Vulnerability Database
Blog
FAQ
Docs
RHSA-2019:2769
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2019:2769
Import Source
https://security.access.redhat.com/data/osv/RHSA-2019:2769.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2019:2769
Related
CVE-2019-11247
CVE-2019-9512
CVE-2019-9514
Published
2024-09-20T13:53:30Z
Modified
2024-10-09T06:53:05Z
Severity
7.5 (High)
CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: OpenShift Container Platform 3.9 security update
Details
References
https://access.redhat.com/errata/RHSA-2019:2769
https://access.redhat.com/security/updates/classification/#important
https://bugzilla.redhat.com/show_bug.cgi?id=1732192
https://bugzilla.redhat.com/show_bug.cgi?id=1735645
https://bugzilla.redhat.com/show_bug.cgi?id=1735744
https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2769.json
https://access.redhat.com/security/cve/CVE-2019-9512
https://www.cve.org/CVERecord?id=CVE-2019-9512
https://nvd.nist.gov/vuln/detail/CVE-2019-9512
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
https://groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg
https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA
https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/
https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html
https://access.redhat.com/security/cve/CVE-2019-9514
https://www.cve.org/CVERecord?id=CVE-2019-9514
https://nvd.nist.gov/vuln/detail/CVE-2019-9514
https://access.redhat.com/security/cve/CVE-2019-11247
https://www.cve.org/CVERecord?id=CVE-2019-11247
https://nvd.nist.gov/vuln/detail/CVE-2019-11247
https://groups.google.com/forum/#!topic/kubernetes-security-discuss/Vf31dXp0EJc
Affected packages
Red Hat:openshift:3.9::el7
/
ansible-service-broker
Package
Name
ansible-service-broker
Purl
pkg:rpm/redhat/ansible-service-broker
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.1.20-2.el7
Red Hat:openshift:3.9::el7
/
ansible-service-broker-container-scripts
Package
Name
ansible-service-broker-container-scripts
Purl
pkg:rpm/redhat/ansible-service-broker-container-scripts
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.1.20-2.el7
Red Hat:openshift:3.9::el7
/
ansible-service-broker-selinux
Package
Name
ansible-service-broker-selinux
Purl
pkg:rpm/redhat/ansible-service-broker-selinux
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.1.20-2.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift
Package
Name
atomic-openshift
Purl
pkg:rpm/redhat/atomic-openshift
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.0.150f595.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-clients
Package
Name
atomic-openshift-clients
Purl
pkg:rpm/redhat/atomic-openshift-clients
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.0.150f595.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-clients-redistributable
Package
Name
atomic-openshift-clients-redistributable
Purl
pkg:rpm/redhat/atomic-openshift-clients-redistributable
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.0.150f595.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-cluster-capacity
Package
Name
atomic-openshift-cluster-capacity
Purl
pkg:rpm/redhat/atomic-openshift-cluster-capacity
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.0.150f595.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-descheduler
Package
Name
atomic-openshift-descheduler
Purl
pkg:rpm/redhat/atomic-openshift-descheduler
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.13-2.git.267.bb59a3f.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-docker-excluder
Package
Name
atomic-openshift-docker-excluder
Purl
pkg:rpm/redhat/atomic-openshift-docker-excluder
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.0.150f595.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-dockerregistry
Package
Name
atomic-openshift-dockerregistry
Purl
pkg:rpm/redhat/atomic-openshift-dockerregistry
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.1.13625cf.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-excluder
Package
Name
atomic-openshift-excluder
Purl
pkg:rpm/redhat/atomic-openshift-excluder
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.0.150f595.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-federation-services
Package
Name
atomic-openshift-federation-services
Purl
pkg:rpm/redhat/atomic-openshift-federation-services
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.0.150f595.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-master
