Issued:: 2021-02-16
Updated:: 2021-02-16

RHSA-2021:0436 - Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix update

Synopsis

Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix update

Type/Severity

Security Advisory Moderate

Topic

An update for compliance-content-container, ose-compliance-openscap-container, ose-compliance-operator-container, and ose-compliance-operator-metadata-container is now available for Red Hat OpenShift Container Platform 4.6.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

The compliance-operator image updates are now available for OpenShift Container Platform 4.6.

This advisory provides the following updates among others:

Enhances profile parsing time.
Fixes excessive resource consumption from the Operator.
Fixes default content image.
Fixes outdated remediation handling.

Security Fix(es):

golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html

Details on how to access this content are available at This page is not included, but the link has been rewritten to point to the nearest parent document.https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.

Affected Products

Product	Version	Arch
Red Hat OpenShift Container Platform	4.6	x86_64

Fixes

CVEs

CVE-2018-20843
CVE-2019-1551
CVE-2019-5018
CVE-2019-8625
CVE-2019-8710
CVE-2019-8720
CVE-2019-8743
CVE-2019-8764
CVE-2019-8766
CVE-2019-8769
CVE-2019-8771
CVE-2019-8782
CVE-2019-8783
CVE-2019-8808
CVE-2019-8811
CVE-2019-8812
CVE-2019-8813
CVE-2019-8814
CVE-2019-8815
CVE-2019-8816
CVE-2019-8819
CVE-2019-8820
CVE-2019-8823
CVE-2019-8835
CVE-2019-8844
CVE-2019-8846
CVE-2019-11068
CVE-2019-13050
CVE-2019-13627
CVE-2019-14889
CVE-2019-15165
CVE-2019-15903
CVE-2019-16168
CVE-2019-16935
CVE-2019-18197
CVE-2019-19221
CVE-2019-19906
CVE-2019-19956
CVE-2019-20218
CVE-2019-20386
CVE-2019-20387
CVE-2019-20388
CVE-2019-20454
CVE-2019-20807
CVE-2019-20907
CVE-2019-20916
CVE-2020-1730
CVE-2020-1751
CVE-2020-1752
CVE-2020-1971
CVE-2020-3862
CVE-2020-3864
CVE-2020-3865
CVE-2020-3867
CVE-2020-3868
CVE-2020-3885
CVE-2020-3894
CVE-2020-3895
CVE-2020-3897
CVE-2020-3899
CVE-2020-3900
CVE-2020-3901
CVE-2020-3902
CVE-2020-6405
CVE-2020-7595
CVE-2020-8177
CVE-2020-8492
CVE-2020-9327
CVE-2020-9802
CVE-2020-9803
CVE-2020-9805
CVE-2020-9806
CVE-2020-9807
CVE-2020-9843
CVE-2020-9850
CVE-2020-9862
CVE-2020-9893
CVE-2020-9894
CVE-2020-9895
CVE-2020-9915
CVE-2020-9925
CVE-2020-10018
CVE-2020-10029
CVE-2020-11793
CVE-2020-13630
CVE-2020-13631
CVE-2020-13632
CVE-2020-14382
CVE-2020-14391
CVE-2020-14422
CVE-2020-15503
CVE-2020-24659
CVE-2020-28362

References

https://access.redhat.com/security/updates/classification/#moderate

Additional information

The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.