Red Hat Security Advisory: Red Hat OpenShift Enterprise 1.1 update Security Advisory secalert@redhat.com Red Hat Security Response Team RHSA-2013:0220 Final 1 1 2013-01-31T19:28:00Z Current version 2013-01-31T19:28:00Z 2013-01-31T19:28:00Z Red Hat rhsa-to-cvrf 1.0.1484 2013-01-31T20:34:02Z Red Hat OpenShift Enterprise 1.1 is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Enterprise is a cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments. Refer to the Red Hat OpenShift Enterprise 1.1 Release Notes for information about the changes in this release. The Release Notes will be available shortly from https://access.redhat.com/knowledge/docs/ This update also fixes the following security issues: It was found that the master cryptographic key of Jenkins could be retrieved via the HTTP server that is hosting Jenkins. A remote attacker could use this flaw to access the server and execute arbitrary code with the privileges of the user running Jenkins. Note that this issue only affected Jenkins instances that had slaves attached and that also allowed anonymous read access (not the default configuration). Manual action is also required to correct this issue. Refer to "Jenkins Security Advisory 2013-01-04", linked to in the References, for further information. (CVE-2013-0158) When the rhc-chk script was run in debug mode, its output included sensitive information, such as database passwords, in plain text. As this script is commonly used when troubleshooting, this flaw could lead to users unintentionally exposing sensitive information in support channels (for example, a Bugzilla report). This update removes the rhc-chk script. (CVE-2012-5658) Multiple flaws in the Jenkins web interface could allow a remote attacker to perform HTTP response splitting and cross-site scripting (XSS) attacks, as well as redirecting a victim to an arbitrary page by utilizing an open redirect flaw. (CVE-2012-6072, CVE-2012-6074, CVE-2012-6073) A flaw was found in the way rubygem-activerecord dynamic finders extracted options from method parameters. A remote attacker could possibly use this flaw to perform SQL injection attacks against applications using the Active Record dynamic finder methods. (CVE-2012-6496) The openshift-port-proxy-cfg program created a temporary file in an insecure way. A local attacker could use this flaw to perform a symbolic link attack, overwriting an arbitrary file accessible to the root user with a "0" or a "1", which could lead to a denial of service. By default, OpenShift uses polyinstantiation (per user) for the /tmp/ directory, minimizing the risk of exploitation by local attackers. (CVE-2013-0164) The CVE-2013-0164 issue was discovered by Michael Scherer of the Red Hat Regional IT team. Users of Red Hat OpenShift Enterprise 1.0 are advised to upgrade to Red Hat OpenShift Enterprise 1.1. Please see https://www.redhat.com/footer/terms-of-use.html Copyright © 2013 Red Hat, Inc. All rights reserved. Important https://rhn.redhat.com/errata/RHSA-2013-0220.html https://rhn.redhat.com/errata/RHSA-2013-0220.html https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/updates/classification/#important https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04 https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04 https://access.redhat.com/knowledge/docs/ https://access.redhat.com/knowledge/docs/ https://bugzilla.redhat.com/show_bug.cgi?id=855264 https://bugzilla.redhat.com/show_bug.cgi?id=855264 https://bugzilla.redhat.com/show_bug.cgi?id=864921 https://bugzilla.redhat.com/show_bug.cgi?id=864921 https://bugzilla.redhat.com/show_bug.cgi?id=872415 https://bugzilla.redhat.com/show_bug.cgi?id=872415 https://bugzilla.redhat.com/show_bug.cgi?id=873765 