RHEL 7 : Red Hat OpenShift Container Platform 3.11 atomic-openshift (RHSA-2019:1633)
Medium Nessus Plugin ID 126323
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionAn update for atomic-openshift is now available for OpenShift Container Platform 3.11.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.
All OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages and images.
Security fix(es) :
* kubernetes: Incomplete fix for CVE-2019-1002101 allows for arbitrary file write via `kubectl cp` (CVE-2019-11246)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page (s) listed in the References section.
SolutionUpdate the affected packages.