Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-1003049
Vulnerability from cvelistv5
Published
2019-04-10 20:12
Modified
2024-08-05 03:07
Severity ?
EPSS score ?
Summary
Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Jenkins project | Jenkins |
Version: 2.171 and earlier, LTS 2.164.1 and earlier |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:07:18.205Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "107901", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107901", }, { name: "RHBA-2019:1605", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHBA-2019:1605", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Jenkins", vendor: "Jenkins project", versions: [ { status: "affected", version: "2.171 and earlier, LTS 2.164.1 and earlier", }, ], }, ], descriptions: [ { lang: "en", value: "Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.", }, ], providerMetadata: { dateUpdated: "2023-10-24T16:45:27.954Z", orgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", shortName: "jenkins", }, references: [ { name: "107901", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107901", }, { name: "RHBA-2019:1605", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHBA-2019:1605", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "jenkinsci-cert@googlegroups.com", ID: "CVE-2019-1003049", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Jenkins", version: { version_data: [ { version_value: "2.171 and earlier, LTS 2.164.1 and earlier", }, ], }, }, ], }, vendor_name: "Jenkins project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-613", }, ], }, ], }, references: { reference_data: [ { name: "107901", refsource: "BID", url: "http://www.securityfocus.com/bid/107901", }, { name: "RHBA-2019:1605", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHBA-2019:1605", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", refsource: "CONFIRM", url: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", assignerShortName: "jenkins", cveId: "CVE-2019-1003049", datePublished: "2019-04-10T20:12:29", dateReserved: "2019-04-10T00:00:00", dateUpdated: "2024-08-05T03:07:18.205Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2019-1003049\",\"sourceIdentifier\":\"jenkinsci-cert@googlegroups.com\",\"published\":\"2019-04-10T21:29:01.480\",\"lastModified\":\"2024-11-21T04:17:48.607\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.\"},{\"lang\":\"es\",\"value\":\"Los usuarios que almacenaron su autenticación CLI antes de que Jenkins se actualizara a la versión 2.150.2 o posteriores, o a la versión 2.160 o posteriores, permanecerían autenticados en Jenkins 2.171 y anteriores y en Jenkins LTS 2.164.1 y anteriores, ya que la solución para CVE-2019-1003004 en estas versiones no rechazaba las cachés de autenticación CLI remotas existentes.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-613\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*\",\"versionEndIncluding\":\"2.164.1\",\"matchCriteriaId\":\"2491F2AA-41E4-4220-8330-23D9969B61FC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.171\",\"matchCriteriaId\":\"74C54E4A-7C75-4DA1-ABF9-CF345D3F0563\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F87326E-0B56-4356-A889-73D026DB1D4B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4CA84D6-F312-4C29-A02B-050FCB7A902B\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/107901\",\"source\":\"jenkinsci-cert@googlegroups.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:1605\",\"source\":\"jenkinsci-cert@googlegroups.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289\",\"source\":\"jenkinsci-cert@googlegroups.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"jenkinsci-cert@googlegroups.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/107901\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:1605\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}", }, }
ghsa-742j-jcfr-23w3
Vulnerability from github
Published
2022-05-13 01:01
Modified
2022-06-29 14:08
Severity ?
Summary
Insufficient Session Expiration in Jenkins
Details
Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.
