FERRAMENTAS LINUX: Atualização Moderada de segurança da Red Hat para o OpenShift Container Platform 4.6 , aviso RedHat: RHSA-2021-0436: 01

terça-feira, 16 de fevereiro de 2021

Atualização Moderada de segurança da Red Hat para o OpenShift Container Platform 4.6 , aviso RedHat: RHSA-2021-0436: 01

 

Confira !!


Uma atualização para compliance-content-container, ose-compliance-openscap-container, ose-compliance-operator-container e ose-compliance-operator-metadata-container agora está disponível para Red Hat OpenShift Container Platform 4.6.

----- BEGIN PGP ASSIGNED MESSAGE -----

Hash: SHA256


========================================================== =====================

                   Aviso de segurança da Red Hat


Sinopse: Moderado: segurança do operador de conformidade e atualização de correção de bug do OpenShift Container Platform 4.6

ID consultivo: RHSA-2021: 0436-01

Produto: Red Hat OpenShift Enterprise

URL de aviso: https://access.redhat.com/errata/RHSA-2021:0436

Data de emissão: 2021-02-16

Nomes CVE: CVE-2018-20843 CVE-2019-1551 CVE-2019-5018 

                   CVE-2019-8625 CVE-2019-8710 CVE-2019-8720 

                   CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 

                   CVE-2019-8769 CVE-2019-8771 CVE-2019-8782 

                   CVE-2019-8783 CVE-2019-8808 CVE-2019-8811 

                   CVE-2019-8812 CVE-2019-8813 CVE-2019-8814 

                   CVE-2019-8815 CVE-2019-8816 CVE-2019-8819 

                   CVE-2019-8820 CVE-2019-8823 CVE-2019-8835 

                   CVE-2019-8844 CVE-2019-8846 CVE-2019-11068 

                   CVE-2019-13050 CVE-2019-13627 CVE-2019-14889 

                   CVE-2019-15165 CVE-2019-15903 CVE-2019-16168 

                   CVE-2019-16935 CVE-2019-18197 CVE-2019-19221 

                   CVE-2019-19906 CVE-2019-19956 CVE-2019-20218 

                   CVE-2019-20386 CVE-2019-20387 CVE-2019-20388 

                   CVE-2019-20454 CVE-2019-20807 CVE-2019-20907 

                   CVE-2019-20916 CVE-2020-1730 CVE-2020-1751 

                   CVE-2020-1752 CVE-2020-1971 CVE-2020-3862 

                   CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 

                   CVE-2020-3868 CVE-2020-3885 CVE-2020-3894 

                   CVE-2020-3895 CVE-2020-3897 CVE-2020-3899 

                   CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 

                   CVE-2020-6405 CVE-2020-7595 CVE-2020-8177 

                   CVE-2020-8492 CVE-2020-9327 CVE-2020-9802 

                   CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 

                   CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 

                   CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 

                   CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 

                   CVE-2020-10018 CVE-2020-10029 CVE-2020-11793 

                   CVE-2020-13630 CVE-2020-13631 CVE-2020-13632 

                   CVE-2020-14382 CVE-2020-14391 CVE-2020-14422 

                   CVE-2020-15503 CVE-2020-24659 CVE-2020-28362 

========================================================== =====================


1. Resumo:


Uma atualização para compliance-content-container,

ose-compliance-openscap-container, ose-compliance-operator-container e

ose-compliance-operator-metadata-container agora está disponível para Red Hat

OpenShift Container Platform 4.6.


A Red Hat Product Security classificou esta atualização como tendo um impacto de segurança

de moderado. Uma pontuação básica do Common Vulnerability Scoring System (CVSS), que

fornece uma classificação de gravidade detalhada, está disponível para cada vulnerabilidade de

o (s) link (s) CVE na seção Referências.


2. Descrição:


Red Hat OpenShift Container Platform é a computação em nuvem da Red Hat

Solução de plataforma de aplicativo Kubernetes projetada para uso local ou privado

implantações em nuvem.


As atualizações de imagem do operador de conformidade estão agora disponíveis para OpenShift

Container Platform 4.6.


Este comunicado fornece as seguintes atualizações, entre outras:


* Aumenta o tempo de análise do perfil.

* Corrige o consumo excessivo de recursos do Operador.

* Corrige a imagem de conteúdo padrão.

* Corrige tratamento de remediação desatualizado.


Correção (ões) de segurança:


* golang: matemática / grande: pânico durante a divisão recursiva de números muito grandes

(CVE-2020-28362)


Para obter mais detalhes sobre os problemas de segurança, incluindo o impacto, um CVSS

pontuação, agradecimentos e outras informações relacionadas, consulte o CVE

página (s) listada (s) na seção Referências.