Package
Name
atomic-openshift-master
Purl
pkg:rpm/redhat/atomic-openshift-master
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.0.150f595.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-node
Package
Name
atomic-openshift-node
Purl
pkg:rpm/redhat/atomic-openshift-node
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.0.150f595.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-node-problem-detector
Package
Name
atomic-openshift-node-problem-detector
Purl
pkg:rpm/redhat/atomic-openshift-node-problem-detector
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.13-2.git.167.5d6b0d4.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-pod
Package
Name
atomic-openshift-pod
Purl
pkg:rpm/redhat/atomic-openshift-pod
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.0.150f595.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-sdn-ovs
Package
Name
atomic-openshift-sdn-ovs
Purl
pkg:rpm/redhat/atomic-openshift-sdn-ovs
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.0.150f595.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-service-catalog
Package
Name
atomic-openshift-service-catalog
Purl
pkg:rpm/redhat/atomic-openshift-service-catalog
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.0.150f595.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-template-service-broker
Package
Name
atomic-openshift-template-service-broker
Purl
pkg:rpm/redhat/atomic-openshift-template-service-broker
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.0.150f595.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-tests
Package
Name
atomic-openshift-tests
Purl
pkg:rpm/redhat/atomic-openshift-tests
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.0.150f595.el7
Red Hat:openshift:3.9::el7
/
atomic-openshift-web-console
Package
Name
atomic-openshift-web-console
Purl
pkg:rpm/redhat/atomic-openshift-web-console
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.1.601c6d2.el7
Red Hat:openshift:3.9::el7
/
cockpit
Package
Name
cockpit
Purl
pkg:rpm/redhat/cockpit
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:195-2.rhaos.el7
Red Hat:openshift:3.9::el7
/
cockpit-debuginfo
Package
Name
cockpit-debuginfo
Purl
pkg:rpm/redhat/cockpit-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:195-2.rhaos.el7
Red Hat:openshift:3.9::el7
/
cockpit-kubernetes
Package
Name
cockpit-kubernetes
Purl
pkg:rpm/redhat/cockpit-kubernetes
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:195-2.rhaos.el7
Red Hat:openshift:3.9::el7
/
containernetworking-plugins
Package
Name
containernetworking-plugins
Purl
pkg:rpm/redhat/containernetworking-plugins
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.5.2-6.el7
Red Hat:openshift:3.9::el7
/
containernetworking-plugins-debuginfo
Package
Name
containernetworking-plugins-debuginfo
Purl
pkg:rpm/redhat/containernetworking-plugins-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.5.2-6.el7
Red Hat:openshift:3.9::el7
/
cri-o
Package
Name
cri-o
Purl
pkg:rpm/redhat/cri-o
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.9.16-3.git858756d.el7
Red Hat:openshift:3.9::el7
/
cri-o-debuginfo
Package
Name
cri-o-debuginfo
Purl
pkg:rpm/redhat/cri-o-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.9.16-3.git858756d.el7
Red Hat:openshift:3.9::el7
/
cri-tools
Package
Name
cri-tools
Purl
pkg:rpm/redhat/cri-tools
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.0.0-6.rhaos3.9.git8e6013a.el7
Red Hat:openshift:3.9::el7
/
cri-tools-debuginfo
Package
Name
cri-tools-debuginfo
Purl
pkg:rpm/redhat/cri-tools-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.0.0-6.rhaos3.9.git8e6013a.el7
Red Hat:openshift:3.9::el7
/
golang-github-openshift-oauth-proxy
Package
Name
golang-github-openshift-oauth-proxy
Purl
pkg:rpm/redhat/golang-github-openshift-oauth-proxy
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1-3.git885c9f40.el7
Red Hat:openshift:3.9::el7
/
golang-github-openshift-prometheus-alert-buffer
Package
Name
golang-github-openshift-prometheus-alert-buffer
Purl
pkg:rpm/redhat/golang-github-openshift-prometheus-alert-buffer
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0-3.gitceca8c1.el7
Red Hat:openshift:3.9::el7
/
golang-github-prometheus-alertmanager
Package
Name
golang-github-prometheus-alertmanager
Purl
pkg:rpm/redhat/golang-github-prometheus-alertmanager
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.14.0-2.git30af4d0.el7
Red Hat:openshift:3.9::el7
/
