Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix update

Related Vulnerabilities: CVE-2020-28362   CVE-2020-28362   CVE-2018-20843   CVE-2019-1551   CVE-2019-5018   CVE-2019-8625   CVE-2019-8710   CVE-2019-8720   CVE-2019-8743   CVE-2019-8764   CVE-2019-8766   CVE-2019-8769   CVE-2019-8771   CVE-2019-8782   CVE-2019-8783   CVE-2019-8808   CVE-2019-8811   CVE-2019-8812   CVE-2019-8813   CVE-2019-8814   CVE-2019-8815   CVE-2019-8816   CVE-2019-8819   CVE-2019-8820   CVE-2019-8823   CVE-2019-8835   CVE-2019-8844   CVE-2019-8846   CVE-2019-11068   CVE-2019-13050   CVE-2019-13627   CVE-2019-14889   CVE-2019-15165   CVE-2019-15903   CVE-2019-16168   CVE-2019-16935   CVE-2019-18197   CVE-2019-19221   CVE-2019-19906   CVE-2019-19956   CVE-2019-20218   CVE-2019-20386   CVE-2019-20387   CVE-2019-20388   CVE-2019-20454   CVE-2019-20807   CVE-2019-20907   CVE-2019-20916   CVE-2020-1730   CVE-2020-1751   CVE-2020-1752   CVE-2020-1971   CVE-2020-3862   CVE-2020-3864   CVE-2020-3865   CVE-2020-3867   CVE-2020-3868   CVE-2020-3885   CVE-2020-3894   CVE-2020-3895   CVE-2020-3897   CVE-2020-3899   CVE-2020-3900   CVE-2020-3901   CVE-2020-3902   CVE-2020-6405   CVE-2020-7595   CVE-2020-8177   CVE-2020-8492   CVE-2020-9327   CVE-2020-9802   CVE-2020-9803   CVE-2020-9805   CVE-2020-9806   CVE-2020-9807   CVE-2020-9843   CVE-2020-9850   CVE-2020-9862   CVE-2020-9893   CVE-2020-9894   CVE-2020-9895   CVE-2020-9915   CVE-2020-9925   CVE-2020-10018   CVE-2020-10029   CVE-2020-11793   CVE-2020-13630   CVE-2020-13631   CVE-2020-13632   CVE-2020-14382   CVE-2020-14391   CVE-2020-14422   CVE-2020-15503   CVE-2020-24659   CVE-2020-28362  

Source

Synopsis

Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix update

Type/Severity

Security Advisory: Moderate

Topic

An update for compliance-content-container, ose-compliance-openscap-container, ose-compliance-operator-container, and ose-compliance-operator-metadata-container is now available for Red Hat OpenShift Container Platform 4.6.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

The compliance-operator image updates are now available for OpenShift Container Platform 4.6.

This advisory provides the following updates among others:

  • Enhances profile parsing time.
  • Fixes excessive resource consumption from the Operator.
  • Fixes default content image.
  • Fixes outdated remediation handling.

Security Fix(es):

  • golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For OpenShift Container Platform 4.6 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.

Affected Products

  • Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64

Fixes

  • BZ - 1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers
  • BZ - 1918990 - ComplianceSuite scans use quay content image for initContainer
  • BZ - 1919135 - [OCP v46] The autoApplyRemediation pauses the machineConfigPool if there is outdated complianceRemediation object present
  • BZ - 1919846 - After remediation applied, the compliancecheckresults still reports Failed status for some rules
  • BZ - 1920999 - Compliance operator is not displayed when disconnected mode is selected in the OpenShift Web-Console.

CVEs

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started