https://bugzilla.redhat.com/show_bug.cgi?id=873765 https://bugzilla.redhat.com/show_bug.cgi?id=873768 https://bugzilla.redhat.com/show_bug.cgi?id=873768 https://bugzilla.redhat.com/show_bug.cgi?id=874511 https://bugzilla.redhat.com/show_bug.cgi?id=874511 https://bugzilla.redhat.com/show_bug.cgi?id=874750 https://bugzilla.redhat.com/show_bug.cgi?id=874750 https://bugzilla.redhat.com/show_bug.cgi?id=874751 https://bugzilla.redhat.com/show_bug.cgi?id=874751 https://bugzilla.redhat.com/show_bug.cgi?id=874757 https://bugzilla.redhat.com/show_bug.cgi?id=874757 https://bugzilla.redhat.com/show_bug.cgi?id=874799 https://bugzilla.redhat.com/show_bug.cgi?id=874799 https://bugzilla.redhat.com/show_bug.cgi?id=874845 https://bugzilla.redhat.com/show_bug.cgi?id=874845 https://bugzilla.redhat.com/show_bug.cgi?id=875657 https://bugzilla.redhat.com/show_bug.cgi?id=875657 https://bugzilla.redhat.com/show_bug.cgi?id=876324 https://bugzilla.redhat.com/show_bug.cgi?id=876324 https://bugzilla.redhat.com/show_bug.cgi?id=876465 https://bugzilla.redhat.com/show_bug.cgi?id=876465 https://bugzilla.redhat.com/show_bug.cgi?id=876644 https://bugzilla.redhat.com/show_bug.cgi?id=876644 https://bugzilla.redhat.com/show_bug.cgi?id=876937 https://bugzilla.redhat.com/show_bug.cgi?id=876937 https://bugzilla.redhat.com/show_bug.cgi?id=876939 https://bugzilla.redhat.com/show_bug.cgi?id=876939 https://bugzilla.redhat.com/show_bug.cgi?id=877158 https://bugzilla.redhat.com/show_bug.cgi?id=877158 https://bugzilla.redhat.com/show_bug.cgi?id=877407 https://bugzilla.redhat.com/show_bug.cgi?id=877407 https://bugzilla.redhat.com/show_bug.cgi?id=883527 https://bugzilla.redhat.com/show_bug.cgi?id=883527 https://bugzilla.redhat.com/show_bug.cgi?id=885587 https://bugzilla.redhat.com/show_bug.cgi?id=885587 https://bugzilla.redhat.com/show_bug.cgi?id=885598 https://bugzilla.redhat.com/show_bug.cgi?id=885598 https://bugzilla.redhat.com/show_bug.cgi?id=886159 https://bugzilla.redhat.com/show_bug.cgi?id=886159 https://bugzilla.redhat.com/show_bug.cgi?id=888043 https://bugzilla.redhat.com/show_bug.cgi?id=888043 https://bugzilla.redhat.com/show_bug.cgi?id=888056 https://bugzilla.redhat.com/show_bug.cgi?id=888056 https://bugzilla.redhat.com/show_bug.cgi?id=888671 https://bugzilla.redhat.com/show_bug.cgi?id=888671 https://bugzilla.redhat.com/show_bug.cgi?id=889088 https://bugzilla.redhat.com/show_bug.cgi?id=889088 https://bugzilla.redhat.com/show_bug.cgi?id=889095 https://bugzilla.redhat.com/show_bug.cgi?id=889095 https://bugzilla.redhat.com/show_bug.cgi?id=889125 https://bugzilla.redhat.com/show_bug.cgi?id=889125 https://bugzilla.redhat.com/show_bug.cgi?id=892781 https://bugzilla.redhat.com/show_bug.cgi?id=892781 https://bugzilla.redhat.com/show_bug.cgi?id=892990 https://bugzilla.redhat.com/show_bug.cgi?id=892990 https://bugzilla.redhat.com/show_bug.cgi?id=893288 https://bugzilla.redhat.com/show_bug.cgi?id=893288 https://bugzilla.redhat.com/show_bug.cgi?id=893895 https://bugzilla.redhat.com/show_bug.cgi?id=893895 https://bugzilla.redhat.com/show_bug.cgi?id=896406 https://bugzilla.redhat.com/show_bug.cgi?id=896406 Red Hat OpenShift Enterprise Client Tools Red Hat OpenShift Enterprise Infrastructure Red Hat OpenShift Enterprise Node jenkins-1.498-1.1.el6op.src.rpm mongodb-2.0.2-6.el6op.src.rpm openshift-console-0.0.13-2.el6op.src.rpm openshift-origin-broker-1.0.10-1.el6op.src.rpm openshift-origin-broker-util-1.0.14-1.el6op.src.rpm openshift-origin-cartridge-haproxy-1.4-1.0.3-1.el6op.src.rpm openshift-origin-cartridge-ruby-1.8-1.0.5-1.el6op.src.rpm openshift-origin-cartridge-ruby-1.9-scl-1.0.5-1.el6op.src.rpm openshift-origin-msg-node-mcollective-1.0.2-1.el6op.src.rpm openshift-origin-node-util-1.0.7-1.el6op.src.rpm