenShift Enterprise (1/2) affecting oo-analytics-export and oo-analytics-import within the openshift-origin-broker-util package. The root cause is described as a symlink attack on an unspecified file in /tmp, ena...

CVE-2013-4364

1 oo-analytics-export and 2 oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attack on an unspecified file in /tmp...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Enterprise security, bug fix, and enhancement update

An update is now available for Red Hat OpenShift Container Platform 3.4, Red Hat OpenShift Container Platform 3.5, and Red Hat OpenShift Container Platform 3.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Container Platform 3.7 security, bug, and enhancement update

An update is now available for Red Hat OpenShift Container Platform 3.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...