Operating System:

[RedHat]

Published:

18 December 2015

Protect yourself against future threats.

//Service

Member Security Incident Notifications

Be proactive with your security and receive our daily Member Security Incident Notifications (MSINs) custom to your network.

Read more
Resources > Security Bulletins > ESB-2015.3171 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2015.3171
        Important: Red Hat OpenShift Enterprise 2.2.8 security, bug
                        fix, and enhancement update
                             18 December 2015

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           OpenShift Enterprise 2.2.8
Publisher:         Red Hat
Operating System:  Red Hat
Impact/Access:     Access Privileged Data -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2015-3281  

Reference:         ESB-2015.2357
                   ESB-2015.1769

Original Bulletin: 
   https://rhn.redhat.com/errata/RHSA-2015-2666.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: Red Hat OpenShift Enterprise 2.2.8 security, bug fix, and enhancement update
Advisory ID:       RHSA-2015:2666-01
Product:           Red Hat OpenShift Enterprise
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2015-2666.html
Issue date:        2015-12-17
CVE Names:         CVE-2015-3281 
=====================================================================

1. Summary:

Red Hat OpenShift Enterprise release 2.2.8, which fixes one security
issue, several bugs, and introduces feature enhancements, is now
available.

Red Hat Product Security has rated this update as having Important
security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

RHOSE Client 2.2 - noarch
RHOSE Infrastructure 2.2 - noarch
RHOSE JBoss EAP add-on 2.2 - noarch
RHOSE Node 2.2 - noarch, x86_64

3. Description:

OpenShift Enterprise by Red Hat is the company's cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or
private cloud deployments.

The following security issue is addressed with this release:

An implementation error related to the memory management of request
and responses was found within HAProxy's buffer_slow_realign()
function. An unauthenticated remote attacker could use this flaw
to leak certain memory buffer contents from a past request or
session. (CVE-2015-3281)

Space precludes documenting all of the bug fixes in this advisory. See
the OpenShift Enterprise Technical Notes, which will be updated
shortly for release 2.2.8, for details about these changes:

https://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-s
ingle/Technical_Notes/index.html

All OpenShift Enterprise 2 users are advised to upgrade to these updated
packages.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

See the OpenShift Enterprise 2.2 Release Notes, which will be updated
shortly for release 2.2.8, for important instructions on how to fully
apply this asynchronous errata update:

https://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-s
ingle/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates

This update is available via the Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at: 
https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1045226 - oo-auto-idler man page incorrect
1054441 - oo-accept-node should test that BROKER_HOST is consistent
1064039 - RFE oo-diagnostics should report when node auth is failing (401 Unauthorized)
1101973 - oo-diagnostics tools is checking a non-existing dir after update ose-2.0 GA to ose-2.0.z puddle + RHSCL-1.1
1110415 - `oo-admin-broker-cache --clear --console` does not warn that --console flag does nothing
1111501 - REPORT_BUILD_ANALYTICS should be set to false by default
1111598 - oo-admin-chk gives bad advice to users when gears do not exist on the node.
1139608 - rhc snapshot save different app  with the same name in the same dir didn't prompt conflict information
1140766 - oo-admin-ctl-district doesn't suggest FQDN for -i in -h output
1155003 - Should prompt correct and important parameter information when use none or error parameter in "rhc server add" command
1177753 - Enable a configuration in rhc to use a different ssh executable
1211526 - HAProxy does not restart when pid is not found
1218872 - rhc setup fail during upload sshkey
1238305 - [RFE] gear-placement plugin domain_id as input data
1239072 - CVE-2015-3281 haproxy: information leak in buffer_slow_realign()
1241675 - [RFE] Check for missing openshift_application_aliases components f5-icontrol-rest.rb
1248439 - Routing SPI for Nginx doesn't preserve host in http request's headers
1255426 - API Call to disable HA does not remove 2nd haproxy head gear
1264722 - oo-register-dns shows erros with any option
1265609 - pandas not getting installed
1268080 - ChangeMembersDomainOp are not cleared by oo-admin-clear-pending-ops
1270660 - Haproxy health check should be in sync with rolling updates in EWS
1271338 - oo-restorecon -v -a  does not add selinux MCS labels to files under hidden directory
1272195 - oo-admin-ctl-app -c remove-gear , ignores min scale setting
1277695 - hostname regex fails in update-cluster in some locales
1280438 - haproxy_ctld error on a close-to-quota gear
1282520 - Routing-daemon does not create the openshift_application_aliases policy
1282940 - Exception log output when using rhc app ssh "--ssh option" with exist directory

6. Package List:

RHOSE Client 2.2:

Source:
rhc-1.38.4.5-1.el6op.src.rpm

noarch:
rhc-1.38.4.5-1.el6op.noarch.rpm

RHOSE Infrastructure 2.2:

Source:
openshift-enterprise-upgrade-2.2.8-1.el6op.src.rpm
openshift-origin-broker-util-1.37.4.2-1.el6op.src.rpm
rubygem-openshift-origin-common-1.29.4.1-1.el6op.src.rpm
rubygem-openshift-origin-controller-1.38.4.2-1.el6op.src.rpm
rubygem-openshift-origin-routing-daemon-0.26.4.4-1.el6op.src.rpm

noarch:
openshift-enterprise-release-2.2.8-1.el6op.noarch.rpm
openshift-enterprise-upgrade-broker-2.2.8-1.el6op.noarch.rpm
openshift-enterprise-yum-validator-2.2.8-1.el6op.noarch.rpm
openshift-origin-broker-util-1.37.4.2-1.el6op.noarch.rpm
rubygem-openshift-origin-common-1.29.4.1-1.el6op.noarch.rpm
rubygem-openshift-origin-controller-1.38.4.2-1.el6op.noarch.rpm
rubygem-openshift-origin-routing-daemon-0.26.4.4-1.el6op.noarch.rpm

RHOSE JBoss EAP add-on 2.2:

Source:
openshift-origin-cartridge-jbosseap-2.27.3.1-1.el6op.src.rpm

noarch:
openshift-origin-cartridge-jbosseap-2.27.3.1-1.el6op.noarch.rpm

RHOSE Node 2.2:

Source:
haproxy15side-1.5.4-2.el6op.src.rpm
openshift-enterprise-upgrade-2.2.8-1.el6op.src.rpm
openshift-origin-cartridge-haproxy-1.31.4.1-1.el6op.src.rpm
openshift-origin-cartridge-jbossews-1.35.3.2-1.el6op.src.rpm
openshift-origin-cartridge-python-1.34.1.1-1.el6op.src.rpm
openshift-origin-node-util-1.38.5.1-1.el6op.src.rpm
rubygem-openshift-origin-common-1.29.4.1-1.el6op.src.rpm
rubygem-openshift-origin-node-1.38.4.1-1.el6op.src.rpm

noarch:
openshift-enterprise-release-2.2.8-1.el6op.noarch.rpm
openshift-enterprise-upgrade-node-2.2.8-1.el6op.noarch.rpm
openshift-enterprise-yum-validator-2.2.8-1.el6op.noarch.rpm
openshift-origin-cartridge-haproxy-1.31.4.1-1.el6op.noarch.rpm
openshift-origin-cartridge-jbossews-1.35.3.2-1.el6op.noarch.rpm
openshift-origin-cartridge-python-1.34.1.1-1.el6op.noarch.rpm
openshift-origin-node-util-1.38.5.1-1.el6op.noarch.rpm
rubygem-openshift-origin-common-1.29.4.1-1.el6op.noarch.rpm
rubygem-openshift-origin-node-1.38.4.1-1.el6op.noarch.rpm

x86_64:
haproxy15side-1.5.4-2.el6op.x86_64.rpm
haproxy15side-debuginfo-1.5.4-2.el6op.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2015-3281
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2015 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFWcuyDXlSAg2UNWIIRAs9iAKCg610Xq8HXhYNhIrml02r8Lesk+ACfYIA2
gXKNT+SfO8+09NHVvoedmUA=
=Vm9R
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVnOJOH6ZAP0PgtI9AQKCMBAAi3bGgaVFjVvVeTrvhJeDv7zJ9ydbdRDj
FlUEqpGherh3VYC9WuAioYp3ikvfPmILiD0bYrn8aufgGfncgTLYC2bl2UhkudRs
0RSc7tJcmZrAlyre1TeFiWnV2WDBB89qKcXpO+MgAgskb+1IJznKBusu6uYSWWIo
TejEwASy4JJTSB37TEIhv7zj2cnKjpPpdu9uYRmLJNrT2NQiUYcPQVrd3mqDJc5A
bz7kyE912xtyEKt+eVdOhmk5xvNjad0Xv1nCRT9jde0YVd8dHePt/UdI10wFVg4E
o9VhgL7/6qXIZrpw2FcWEgYK4R4INdeiKVdpJNPI/XgoBrnkfpz0WG8mKlv5D4Ye
S/kMEyZDaRhA7QhLHh67lfSzvUNHPf2abJ97hB0Yqfe9SHb48WsKGhQ4d1DJX0B9
FfTQAay4vsNG+8vWAumptANmYXFxWQMWX1xtE1yGfWq2A01kDHQjkEwrpcDeCVPo
z/dk6LCHKxiky+/PoyFu1i4CANk41VkoNKkLT+Cl73axCuLcAkraZDpXl8FVi2pn
ZK9LnxLlib2hVy0zxbXWJEksTU+IioJ/aB8iCQOIHarm0CscMRKfp5b/8sa6nYvw
GKhxE/Bsm4SqXUCqWJOaUvNcCl6gHe6w0nE+tW0DOfYZzq1aSR+N9XVhkYv9bkan
9Tfsmy05P1k=
=q2fT
-----END PGP SIGNATURE-----