openshift-origin-port-proxy-1.0.3-1.el6op.src.rpm rhc-1.3.2-1.3.el6op.src.rpm ruby193-rubygem-activerecord-3.2.8-2.el6.src.rpm ruby193-rubygem-passenger-3.0.12-21.el6op.src.rpm rubygem-activerecord-3.0.13-3.el6op.src.rpm rubygem-openshift-origin-auth-remote-user-1.0.4-2.el6op.src.rpm rubygem-openshift-origin-common-1.0.2-1.el6op.src.rpm rubygem-openshift-origin-console-1.0.6-1.el6op.src.rpm rubygem-openshift-origin-controller-1.0.11-1.el6op.src.rpm rubygem-openshift-origin-dns-bind-1.0.2-1.el6op.src.rpm rubygem-openshift-origin-msg-broker-mcollective-1.0.4-1.el6op.src.rpm rubygem-openshift-origin-node-1.0.10-6.el6op.src.rpm rhc-1.3.2-1.3.el6op as a component of Red Hat OpenShift Enterprise Client Tools mongodb-2.0.2-6.el6op as a component of Red Hat OpenShift Enterprise Infrastructure openshift-console-0.0.13-2.el6op as a component of Red Hat OpenShift Enterprise Infrastructure openshift-origin-broker-1.0.10-1.el6op as a component of Red Hat OpenShift Enterprise Infrastructure openshift-origin-broker-util-1.0.14-1.el6op as a component of Red Hat OpenShift Enterprise Infrastructure ruby193-rubygem-activerecord-3.2.8-2.el6 as a component of Red Hat OpenShift Enterprise Infrastructure ruby193-rubygem-passenger-3.0.12-21.el6op as a component of Red Hat OpenShift Enterprise Infrastructure rubygem-activerecord-3.0.13-3.el6op as a component of Red Hat OpenShift Enterprise Infrastructure rubygem-openshift-origin-auth-remote-user-1.0.4-2.el6op as a component of Red Hat OpenShift Enterprise Infrastructure rubygem-openshift-origin-common-1.0.2-1.el6op as a component of Red Hat OpenShift Enterprise Infrastructure rubygem-openshift-origin-console-1.0.6-1.el6op as a component of Red Hat OpenShift Enterprise Infrastructure rubygem-openshift-origin-controller-1.0.11-1.el6op as a component of Red Hat OpenShift Enterprise Infrastructure rubygem-openshift-origin-dns-bind-1.0.2-1.el6op as a component of Red Hat OpenShift Enterprise Infrastructure rubygem-openshift-origin-msg-broker-mcollective-1.0.4-1.el6op as a component of Red Hat OpenShift Enterprise Infrastructure jenkins-1.498-1.1.el6op as a component of Red Hat OpenShift Enterprise Node openshift-origin-cartridge-haproxy-1.4-1.0.3-1.el6op as a component of Red Hat OpenShift Enterprise Node openshift-origin-cartridge-ruby-1.8-1.0.5-1.el6op as a component of Red Hat OpenShift Enterprise Node openshift-origin-cartridge-ruby-1.9-scl-1.0.5-1.el6op as a component of Red Hat OpenShift Enterprise Node openshift-origin-msg-node-mcollective-1.0.2-1.el6op as a component of Red Hat OpenShift Enterprise Node openshift-origin-node-util-1.0.7-1.el6op as a component of Red Hat OpenShift Enterprise Node openshift-origin-port-proxy-1.0.3-1.el6op as a component of Red Hat OpenShift Enterprise Node ruby193-rubygem-activerecord-3.2.8-2.el6 as a component of Red Hat OpenShift Enterprise Node ruby193-rubygem-passenger-3.0.12-21.el6op as a component of Red Hat OpenShift Enterprise Node rubygem-openshift-origin-common-1.0.2-1.el6op as a component of Red Hat OpenShift Enterprise Node rubygem-openshift-origin-node-1.0.10-6.el6op as a component of Red Hat OpenShift Enterprise Node When the rhc-chk script was run in debug mode, its output included sensitive information, such as database passwords, in plain text. As this script is commonly used when troubleshooting, this flaw could lead to users unintentionally exposing sensitive information in support channels (for example, a Bugzilla report). This update removes the rhc-chk script. 