{ affected: [ { database_specific: { last_known_affected_version_range: "<= 2.164.1", }, package: { ecosystem: "Maven", name: "org.jenkins-ci.main:jenkins-core", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "2.164.2", }, ], type: "ECOSYSTEM", }, ], }, { database_specific: { last_known_affected_version_range: "<= 2.171", }, package: { ecosystem: "Maven", name: "org.jenkins-ci.main:jenkins-core", }, ranges: [ { events: [ { introduced: "2.165", }, { fixed: "2.172", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2019-1003049", ], database_specific: { cwe_ids: [ "CWE-613", ], github_reviewed: true, github_reviewed_at: "2022-06-29T14:08:39Z", nvd_published_at: "2019-04-10T21:29:00Z", severity: "HIGH", }, details: "Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.", id: "GHSA-742j-jcfr-23w3", modified: "2022-06-29T14:08:39Z", published: "2022-05-13T01:01:01Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003049", }, { type: "WEB", url: "https://github.com/jenkinsci/jenkins/commit/0eeaa087aac192fb39f52928be5a5bbf16627ea6", }, { type: "WEB", url: "https://access.redhat.com/errata/RHBA-2019:1605", }, { type: "PACKAGE", url: "https://github.com/jenkinsci/jenkins", }, { type: "WEB", url: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", }, { type: "WEB", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { type: "WEB", url: "http://www.securityfocus.com/bid/107901", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", type: "CVSS_V3", }, ], summary: "Insufficient Session Expiration in Jenkins", }
rhba-2019:1605
Vulnerability from csaf_redhat
Published
2019-06-26 09:09
Modified
2024-11-22 13:25
Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix and enhancement update
Notes
Topic
Red Hat OpenShift Container Platform release 3.11.117 is now available with
updates to packages and images that fix several bugs and add enhancements.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 3.11.117. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHBA-2019:1606
Space precludes documenting all of the bug fixes and enhancements in this
advisory. See the following Release Notes documentation, which will be
updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html
All OpenShift Container Platform 3.11 users are advised to upgrade to these
updated packages and images.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Container Platform release 3.11.117 is now available with\nupdates to packages and images that fix several bugs and add enhancements.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 3.11.117. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2019:1606\n\nSpace precludes documenting all of the bug fixes and enhancements in this\nadvisory. See the following Release Notes documentation, which will be\nupdated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these\nupdated packages and images.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHBA-2019:1605", url: "https://access.redhat.com/errata/RHBA-2019:1605", }, { category: "external", summary: "1418021", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1418021", }, { category: "external", summary: "1571190", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1571190", }, { category: "external", summary: "1585070", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1585070", }, { category: "external", summary: "1600741", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1600741", }, { category: "external", summary: "1608260", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1608260", }, { category: "external", summary: "1624316", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1624316", }, { category: "external", summary: "1631687", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1631687", }, { category: "external", summary: "1639427", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1639427", }, { category: "external", summary: "1640382", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1640382", }, { category: "external", summary: "1645656", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1645656", }, { category: "external", summary: "1648973", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1648973", }, { category: "external", summary: "1651564", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1651564", }, { category: "external", summary: "1652746", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1652746", }, { category: "external", summary: "1656083", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1656083", }, { category: "external", summary: "1656487", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1656487", }, { category: "external", summary: "1661076", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1661076", }, { category: "external", summary: "1667063", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667063", }, { category: "external", summary: "1667801", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667801", }, { category: "external", summary: "1671315", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1671315", }, { category: "external", summary: "1671837", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1671837", }, { category: "external", summary: "1676399", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1676399", }, { category: "external", summary: "1680059", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1680059", }, { category: "external", summary: "1682924", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1682924", }, { category: "external", summary: "1688250", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1688250", }, { category: "external", summary: "1688318", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1688318", }, { category: "external", summary: "1689230", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1689230", }, { category: "external", summary: "1689796", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1689796", }, { category: "external", summary: "1690066", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1690066", }, { category: "external", summary: "1691023", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1691023", }, { category: "external", summary: "1694724", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1694724", }, { category: "external", summary: "1695903", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695903", }, { category: "external", summary: "1696249", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1696249", }, { category: "external", summary: "1698018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1698018", }, { category: "external", summary: "1698922", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1698922", }, { category: "external", summary: "1699533", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1699533", }, { category: "external", summary: "1699696", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1699696", }, { category: "external", summary: "1700875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1700875", }, { category: "external", summary: "1701806", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1701806", }, { category: "external", summary: "1702544", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1702544", }, { category: "external", summary: "1702693", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1702693", }, { category: "external", summary: "1703136", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1703136", }, { category: "external", summary: "1703558", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1703558", }, { category: "external", summary: "1703749", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1703749", }, { category: "external", summary: "1703904", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1703904", }, { category: "external", summary: "1703947", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1703947", }, { category: "external", summary: "1705243", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1705243", }, { category: "external", summary: "1707448", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1707448", }, { category: "external", summary: "1707524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1707524", }, { category: "external", summary: "1707799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1707799", }, { category: "external", summary: "1708187", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1708187", }, { category: "external", summary: "1708442", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1708442", }, { category: "external", summary: "1708552", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1708552", }, { category: "external", summary: "1709254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1709254", }, { category: "external", summary: "1709626", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1709626", }, { category: "external", summary: "1710424", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710424", }, { category: "external", summary: "1710723", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710723", }, { category: "external", summary: "1712488", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1712488", }, { category: "external", summary: "1713211", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1713211", }, { category: "external", summary: "1717028", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1717028", }, { category: "external", summary: "1718458", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1718458", }, { category: "external", summary: "1718542", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1718542", }, { category: "external", summary: "1720466", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1720466", }, { category: "external", summary: "1720581", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1720581", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_1605.json", }, ], title: "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix and enhancement update", tracking: { current_release_date: "2024-11-22T13:25:17+00:00", generator: { date: "2024-11-22T13:25:17+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHBA-2019:1605", initial_release_date: "2019-06-26T09:09:49+00:00", revision_history: [ { date: "2019-06-26T09:09:49+00:00", number: "1", summary: "Initial version", }, { date: "2019-06-26T09:09:49+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T13:25:17+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift Container Platform 3.11", product: { name: "Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:3.11::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Enterprise", }, { branches: [ { category: "product_version", name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product: { name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product_id: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/cri-o-debuginfo@1.11.14-1.rhaos3.11.gitd56660e.el7?arch=x86_64", }, }, }, { category: "product_version", name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product_id: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/cri-o@1.11.14-1.rhaos3.11.gitd56660e.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", product: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", product_id: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.117-1.git.1.376e432.el7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", product: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", product_id: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.117-1.git.1.376e432.el7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.117-1.git.1.caa79fa.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", product: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", product_id: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.117-1.git.1.1635b0a.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", product: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", product_id: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.117-1.git.1.6a42b08.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", product: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", product_id: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.117-1.git.1.319d58e.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", product: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", product_id: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.117-1.git.1.0345fe3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", product: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", product_id: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.117-1.git.1.887bb82.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", product: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", product_id: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.117-1.git.1.be7a05c.el7?arch=x86_64", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", product_id: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.117-1.git.1.2b006d2.el7?arch=x86_64", }, }, }, { category: "product_version", name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", product: { name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", product_id: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-alertmanager@3.11.117-1.git.1.207ef35.el7?arch=x86_64", }, }, }, { category: "product_version", name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", product: { name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", product_id: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-node-exporter@3.11.117-1.git.1.dcee33f.el7?arch=x86_64", }, }, }, { category: "product_version", name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", product: { name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", product_id: "prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus@3.11.117-1.git.1.f52d417.el7?arch=x86_64", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", product: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", product_id: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.117-1.git.1.ef32a58.el7?arch=x86_64", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", product_id: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.117-1.git.1.6593fce.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product: { name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product_id: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/cri-o-debuginfo@1.11.14-1.rhaos3.11.gitd56660e.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product_id: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/cri-o@1.11.14-1.rhaos3.11.gitd56660e.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", product: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", product_id: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.117-1.git.1.376e432.el7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", product: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", product_id: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.117-1.git.1.376e432.el7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.117-1.git.1.caa79fa.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", product: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", product_id: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.117-1.git.1.1635b0a.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", product: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", product_id: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.117-1.git.1.6a42b08.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", product: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", product_id: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.117-1.git.1.319d58e.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", product: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", product_id: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.117-1.git.1.0345fe3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", product: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", product_id: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.117-1.git.1.887bb82.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", product: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", product_id: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.117-1.git.1.be7a05c.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", product_id: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.117-1.git.1.2b006d2.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", product: { name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", product_id: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-alertmanager@3.11.117-1.git.1.207ef35.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", product: { name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", product_id: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-node-exporter@3.11.117-1.git.1.dcee33f.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", product: { name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", product_id: "prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus@3.11.117-1.git.1.f52d417.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", product: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", product_id: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.117-1.git.1.ef32a58.