golang-github-prometheus-node_exporter
Package
Name
golang-github-prometheus-node_exporter
Purl
pkg:rpm/redhat/golang-github-prometheus-node_exporter
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.1.8295224.el7
Red Hat:openshift:3.9::el7
/
golang-github-prometheus-prometheus
Package
Name
golang-github-prometheus-prometheus
Purl
pkg:rpm/redhat/golang-github-prometheus-prometheus
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.2.1-2.gitbc6058c.el7
Red Hat:openshift:3.9::el7
/
golang-github-prometheus-promu
Package
Name
golang-github-prometheus-promu
Purl
pkg:rpm/redhat/golang-github-prometheus-promu
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0-5.git85ceabc.el7
Red Hat:openshift:3.9::el7
/
hawkular-openshift-agent
Package
Name
hawkular-openshift-agent
Purl
pkg:rpm/redhat/hawkular-openshift-agent
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.2.2-3.el7
Red Hat:openshift:3.9::el7
/
heapster
Package
Name
heapster
Purl
pkg:rpm/redhat/heapster
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.3.0-4.el7
Red Hat:openshift:3.9::el7
/
image-inspector
Package
Name
image-inspector
Purl
pkg:rpm/redhat/image-inspector
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.1.3-2.el7
Red Hat:openshift:3.9::el7
/
openshift-enterprise-image-registry
Package
Name
openshift-enterprise-image-registry
Purl
pkg:rpm/redhat/openshift-enterprise-image-registry
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.8.0-2.git.216.b6b90bb.el7
Red Hat:openshift:3.9::el7
/
openshift-eventrouter
Package
Name
openshift-eventrouter
Purl
pkg:rpm/redhat/openshift-eventrouter
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.1-3.git5bd9251.el7
Red Hat:openshift:3.9::el7
/
openshift-eventrouter-debuginfo
Package
Name
openshift-eventrouter-debuginfo
Purl
pkg:rpm/redhat/openshift-eventrouter-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.1-3.git5bd9251.el7
Red Hat:openshift:3.9::el7
/
openshift-external-storage
Package
Name
openshift-external-storage
Purl
pkg:rpm/redhat/openshift-external-storage
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.0.1-9.git78d6339.el7
Red Hat:openshift:3.9::el7
/
openshift-external-storage-debuginfo
Package
Name
openshift-external-storage-debuginfo
Purl
pkg:rpm/redhat/openshift-external-storage-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.0.1-9.git78d6339.el7
Red Hat:openshift:3.9::el7
/
openshift-external-storage-efs-provisioner
Package
Name
openshift-external-storage-efs-provisioner
Purl
pkg:rpm/redhat/openshift-external-storage-efs-provisioner
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.0.1-9.git78d6339.el7
Red Hat:openshift:3.9::el7
/
openshift-external-storage-local-provisioner
Package
Name
openshift-external-storage-local-provisioner
Purl
pkg:rpm/redhat/openshift-external-storage-local-provisioner
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.0.1-9.git78d6339.el7
Red Hat:openshift:3.9::el7
/
openshift-external-storage-snapshot-controller
Package
Name
openshift-external-storage-snapshot-controller
Purl
pkg:rpm/redhat/openshift-external-storage-snapshot-controller
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.0.1-9.git78d6339.el7
Red Hat:openshift:3.9::el7
/
openshift-external-storage-snapshot-provisioner
Package
Name
openshift-external-storage-snapshot-provisioner
Purl
pkg:rpm/redhat/openshift-external-storage-snapshot-provisioner
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.0.1-9.git78d6339.el7
Red Hat:openshift:3.9::el7
/
openvswitch-ovn-kubernetes
Package
Name
openvswitch-ovn-kubernetes
Purl
pkg:rpm/redhat/openvswitch-ovn-kubernetes
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.1.0-3.el7
Red Hat:openshift:3.9::el7
/
prometheus
Package
Name
prometheus
Purl
pkg:rpm/redhat/prometheus
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.2.1-2.gitbc6058c.el7
Red Hat:openshift:3.9::el7
/
prometheus-alertmanager
Package
Name
prometheus-alertmanager
Purl
pkg:rpm/redhat/prometheus-alertmanager
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.14.0-2.git30af4d0.el7
Red Hat:openshift:3.9::el7
/
prometheus-node-exporter
Package
Name
prometheus-node-exporter
Purl
pkg:rpm/redhat/prometheus-node-exporter
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:3.9.101-1.git.1.8295224.el7
Red Hat:openshift:3.9::el7
/
prometheus-promu
Package
Name
prometheus-promu
Purl
pkg:rpm/redhat/prometheus-promu
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0-5.git85ceabc.el7
RHSA-2019:2769 - OSV