2012-12-19T00:00:00Z 2012-12-19T00:00:00Z CVE-2012-5658 6Server-RHOSE-CLIENT:rhc-1.3.2-1.3.el6op 6Server-RHOSE-INFRA:mongodb-2.0.2-6.el6op 6Server-RHOSE-INFRA:openshift-console-0.0.13-2.el6op 6Server-RHOSE-INFRA:openshift-origin-broker-1.0.10-1.el6op 6Server-RHOSE-INFRA:openshift-origin-broker-util-1.0.14-1.el6op 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-3.2.8-2.el6 6Server-RHOSE-INFRA:ruby193-rubygem-passenger-3.0.12-21.el6op 6Server-RHOSE-INFRA:rubygem-activerecord-3.0.13-3.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-1.0.4-2.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-common-1.0.2-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-1.0.6-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-1.0.11-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-dns-bind-1.0.2-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-msg-broker-mcollective-1.0.4-1.el6op 6Server-RHOSE-NODE:jenkins-1.498-1.1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-1.0.3-1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-1.0.5-1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-1.0.5-1.el6op 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-1.0.2-1.el6op 6Server-RHOSE-NODE:openshift-origin-node-util-1.0.7-1.el6op 6Server-RHOSE-NODE:openshift-origin-port-proxy-1.0.3-1.el6op 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-3.2.8-2.el6 6Server-RHOSE-NODE:ruby193-rubygem-passenger-3.0.12-21.el6op 6Server-RHOSE-NODE:rubygem-openshift-origin-common-1.0.2-1.el6op 6Server-RHOSE-NODE:rubygem-openshift-origin-node-1.0.10-6.el6op Moderate AV:L AC:L/Au:N/C:C/I:N/A:N Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2013-0220.html https://www.redhat.com/security/data/cve/CVE-2012-5658.html CVE-2012-5658 https://bugzilla.redhat.com/show_bug.cgi?id=889062 bz#889062: CVE-2012-5658 OpenShift Origin: rhc-chk.rb password exposure in log files Multiple flaws in the Jenkins web interface could allow a remote attacker to perform HTTP response splitting and cross-site scripting (XSS) attacks, as well as redirecting a victim to an arbitrary page by utilizing an open redirect flaw. 2012-11-20T00:00:00Z 2012-11-20T00:00:00Z CVE-2012-6072 6Server-RHOSE-CLIENT:rhc-1.3.2-1.3.el6op 6Server-RHOSE-INFRA:mongodb-2.0.2-6.el6op 6Server-RHOSE-INFRA:openshift-console-0.0.13-2.el6op 6Server-RHOSE-INFRA:openshift-origin-broker-1.0.10-1.el6op 6Server-RHOSE-INFRA:openshift-origin-broker-util-1.0.14-1.el6op 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-3.2.8-2.el6 6Server-RHOSE-INFRA:ruby193-rubygem-passenger-3.0.12-21.el6op 6Server-RHOSE-INFRA:rubygem-activerecord-3.0.13-3.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-1.0.4-2.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-common-1.0.2-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-1.0.6-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-1.0.11-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-dns-bind-1.0.2-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-msg-broker-mcollective-1.0.4-1.el6op 6Server-RHOSE-NODE:jenkins-1.498-1.1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-1.0.3-1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-1.0.5-1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-1.0.5-1.el6op 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-1.0.2-1.el6op 6Server-RHOSE-NODE:openshift-origin-node-util-1.0.7-1.el6op 6Server-RHOSE-NODE:openshift-origin-port-proxy-1.0.3-1.el6op 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-3.2.8-2.el6 6Server-RHOSE-NODE:ruby193-rubygem-passenger-3.0.12-21.el6op 6Server-RHOSE-NODE:rubygem-openshift-origin-common-1.0.2-1.el6op 6Server-RHOSE-NODE:rubygem-openshift-origin-node-1.0.10-6.el6op Moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2013-0220.html https://www.redhat.com/security/data/cve/CVE-2012-6072.html CVE-2012-6072 https://bugzilla.redhat.com/show_bug.cgi?id=890607 bz#890607: CVE-2012-6072 Jenkins: HTTP