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", product_id: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.117-1.git.1.6593fce.el7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", product: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", product_id: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/cri-o@1.11.14-1.rhaos3.11.gitd56660e.el7?arch=src", }, }, }, { category: "product_version", name: "jenkins-0:2.164.2.1555422716-1.el7.src", product: { name: "jenkins-0:2.164.2.1555422716-1.el7.src", product_id: "jenkins-0:2.164.2.1555422716-1.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins@2.164.2.1555422716-1.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", product: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", product_id: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.117-1.git.1.376e432.el7?arch=src&epoch=1", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.117-1.git.1.caa79fa.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", product: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", product_id: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.117-1.git.1.1635b0a.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", product: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", product_id: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.117-1.git.1.6a42b08.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", product: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", product_id: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.117-1.git.1.319d58e.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", product: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", product_id: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.117-1.git.1.0345fe3.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", product: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", product_id: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.117-1.git.1.887bb82.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", product: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", product_id: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.117-1.git.1.be7a05c.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", product_id: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.117-1.git.1.2b006d2.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", product: { name: "golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", product_id: "golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.117-1.git.1.207ef35.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", product: { name: "golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", product_id: "golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.117-1.git.1.dcee33f.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", product: { name: "golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", product_id: "golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.117-1.git.1.f52d417.el7?arch=src", }, }, }, { category: "product_version", name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.src", product: { name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.src", product_id: "jenkins-2-plugins-0:3.11.1559667994-1.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins-2-plugins@3.11.1559667994-1.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", product: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", product_id: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.117-1.git.1.ef32a58.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", product_id: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.117-1.git.1.6593fce.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", product: { name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", product_id: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible@3.11.123-1.git.0.db681ba.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jenkins-0:2.164.2.1555422716-1.el7.noarch", product: { name: "jenkins-0:2.164.2.1555422716-1.el7.noarch", product_id: "jenkins-0:2.164.2.1555422716-1.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins@2.164.2.1555422716-1.el7?arch=noarch", }, }, }, { category: "product_version", name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", product: { name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", product_id: "jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins-2-plugins@3.11.1559667994-1.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", product: { name: "openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", product_id: "openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-playbooks@3.11.123-1.git.0.db681ba.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", product: { name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", product_id: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible@3.11.123-1.git.0.db681ba.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", product: { name: "openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", product_id: "openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-docs@3.11.123-1.git.0.db681ba.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", product: { name: "openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", product_id: "openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-roles@3.11.123-1.git.0.db681ba.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", product: { name: "openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", product_id: "openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-test@3.11.123-1.git.0.db681ba.el7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", }, product_reference: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", }, product_reference: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", }, product_reference: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", }, product_reference: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", }, product_reference: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", }, product_reference: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", }, product_reference: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", }, product_reference: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", }, product_reference: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", }, product_reference: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", }, product_reference: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", }, product_reference: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", }, product_reference: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", }, product_reference: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", }, product_reference: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", }, product_reference: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", }, product_reference: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", }, product_reference: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", }, product_reference: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", }, product_reference: "golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", }, product_reference: "golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", }, product_reference: "golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-0:2.164.2.1555422716-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", }, product_reference: "jenkins-0:2.164.2.1555422716-1.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-0:2.164.2.1555422716-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", }, product_reference: "jenkins-0:2.164.2.1555422716-1.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", }, product_reference: "jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", }, product_reference: "jenkins-2-plugins-0:3.11.1559667994-1.