Red Hat Security Advisory 2021-4582-02 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring. Security fixes: golang: crypto/tls: certificate of wrong type is causing TLS client to panic.
f28cc76ddb412145654050664da26602d7c4d62da2e36475367e140177eb756a
Red Hat Security Advisory 2021-3900-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a spoofing vulnerability.
63a07e8360f77dfe555176ca7d93d1d3dc92ca9f3bd11718439a228e6179acd9
Red Hat Security Advisory 2021-2705-01 - Red Hat OpenShift Serverless 1.16.0 release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6 and 4.7, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section. Issues addressed include a memory exhaustion vulnerability.
08eae3fe4757ace30ec86f5cc2744cf14810094d114320ba3dccf22aa96dce2c
Red Hat Security Advisory 2021-2543-01 - Red Hat OpenShift Jaeger is Red Hat's distribution of the Jaeger project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include code execution and denial of service vulnerabilities.
de10f870e361f9c40e606f0ad79acca7e8e375dc5f52949dbafbc84fbfe8b8b3
Red Hat Security Advisory 2021-2532-01 - Red Hat OpenShift Jaeger is Red Hat's distribution of the Jaeger project, tailored for installation into an on-premise OpenShift Container Platform installation.
6df91b966c2f87eaa0baa1dffa7ac30d99e91800fcb0ddee8e2b10e21c68d59c
Red Hat Security Advisory 2021-2130-01 - Windows Container Support for Red Hat OpenShift allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include a man-in-the-middle vulnerability.
cee16136d7421cbe5ca19256caf3668d7fa40f347e02a96e5696e4c7709cca44
Red Hat Security Advisory 2021-2479-01 - Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include a cross site scripting vulnerability.
407dd58a4d56a1577f85a63f8d3249362ebd855a9d2e9461bef124d76718dfe1
Red Hat Security Advisory 2021-2461-01 - Red Hat Advanced Cluster Management for Kubernetes 2.2.4 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues. Issues addressed include denial of service and integer overflow vulnerabilities.
4746bce06101c5ed31286fd228a56e6836f518395cd2ec946eedb9ed0a938d38
Red Hat Security Advisory 2021-2121-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
2f1653e51f042c6274ffefb7f0845f74fde0e3cccec0fb22ff11ef5cc0c26b34
Red Hat Security Advisory 2021-2136-01 - An Openshift Logging bug fix release addresses an index validation issue.
8f9746dfa68f5ebe03798d9f8686052c21773b749d26577fe45138585199782b
Red Hat Security Advisory 2021-1611-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a spoofing vulnerability.
2a8e25602363d8cc48d2fa1f91d09c868e41b6388fb54af5a7ac5b964f4a671e
systemd suffers from a lack of seat verification in the PAM module and in turn permits the spoofing of an active session to polkit.
efa1f343df5f4bc0df38f6d33e7cbd58c47f076df86f9ef3d5559612c36b0a32
Debian Linux Security Advisory 4428-1 - Jann Horn discovered that the PAM module in systemd insecurely uses the environment and lacks seat verification permitting spoofing an active session to PolicyKit. A remote attacker with SSH access can take advantage of this issue to gain PolicyKit privileges that are normally only granted to clients in an active session on the local console.
47de208882b207bd2b8fbff35aeb3e74f10cdff098ac4297f3f5d6f9b2cd6d55
Ubuntu Security Notice 3938-1 - Jann Horn discovered that pam_systemd created logind sessions using some parameters from the environment. A local attacker could exploit this in order to spoof the active session and gain additional PolicyKit privileges.
04cac38809c24fd6bf8181037a959b4415679aa832a9f2d739d10fbaf31ce2c4