response splitting Multiple flaws in the Jenkins web interface could allow a remote attacker to perform HTTP response splitting and cross-site scripting (XSS) attacks, as well as redirecting a victim to an arbitrary page by utilizing an open redirect flaw. 2012-11-20T00:00:00Z 2012-11-20T00:00:00Z CVE-2012-6073 6Server-RHOSE-CLIENT:rhc-1.3.2-1.3.el6op 6Server-RHOSE-INFRA:mongodb-2.0.2-6.el6op 6Server-RHOSE-INFRA:openshift-console-0.0.13-2.el6op 6Server-RHOSE-INFRA:openshift-origin-broker-1.0.10-1.el6op 6Server-RHOSE-INFRA:openshift-origin-broker-util-1.0.14-1.el6op 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-3.2.8-2.el6 6Server-RHOSE-INFRA:ruby193-rubygem-passenger-3.0.12-21.el6op 6Server-RHOSE-INFRA:rubygem-activerecord-3.0.13-3.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-1.0.4-2.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-common-1.0.2-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-1.0.6-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-1.0.11-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-dns-bind-1.0.2-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-msg-broker-mcollective-1.0.4-1.el6op 6Server-RHOSE-NODE:jenkins-1.498-1.1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-1.0.3-1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-1.0.5-1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-1.0.5-1.el6op 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-1.0.2-1.el6op 6Server-RHOSE-NODE:openshift-origin-node-util-1.0.7-1.el6op 6Server-RHOSE-NODE:openshift-origin-port-proxy-1.0.3-1.el6op 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-3.2.8-2.el6 6Server-RHOSE-NODE:ruby193-rubygem-passenger-3.0.12-21.el6op 6Server-RHOSE-NODE:rubygem-openshift-origin-common-1.0.2-1.el6op 6Server-RHOSE-NODE:rubygem-openshift-origin-node-1.0.10-6.el6op Moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2013-0220.html https://www.redhat.com/security/data/cve/CVE-2012-6073.html CVE-2012-6073 https://bugzilla.redhat.com/show_bug.cgi?id=890608 bz#890608: CVE-2012-6073 Jenkins: open redirect Multiple flaws in the Jenkins web interface could allow a remote attacker to perform HTTP response splitting and cross-site scripting (XSS) attacks, as well as redirecting a victim to an arbitrary page by utilizing an open redirect flaw. 2012-11-20T00:00:00Z 2012-11-20T00:00:00Z CVE-2012-6074 6Server-RHOSE-CLIENT:rhc-1.3.2-1.3.el6op 6Server-RHOSE-INFRA:mongodb-2.0.2-6.el6op 6Server-RHOSE-INFRA:openshift-console-0.0.13-2.el6op 6Server-RHOSE-INFRA:openshift-origin-broker-1.0.10-1.el6op 6Server-RHOSE-INFRA:openshift-origin-broker-util-1.0.14-1.el6op 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-3.2.8-2.el6 6Server-RHOSE-INFRA:ruby193-rubygem-passenger-3.0.12-21.el6op 6Server-RHOSE-INFRA:rubygem-activerecord-3.0.13-3.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-1.0.4-2.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-common-1.0.2-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-1.0.6-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-1.0.11-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-dns-bind-1.0.2-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-msg-broker-mcollective-1.0.4-1.el6op 6Server-RHOSE-NODE:jenkins-1.498-1.1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-1.0.3-1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-1.0.5-1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-1.0.5-1.el6op 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-1.0.2-1.el6op 6Server-RHOSE-NODE:openshift-origin-node-util-1.0.7-1.el6op 6Server-RHOSE-NODE:openshift-origin-port-proxy-1.0.3-1.el6op 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-3.2.8-2.el6 