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", }, product_reference: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", }, product_reference: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", }, product_reference: "openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", }, product_reference: "openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", }, product_reference: "openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", }, product_reference: "openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", }, product_reference: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", }, product_reference: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", }, product_reference: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", }, product_reference: "prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", }, product_reference: "prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", }, product_reference: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", }, product_reference: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", }, product_reference: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", }, product_reference: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, ], }, vulnerabilities: [ { cve: "CVE-2019-10320", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2019-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1714054", }, ], notes: [ { category: "description", text: "Jenkins Credentials Plugin 2.1.18 and earlier allowed users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attacker-specified path, and obtain the certificate content of files containing a PKCS#12 certificate.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-credentials-plugin: Certificate file read vulnerability in Credentials Plugin (SECURITY-1322)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10320", }, { category: "external", summary: "RHBZ#1714054", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1714054", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10320", url: "https://www.cve.org/CVERecord?id=CVE-2019-10320", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10320", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10320", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1322", url: "https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1322", }, ], release_date: "2019-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-26T09:09:49+00:00", details: "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for release 3.11.117, for important\ninstructions on how to upgrade your cluster and fully apply this\nasynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:1605", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins-credentials-plugin: Certificate file read vulnerability in Credentials Plugin (SECURITY-1322)", }, { cve: "CVE-2019-10328", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2019-06-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1716794", }, ], notes: [ { category: "description", text: "A flaw was found in the Jenkins Workflow Remote Loader plugin. An unsafe whitelist entry was made that allowed invoking arbitrary methods and bypassing sandbox protection. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-workflow-remote-loader: Unsafe Script Security whitelist entry in Pipeline Remote Loader Plugin (SECURITY-921)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10328", }, { category: "external", summary: "RHBZ#1716794", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1716794", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10328", url: "https://www.cve.org/CVERecord?id=CVE-2019-10328", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10328", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10328", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-05-31/#SECURITY-921", url: "https://jenkins.io/security/advisory/2019-05-31/#SECURITY-921", }, ], release_date: "2019-05-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-26T09:09:49+00:00", details: "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for release 3.11.117, for important\ninstructions on how to upgrade your cluster and fully apply this\nasynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:1605", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-workflow-remote-loader: Unsafe Script Security whitelist entry in Pipeline Remote Loader Plugin (SECURITY-921)", }, { cve: "CVE-2019-1003049", cwe: { id: "CWE-287", name: "Improper Authentication", }, discovery_date: "2019-04-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1699701", }, ], notes: [ { category: "description", text: "Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.", title: "Vulnerability description", }, { category: "summary", text: "jenkins: Jenkins accepted cached legacy CLI authentication", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003049", }, { category: "external", summary: "RHBZ#1699701", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1699701", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003049", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003049", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003049", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003049", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", url: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", }, ], release_date: "2019-04-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-26T09:09:49+00:00", details: "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for release 3.11.117, for important\ninstructions on how to upgrade your cluster and fully apply this\nasynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:1605", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins: Jenkins accepted cached legacy CLI authentication", }, { cve: "CVE-2019-1003050", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-04-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1699333", }, ], notes: [ { category: "description", text: "The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names.", title: "Vulnerability description", }, { category: "summary", text: "jenkins: Improper escaping of job URLs in f:validateButton leads to cross-site scripting vulnerability.", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003050", }, { category: "external", summary: "RHBZ#1699333", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1699333", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003050", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003050", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003050", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003050", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1327", url: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1327", }, ], release_date: "2019-04-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-26T09:09:49+00:00", details: "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for release 3.11.117, for important\ninstructions on how to upgrade your cluster and fully apply this\nasynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:1605", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins: Improper escaping of job URLs in f:validateButton leads to cross-site scripting vulnerability.", }, ], }
RHBA-2019:1605
Vulnerability from csaf_redhat
Published
2019-06-26 09:09
Modified
2024-11-22 13:25
Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix and enhancement update
Notes
Topic
Red Hat OpenShift Container Platform release 3.11.117 is now available with
updates to packages and images that fix several bugs and add enhancements.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 3.11.117. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHBA-2019:1606
Space precludes documenting all of the bug fixes and enhancements in this
advisory. See the following Release Notes documentation, which will be
updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html
All OpenShift Container Platform 3.11 users are advised to upgrade to these
updated packages and images.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Container Platform release 3.11.117 is now available with\nupdates to packages and images that fix several bugs and add enhancements.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 3.11.117. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2019:1606\n\nSpace precludes documenting all of the bug fixes and enhancements in this\nadvisory. See the following Release Notes documentation, which will be\nupdated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these\nupdated packages and images.