3. Solução:


Para OpenShift Container Platform 4.6, consulte a seguinte documentação, que

será atualizado em breve para este lançamento, para instruções importantes sobre como

para atualizar seu cluster e aplicar totalmente esta atualização de errata assíncrona:


https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel

easy-notes.html


Detalhes sobre como acessar este conteúdo estão disponíveis em

https://docs.openshift.com/container-platform/4.6/updating/updating-cluster

- -cli.html.


4. Bugs corrigidos (https://bugzilla.redhat.com/):


1897635 - CVE-2020-28362 golang: matemática / grande: pânico durante a divisão recursiva de números muito grandes

1918990 - As varreduras de ComplianceSuite usam imagem de conteúdo de cais para initContainer

1919135 - [OCP v46] O autoApplyRemediation pausa o machineConfigPool se houver um objeto complianceRemediation desatualizado presente

1919846 - Após a aplicação da correção, os resultados da verificação de conformidade ainda relatam o status de Falha para algumas regras

1920999 - O operador de conformidade não é exibido quando o modo desconectado é selecionado no OpenShift Web-Console.


5. Referências:


https://access.redhat.com/security/cve/CVE-2018-20843

https://access.redhat.com/security/cve/CVE-2019-1551

https://access.redhat.com/security/cve/CVE-2019-5018

https://access.redhat.com/security/cve/CVE-2019-8625

https://access.redhat.com/security/cve/CVE-2019-8710

https://access.redhat.com/security/cve/CVE-2019-8720

https://access.redhat.com/security/cve/CVE-2019-8743

https://access.redhat.com/security/cve/CVE-2019-8764

https://access.redhat.com/security/cve/CVE-2019-8766

https://access.redhat.com/security/cve/CVE-2019-8769

https://access.redhat.com/security/cve/CVE-2019-8771

https://access.redhat.com/security/cve/CVE-2019-8782

https://access.redhat.com/security/cve/CVE-2019-8783

https://access.redhat.com/security/cve/CVE-2019-8808

https://access.redhat.com/security/cve/CVE-2019-8811

https://access.redhat.com/security/cve/CVE-2019-8812

https://access.redhat.com/security/cve/CVE-2019-8813

https://access.redhat.com/security/cve/CVE-2019-8814

https://access.redhat.com/security/cve/CVE-2019-8815

https://access.redhat.com/security/cve/CVE-2019-8816

https://access.redhat.com/security/cve/CVE-2019-8819

https://access.redhat.com/security/cve/CVE-2019-8820

https://access.redhat.com/security/cve/CVE-2019-8823

https://access.redhat.com/security/cve/CVE-2019-8835

https://access.redhat.com/security/cve/CVE-2019-8844

https://access.redhat.com/security/cve/CVE-2019-8846

https://access.redhat.com/security/cve/CVE-2019-11068

https://access.redhat.com/security/cve/CVE-2019-13050

https://access.redhat.com/security/cve/CVE-2019-13627

https://access.redhat.com/security/cve/CVE-2019-14889

https://access.redhat.com/security/cve/CVE-2019-15165

https://access.redhat.com/security/cve/CVE-2019-15903

https://access.redhat.com/security/cve/CVE-2019-16168

https://access.redhat.com/security/cve/CVE-2019-16935

https://access.redhat.com/security/cve/CVE-2019-18197

https://access.redhat.com/security/cve/CVE-2019-19221

https://access.redhat.com/security/cve/CVE-2019-19906

https://access.redhat.com/security/cve/CVE-2019-19956

https://access.redhat.com/security/cve/CVE-2019-20218

https://access.redhat.com/security/cve/CVE-2019-20386

https://access.redhat.com/security/cve/CVE-2019-20387

https://access.redhat.com/security/cve/CVE-2019-20388

https://access.redhat.com/security/cve/CVE-2019-20454

https://access.redhat.com/security/cve/CVE-2019-20807

https://access.redhat.com/security/cve/CVE-2019-20907

https://access.redhat.com/security/cve/CVE-2019-20916

https://access.redhat.com/security/cve/CVE-2020-1730

https://access.redhat.com/security/cve/CVE-2020-1751

