rubygem-openshift-origin-node is vulnerable to denial of service. OpenShift uses /etc/cron.daily/openshift-origin-cron-daily
to run daily scheduled jobs, which will run all users’ cron.daily
content. These cron.daily
jobs will prevent further jobs from running in a timely manner if the cron.daily
content takes a long time to run.
access.redhat.com/errata/RHBA-2014:0487
access.redhat.com/security/cve/CVE-2014-0084
access.redhat.com/security/cve/CVE-2014-0175
access.redhat.com/security/cve/CVE-2014-0234
access.redhat.com/site/documentation/en-US/OpenShift_Enterprise/2/
bugzilla.redhat.com/show_bug.cgi?id=1065198
bugzilla.redhat.com/show_bug.cgi?id=1065409
bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0084
rhn.redhat.com/errata/RHBA-2014-0487.html