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHBA-2019:1605", url: "https://access.redhat.com/errata/RHBA-2019:1605", }, { category: "external", summary: "1418021", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1418021", }, { category: "external", summary: "1571190", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1571190", }, { category: "external", summary: "1585070", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1585070", }, { category: "external", summary: "1600741", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1600741", }, { category: "external", summary: "1608260", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1608260", }, { category: "external", summary: "1624316", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1624316", }, { category: "external", summary: "1631687", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1631687", }, { category: "external", summary: "1639427", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1639427", }, { category: "external", summary: "1640382", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1640382", }, { category: "external", summary: "1645656", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1645656", }, { category: "external", summary: "1648973", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1648973", }, { category: "external", summary: "1651564", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1651564", }, { category: "external", summary: "1652746", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1652746", }, { category: "external", summary: "1656083", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1656083", }, { category: "external", summary: "1656487", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1656487", }, { category: "external", summary: "1661076", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1661076", }, { category: "external", summary: "1667063", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667063", }, { category: "external", summary: "1667801", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667801", }, { category: "external", summary: "1671315", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1671315", }, { category: "external", summary: "1671837", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1671837", }, { category: "external", summary: "1676399", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1676399", }, { category: "external", summary: "1680059", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1680059", }, { category: "external", summary: "1682924", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1682924", }, { category: "external", summary: "1688250", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1688250", }, { category: "external", summary: "1688318", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1688318", }, { category: "external", summary: "1689230", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1689230", }, { category: "external", summary: "1689796", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1689796", }, { category: "external", summary: "1690066", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1690066", }, { category: "external", summary: "1691023", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1691023", }, { category: "external", summary: "1694724", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1694724", }, { category: "external", summary: "1695903", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695903", }, { category: "external", summary: "1696249", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1696249", }, { category: "external", summary: "1698018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1698018", }, { category: "external", summary: "1698922", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1698922", }, { category: "external", summary: "1699533", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1699533", }, { category: "external", summary: "1699696", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1699696", }, { category: "external", summary: "1700875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1700875", }, { category: "external", summary: "1701806", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1701806", }, { category: "external", summary: "1702544", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1702544", }, { category: "external", summary: "1702693", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1702693", }, { category: "external", summary: "1703136", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1703136", }, { category: "external", summary: "1703558", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1703558", }, { category: "external", summary: "1703749", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1703749", }, { category: "external", summary: "1703904", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1703904", }, { category: "external", summary: "1703947", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1703947", }, { category: "external", summary: "1705243", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1705243", }, { category: "external", summary: "1707448", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1707448", }, { category: "external", summary: "1707524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1707524", }, { category: "external", summary: "1707799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1707799", }, { category: "external", summary: "1708187", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1708187", }, { category: "external", summary: "1708442", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1708442", }, { category: "external", summary: "1708552", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1708552", }, { category: "external", summary: "1709254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1709254", }, { category: "external", summary: "1709626", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1709626", }, { category: "external", summary: "1710424", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710424", }, { category: "external", summary: "1710723", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710723", }, { category: "external", summary: "1712488", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1712488", }, { category: "external", summary: "1713211", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1713211", }, { category: "external", summary: "1717028", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1717028", }, { category: "external", summary: "1718458", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1718458", }, { category: "external", summary: "1718542", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1718542", }, { category: "external", summary: "1720466", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1720466", }, { category: "external", summary: "1720581", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1720581", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_1605.json", }, ], title: "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix and enhancement update", tracking: { current_release_date: "2024-11-22T13:25:17+00:00", generator: { date: "2024-11-22T13:25:17+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHBA-2019:1605", initial_release_date: "2019-06-26T09:09:49+00:00", revision_history: [ { date: "2019-06-26T09:09:49+00:00", number: "1", summary: "Initial version", }, { date: "2019-06-26T09:09:49+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T13:25:17+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift Container Platform 3.11", product: { name: "Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:3.11::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Enterprise", }, { branches: [ { category: "product_version", name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product: { name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product_id: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/cri-o-debuginfo@1.11.14-1.rhaos3.11.gitd56660e.el7?arch=x86_64", }, }, }, { category: "product_version", name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product_id: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/cri-o@1.11.14-1.rhaos3.11.gitd56660e.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", product: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", product_id: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.117-1.git.1.376e432.el7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", product: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", product_id: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.117-1.git.1.376e432.el7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.117-1.git.1.caa79fa.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", product: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", product_id: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.117-1.git.1.1635b0a.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", product: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", product_id: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.117-1.git.1.6a42b08.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", product: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", product_id: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.117-1.git.1.319d58e.