{"id":"RHSA-2020:4297","summary":"Red Hat Security Advisory: OpenShift Container Platform 4.6.1 package security update","modified":"2026-04-16T10:01:58Z","published":"2024-09-30T13:54:04Z","upstream":["CVE-2019-16541","CVE-2020-14040","CVE-2020-14370","CVE-2020-15586","CVE-2020-16845","CVE-2020-2252","CVE-2020-2254","CVE-2020-2255","CVE-2020-8564"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:4297"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1819663"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1853652"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1867099"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1874268"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1880454"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1880456"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1880460"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1886637"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4297.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-16541"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-16541"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16541"},{"type":"ARTICLE","url":"https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1106"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-2252"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-2252"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-2252"},{"type":"ARTICLE","url":"https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1813"},{"type":"ARTICLE","url":"https://www.openwall.com/lists/oss-security/2020/09/16/3"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-2254"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-2254"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-2254"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2020/09/16/3"},{"type":"ARTICLE","url":"https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1956"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-2255"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-2255"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-2255"},{"type":"ARTICLE","url":"https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1961"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-8564"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-8564"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8564"},{"type":"ARTICLE","url":"https://github.com/kubernetes/kubernetes/issues/95622"},{"type":"ARTICLE","url":"https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-14040"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-14040"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14040"},{"type":"ARTICLE","url":"https://github.com/golang/go/issues/39491"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-14370"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-14370"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14370"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-15586"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1856953"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-15586"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15586"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-16845"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-16845"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-16845"},{"type":"ARTICLE","url":"https://groups.google.com/g/golang-announce/c/NyPIaucMgXo"}],"affected":[{"package":{"name":"jenkins-2-plugins","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/jenkins-2-plugins"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.6.1601368321-1.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"openshift-clients","ecosystem":"Red Hat:openshift:4.6::el7","purl":"pkg:rpm/redhat/openshift-clients"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.6.0-202010081244.p0.git.3794.4743d24.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"openshift-clients-redistributable","ecosystem":"Red Hat:openshift:4.6::el7","purl":"pkg:rpm/redhat/openshift-clients-redistributable"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.6.0-202010081244.p0.git.3794.4743d24.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"openshift-clients","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/openshift-clients"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.6.0-202010081244.p0.git.3794.4743d24.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"openshift-clients-redistributable","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/openshift-clients-redistributable"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.6.0-202010081244.p0.git.3794.4743d24.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"containers-common","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/containers-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.1.1-2.rhaos4.6.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"podman","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/podman"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.9.3-3.rhaos4.6.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"podman-debuginfo","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/podman-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.9.3-3.rhaos4.6.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"podman-debugsource","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/podman-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.9.3-3.rhaos4.6.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"podman-docker","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/podman-docker"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.9.3-3.rhaos4.6.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"podman-remote","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/podman-remote"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.9.3-3.rhaos4.6.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"podman-remote-debuginfo","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/podman-remote-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.9.3-3.rhaos4.6.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"podman-tests","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/podman-tests"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.9.3-3.rhaos4.6.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"skopeo","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/skopeo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.1.1-2.rhaos4.6.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"skopeo-debuginfo","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/skopeo-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.1.1-2.rhaos4.6.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"skopeo-debugsource","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/skopeo-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.1.1-2.rhaos4.6.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"skopeo-tests","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/skopeo-tests"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.1.1-2.rhaos4.6.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"runc","ecosystem":"Red Hat:openshift:4.6::el7","purl":"pkg:rpm/redhat/runc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.0-81.rhaos4.6.git5b757d4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"runc-debuginfo","ecosystem":"Red Hat:openshift:4.6::el7","purl":"pkg:rpm/redhat/runc-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.0-81.rhaos4.6.git5b757d4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"runc","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/runc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.0-81.rhaos4.6.git5b757d4.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"runc-debuginfo","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/runc-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.0-81.rhaos4.6.git5b757d4.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}},{"package":{"name":"runc-debugsource","ecosystem":"Red Hat:openshift:4.6::el8","purl":"pkg:rpm/redhat/runc-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.0-81.rhaos4.6.git5b757d4.el8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:4297.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}