RHEL 6 : Red Hat OpenShift Enterprise 2.2.10 (RHSA-2016:1773)
Critical Nessus Plugin ID 119378
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionAn update is now available for Red Hat OpenShift Enterprise 2.2.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.
* The Jenkins continuous integration server has been updated to upstream version 1.651.2 LTS that addresses a large number of security issues, including open redirects, a potential denial of service, unsafe handling of user provided environment variables and several instances of sensitive information disclosure. (CVE-2014-3577, CVE-2016-0788, CVE-2016-0789, CVE-2016-0790, CVE-2016-0791, CVE-2016-0792, CVE-2016-3721, CVE-2016-3722, CVE-2016-3723, CVE-2016-3724, CVE-2016-3725, CVE-2016-3726, CVE-2016-3727, CVE-2015-7501)
Space precludes documenting all of the bug fixes and enhancements in this advisory. See the OpenShift Enterprise Technical Notes, which will be updated shortly for release 2.2.10, for details about these changes :
All OpenShift Enterprise 2 users are advised to upgrade to these updated packages.
SolutionUpdate the affected packages.