6Server-RHOSE-NODE:ruby193-rubygem-passenger-3.0.12-21.el6op 6Server-RHOSE-NODE:rubygem-openshift-origin-common-1.0.2-1.el6op 6Server-RHOSE-NODE:rubygem-openshift-origin-node-1.0.10-6.el6op Moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2013-0220.html https://www.redhat.com/security/data/cve/CVE-2012-6074.html CVE-2012-6074 https://bugzilla.redhat.com/show_bug.cgi?id=890612 bz#890612: CVE-2012-6074 Jenkins: cross-site scripting vulnerability A flaw was found in the way rubygem-activerecord dynamic finders extracted options from method parameters. A remote attacker could possibly use this flaw to perform SQL injection attacks against applications using the Active Record dynamic finder methods. 2012-12-21T00:00:00Z 2012-12-21T00:00:00Z CVE-2012-6496 6Server-RHOSE-CLIENT:rhc-1.3.2-1.3.el6op 6Server-RHOSE-INFRA:mongodb-2.0.2-6.el6op 6Server-RHOSE-INFRA:openshift-console-0.0.13-2.el6op 6Server-RHOSE-INFRA:openshift-origin-broker-1.0.10-1.el6op 6Server-RHOSE-INFRA:openshift-origin-broker-util-1.0.14-1.el6op 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-3.2.8-2.el6 6Server-RHOSE-INFRA:ruby193-rubygem-passenger-3.0.12-21.el6op 6Server-RHOSE-INFRA:rubygem-activerecord-3.0.13-3.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-1.0.4-2.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-common-1.0.2-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-1.0.6-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-1.0.11-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-dns-bind-1.0.2-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-msg-broker-mcollective-1.0.4-1.el6op 6Server-RHOSE-NODE:jenkins-1.498-1.1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-1.0.3-1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-1.0.5-1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-1.0.5-1.el6op 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-1.0.2-1.el6op 6Server-RHOSE-NODE:openshift-origin-node-util-1.0.7-1.el6op 6Server-RHOSE-NODE:openshift-origin-port-proxy-1.0.3-1.el6op 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-3.2.8-2.el6 6Server-RHOSE-NODE:ruby193-rubygem-passenger-3.0.12-21.el6op 6Server-RHOSE-NODE:rubygem-openshift-origin-common-1.0.2-1.el6op 6Server-RHOSE-NODE:rubygem-openshift-origin-node-1.0.10-6.el6op Moderate 6.4 AV:N/AC:L/Au:N/C:N/I:P/A:P Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2013-0220.html http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html https://www.redhat.com/security/data/cve/CVE-2012-6496.html CVE-2012-6496 It was found that the master cryptographic key of Jenkins could be retrieved via the HTTP server that is hosting Jenkins. A remote attacker could use this flaw to access the server and execute arbitrary code with the privileges of the user running Jenkins. Note that this issue only affected Jenkins instances that had slaves attached and that also allowed anonymous read access (not the default configuration). Manual action is also required to correct this issue. Refer to "Jenkins Security Advisory 2013-01-04", linked to in the References, for further information. 2013-01-07T00:00:00Z 2013-01-04T00:00:00Z CVE-2013-0158 6Server-RHOSE-CLIENT:rhc-1.3.2-1.3.el6op 6Server-RHOSE-INFRA:mongodb-2.0.2-6.el6op 6Server-RHOSE-INFRA:openshift-console-0.0.13-2.el6op 6Server-RHOSE-INFRA:openshift-origin-broker-1.0.10-1.el6op 6Server-RHOSE-INFRA:openshift-origin-broker-util-1.0.14-1.el6op 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-3.2.8-2.el6 6Server-RHOSE-INFRA:ruby193-rubygem-passenger-3.0.12-21.el6op 6Server-RHOSE-INFRA:rubygem-activerecord-3.0.13-3.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-1.0.4-2.