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", product: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", product_id: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.117-1.git.1.0345fe3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", product: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", product_id: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.117-1.git.1.887bb82.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", product: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", product_id: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.117-1.git.1.be7a05c.el7?arch=x86_64", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", product_id: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.117-1.git.1.2b006d2.el7?arch=x86_64", }, }, }, { category: "product_version", name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", product: { name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", product_id: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-alertmanager@3.11.117-1.git.1.207ef35.el7?arch=x86_64", }, }, }, { category: "product_version", name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", product: { name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", product_id: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-node-exporter@3.11.117-1.git.1.dcee33f.el7?arch=x86_64", }, }, }, { category: "product_version", name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", product: { name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", product_id: "prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus@3.11.117-1.git.1.f52d417.el7?arch=x86_64", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", product: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", product_id: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.117-1.git.1.ef32a58.el7?arch=x86_64", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", product_id: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.117-1.git.1.6593fce.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product: { name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product_id: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/cri-o-debuginfo@1.11.14-1.rhaos3.11.gitd56660e.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product_id: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/cri-o@1.11.14-1.rhaos3.11.gitd56660e.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", product: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", product_id: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.117-1.git.1.376e432.el7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", product: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", product_id: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.117-1.git.1.376e432.el7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.117-1.git.1.caa79fa.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", product: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", product_id: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.117-1.git.1.1635b0a.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", product: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", product_id: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.117-1.git.1.6a42b08.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", product: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", product_id: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.117-1.git.1.319d58e.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", product: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", product_id: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.117-1.git.1.0345fe3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", product: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", product_id: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.117-1.git.1.887bb82.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", product: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", product_id: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.117-1.git.1.be7a05c.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", product_id: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.117-1.git.1.2b006d2.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", product: { name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", product_id: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-alertmanager@3.11.117-1.git.1.207ef35.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", product: { name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", product_id: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-node-exporter@3.11.117-1.git.1.dcee33f.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", product: { name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", product_id: "prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus@3.11.117-1.git.1.f52d417.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", product: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", product_id: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.117-1.git.1.ef32a58.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", product_id: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.117-1.git.1.6593fce.el7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", product: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", product_id: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/cri-o@1.11.14-1.rhaos3.11.gitd56660e.el7?arch=src", }, }, }, { category: "product_version", name: "jenkins-0:2.164.2.1555422716-1.el7.src", product: { name: "jenkins-0:2.164.2.1555422716-1.el7.src", product_id: "jenkins-0:2.164.2.1555422716-1.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins@2.164.2.1555422716-1.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", product: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", product_id: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.117-1.git.1.376e432.el7?arch=src&epoch=1", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.117-1.git.1.caa79fa.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", product: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", product_id: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.117-1.git.1.1635b0a.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", product: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", product_id: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.117-1.git.1.6a42b08.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", product: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", product_id: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.117-1.git.1.319d58e.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", product: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", product_id: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.117-1.git.1.0345fe3.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", product: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", product_id: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.117-1.git.1.887bb82.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", product: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", product_id: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.117-1.git.1.be7a05c.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", product_id: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.117-1.git.1.2b006d2.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", product: { name: "golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", product_id: "golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.117-1.git.1.207ef35.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", product: { name: "golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", product_id: "golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.117-1.git.1.dcee33f.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", product: { name: "golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", product_id: "golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.117-1.git.1.f52d417.el7?arch=src", }, }, }, { category: "product_version", name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.src", product: { name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.src", product_id: "jenkins-2-plugins-0:3.11.1559667994-1.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins-2-plugins@3.11.1559667994-1.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", product: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", product_id: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.117-1.git.1.ef32a58.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", product_id: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.117-1.git.1.6593fce.