https://access.redhat.com/security/cve/CVE-2020-1752

https://access.redhat.com/security/cve/CVE-2020-1971

https://access.redhat.com/security/cve/CVE-2020-3862

https://access.redhat.com/security/cve/CVE-2020-3864

https://access.redhat.com/security/cve/CVE-2020-3865

https://access.redhat.com/security/cve/CVE-2020-3867

https://access.redhat.com/security/cve/CVE-2020-3868

https://access.redhat.com/security/cve/CVE-2020-3885

https://access.redhat.com/security/cve/CVE-2020-3894

https://access.redhat.com/security/cve/CVE-2020-3895

https://access.redhat.com/security/cve/CVE-2020-3897

https://access.redhat.com/security/cve/CVE-2020-3899

https://access.redhat.com/security/cve/CVE-2020-3900

https://access.redhat.com/security/cve/CVE-2020-3901

https://access.redhat.com/security/cve/CVE-2020-3902

https://access.redhat.com/security/cve/CVE-2020-6405

https://access.redhat.com/security/cve/CVE-2020-7595

https://access.redhat.com/security/cve/CVE-2020-8177

https://access.redhat.com/security/cve/CVE-2020-8492

https://access.redhat.com/security/cve/CVE-2020-9327

https://access.redhat.com/security/cve/CVE-2020-9802

https://access.redhat.com/security/cve/CVE-2020-9803

https://access.redhat.com/security/cve/CVE-2020-9805

https://access.redhat.com/security/cve/CVE-2020-9806

https://access.redhat.com/security/cve/CVE-2020-9807

https://access.redhat.com/security/cve/CVE-2020-9843

https://access.redhat.com/security/cve/CVE-2020-9850

https://access.redhat.com/security/cve/CVE-2020-9862

https://access.redhat.com/security/cve/CVE-2020-9893

https://access.redhat.com/security/cve/CVE-2020-9894

https://access.redhat.com/security/cve/CVE-2020-9895

https://access.redhat.com/security/cve/CVE-2020-9915

https://access.redhat.com/security/cve/CVE-2020-9925

https://access.redhat.com/security/cve/CVE-2020-10018

https://access.redhat.com/security/cve/CVE-2020-10029

https://access.redhat.com/security/cve/CVE-2020-11793

https://access.redhat.com/security/cve/CVE-2020-13630

https://access.redhat.com/security/cve/CVE-2020-13631

https://access.redhat.com/security/cve/CVE-2020-13632

https://access.redhat.com/security/cve/CVE-2020-14382

https://access.redhat.com/security/cve/CVE-2020-14391

https://access.redhat.com/security/cve/CVE-2020-14422

https://access.redhat.com/security/cve/CVE-2020-15503

https://access.redhat.com/security/cve/CVE-2020-24659

https://access.redhat.com/security/cve/CVE-2020-28362

https://access.redhat.com/security/updates/classification/#moderate


6. Contato:


O contato de segurança da Red Hat é . Mais contato

detalhes em https://access.redhat.com/security/team/contact/


Copyright 2021 Red Hat, Inc.

----- BEGIN PGP SIGNATURE -----

Versão: GnuPG v1


iQIVAwUBYCvGHtzjgjWX9erEAQgbKw / 9Had ++ A7098ddqffgX / DicKszQfZFT6Qm

iN2FfA9in0X4MvScGqGchX2hv7nqdoz + lS5 + tHI52Bp6i5ZT9bAjBx / GrETirwBw

y76qRaIr0a3I5rSirguZSs52IeGv + l00RCACfZgH / H1oFzNJY1pRjoOPy60 / prP6

P / 4l6u5CcRcTpxmEoU6XMyl + BGgk2 / 0FaWE8ZgXnnm7w / VSzvj5XymwLjE48wG3j

iGGKCCwv / zvtP / ntG + MMUkKDUpFOxtLWp2PonZKsB0ZiK5Rm87izVVxDHmXhlirP

Pgq / evTDV3SmXqjFN5K1e08cMdjpDvnjHDx0fLJrvhBlLTYczOnkLMmk72Emwsm +

xEj3q80MZ9EyMAZe33TO9kTpGRfeBUF1FenDE1k1foY6lBT2WqiH2pIypubH7X0j

BIGAnJf5swl8EGbLQUIVIA1o69dR6Zz0kvdbfm / NVMUjbRyTyaZcP1chViVGrI2h

43RH51tfvwp7lMBqFyvhtbopvmnt3egIFenrQcg0tT4v6 + eRiwz9HAfDXjeez / I6

qKJboYtU + hnEizNNOkbHPICUWD9pSFZewAV7kPIJeJ99JWzXABMUl6Ku3Ds9hojR

7MIu0W9WbzdfUSd1i53fcbPcRauXLu273xyWo402ZOQOWAHhVLA08J9YoGWYamIP

hg9Ld3UR71Q =

= 5olk

----- FIM DA ASSINATURA PGP -----


-

RHSA-announce mailing list

RHSA-announce@redhat.com

https://www.redhat.com/mailman/listinfo/rhsa-announce






Fonte

Até a próixima !!

Cezar Henrique at
Marcadores: Linux, Android, Segurança , , ,

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)