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-common-1.0.2-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-1.0.6-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-1.0.11-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-dns-bind-1.0.2-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-msg-broker-mcollective-1.0.4-1.el6op 6Server-RHOSE-NODE:jenkins-1.498-1.1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-1.0.3-1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-1.0.5-1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-1.0.5-1.el6op 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-1.0.2-1.el6op 6Server-RHOSE-NODE:openshift-origin-node-util-1.0.7-1.el6op 6Server-RHOSE-NODE:openshift-origin-port-proxy-1.0.3-1.el6op 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-3.2.8-2.el6 6Server-RHOSE-NODE:ruby193-rubygem-passenger-3.0.12-21.el6op 6Server-RHOSE-NODE:rubygem-openshift-origin-common-1.0.2-1.el6op 6Server-RHOSE-NODE:rubygem-openshift-origin-node-1.0.10-6.el6op Important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2013-0220.html https://www.redhat.com/security/data/cve/CVE-2013-0158.html CVE-2013-0158 https://bugzilla.redhat.com/show_bug.cgi?id=892795 bz#892795: CVE-2013-0158 jenkins: remote unauthenticated retrieval of master cryptographic key (Jenkins Security Advisory 2013-01-04) The openshift-port-proxy-cfg program created a temporary file in an insecure way. A local attacker could use this flaw to perform a symbolic link attack, overwriting an arbitrary file accessible to the root user with a "0" or a "1", which could lead to a denial of service. By default, OpenShift uses polyinstantiation (per user) for the /tmp/ directory, minimizing the risk of exploitation by local attackers. The CVE-2013-0164 issue was discovered by Michael Scherer of the Red Hat Regional IT team. 2013-01-04T00:00:00Z 2013-01-31T00:00:00Z CVE-2013-0164 6Server-RHOSE-CLIENT:rhc-1.3.2-1.3.el6op 6Server-RHOSE-INFRA:mongodb-2.0.2-6.el6op 6Server-RHOSE-INFRA:openshift-console-0.0.13-2.el6op 6Server-RHOSE-INFRA:openshift-origin-broker-1.0.10-1.el6op 6Server-RHOSE-INFRA:openshift-origin-broker-util-1.0.14-1.el6op 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-3.2.8-2.el6 6Server-RHOSE-INFRA:ruby193-rubygem-passenger-3.0.12-21.el6op 6Server-RHOSE-INFRA:rubygem-activerecord-3.0.13-3.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-1.0.4-2.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-common-1.0.2-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-1.0.6-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-1.0.11-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-dns-bind-1.0.2-1.el6op 6Server-RHOSE-INFRA:rubygem-openshift-origin-msg-broker-mcollective-1.0.4-1.el6op 6Server-RHOSE-NODE:jenkins-1.498-1.1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-1.0.3-1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-1.0.5-1.el6op 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-1.0.5-1.el6op 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-1.0.2-1.el6op 6Server-RHOSE-NODE:openshift-origin-node-util-1.0.7-1.el6op 6Server-RHOSE-NODE:openshift-origin-port-proxy-1.0.3-1.el6op 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-3.2.8-2.el6 6Server-RHOSE-NODE:ruby193-rubygem-passenger-3.0.12-21.el6op 6Server-RHOSE-NODE:rubygem-openshift-origin-common-1.0.2-1.el6op 6Server-RHOSE-NODE:rubygem-openshift-origin-node-1.0.10-6.el6op Low 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2013-0220.html https://www.redhat.com/security/data/cve/CVE-2013-0164.html CVE-2013-0164 https://bugzilla.redhat.com/show_bug.cgi?id=893307 bz#893307: CVE-2013-0164 openshift-origin-port-proxy: openshift-port-proxy-cfg lockwrap() tmp file creation This issue was discovered by Michael Scherer of the Red Hat Regional IT team.