RHEL 6 : Red Hat OpenShift Enterprise 2.2.10 (RHSA-2016:1773)
Critical Nessus Plugin ID 119378
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionAn update is now available for Red Hat OpenShift Enterprise 2.2.
Red Hat Product Security has rated this update as having a security
impact of Important. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.
OpenShift Enterprise by Red Hat is the company's cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or
private cloud deployments.
* The Jenkins continuous integration server has been updated to
upstream version 1.651.2 LTS that addresses a large number of security
issues, including open redirects, a potential denial of service,
unsafe handling of user provided environment variables and several
instances of sensitive information disclosure. (CVE-2014-3577,
CVE-2016-0788, CVE-2016-0789, CVE-2016-0790, CVE-2016-0791,
CVE-2016-0792, CVE-2016-3721, CVE-2016-3722, CVE-2016-3723,
CVE-2016-3724, CVE-2016-3725, CVE-2016-3726, CVE-2016-3727,
Space precludes documenting all of the bug fixes and enhancements in
this advisory. See the OpenShift Enterprise Technical Notes, which
will be updated shortly for release 2.2.10, for details about these
All OpenShift Enterprise 2 users are advised to upgrade to these
SolutionUpdate the affected packages.