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", product: { name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", product_id: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible@3.11.123-1.git.0.db681ba.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jenkins-0:2.164.2.1555422716-1.el7.noarch", product: { name: "jenkins-0:2.164.2.1555422716-1.el7.noarch", product_id: "jenkins-0:2.164.2.1555422716-1.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins@2.164.2.1555422716-1.el7?arch=noarch", }, }, }, { category: "product_version", name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", product: { name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", product_id: "jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins-2-plugins@3.11.1559667994-1.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", product: { name: "openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", product_id: "openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-playbooks@3.11.123-1.git.0.db681ba.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", product: { name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", product_id: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible@3.11.123-1.git.0.db681ba.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", product: { name: "openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", product_id: "openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-docs@3.11.123-1.git.0.db681ba.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", product: { name: "openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", product_id: "openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-roles@3.11.123-1.git.0.db681ba.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", product: { name: "openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", product_id: "openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-test@3.11.123-1.git.0.db681ba.el7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", }, product_reference: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", }, product_reference: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", }, product_reference: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", }, product_reference: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", }, product_reference: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", }, product_reference: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", }, product_reference: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", }, product_reference: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", }, product_reference: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", }, product_reference: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", }, product_reference: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", }, product_reference: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", }, product_reference: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", }, product_reference: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", }, product_reference: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", }, product_reference: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", }, product_reference: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", }, product_reference: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", }, product_reference: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", }, product_reference: "golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", }, product_reference: "golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", }, product_reference: "golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-0:2.164.2.1555422716-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", }, product_reference: "jenkins-0:2.164.2.1555422716-1.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-0:2.164.2.1555422716-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", }, product_reference: "jenkins-0:2.164.2.1555422716-1.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", }, product_reference: "jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", }, product_reference: "jenkins-2-plugins-0:3.11.1559667994-1.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", }, product_reference: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", }, product_reference: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", }, product_reference: "openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", }, product_reference: "openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", }, product_reference: "openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", }, product_reference: "openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", }, product_reference: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", }, product_reference: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", }, product_reference: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", }, product_reference: "prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", }, product_reference: "prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", }, product_reference: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", }, product_reference: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", }, product_reference: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", }, product_reference: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, ], }, vulnerabilities: [ { cve: "CVE-2019-10320", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2019-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1714054", }, ], notes: [ { category: "description", text: "Jenkins Credentials Plugin 2.1.18 and earlier allowed users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attacker-specified path, and obtain the certificate content of files containing a PKCS#12 certificate.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-credentials-plugin: Certificate file read vulnerability in Credentials Plugin (SECURITY-1322)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10320", }, { category: "external", summary: "RHBZ#1714054", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1714054", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10320", url: "https://www.cve.org/CVERecord?id=CVE-2019-10320", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10320", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10320", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1322", url: "https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1322", }, ], release_date: "2019-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-26T09:09:49+00:00", details: "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for release 3.11.117, for important\ninstructions on how to upgrade your cluster and fully apply this\nasynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:1605", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins-credentials-plugin: Certificate file read vulnerability in Credentials Plugin (SECURITY-1322)", }, { cve: "CVE-2019-10328", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2019-06-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1716794", }, ], notes: [ { category: "description", text: "A flaw was found in the Jenkins Workflow Remote Loader plugin. An unsafe whitelist entry was made that allowed invoking arbitrary methods and bypassing sandbox protection. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-workflow-remote-loader: Unsafe Script Security whitelist entry in Pipeline Remote Loader Plugin (SECURITY-921)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10328", }, { category: "external", summary: "RHBZ#1716794", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1716794", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10328", url: "https://www.cve.org/CVERecord?id=CVE-2019-10328", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10328", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10328", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-05-31/#SECURITY-921", url: "https://jenkins.io/security/advisory/2019-05-31/#SECURITY-921", }, ], release_date: "2019-05-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-26T09:09:49+00:00", details: "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for release 3.11.117, for important\ninstructions on how to upgrade your cluster and fully apply this\nasynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:1605", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-workflow-remote-loader: Unsafe Script Security whitelist entry in Pipeline Remote Loader Plugin (SECURITY-921)", }, { cve: "CVE-2019-1003049", cwe: { id: "CWE-287", name: "Improper Authentication", }, discovery_date: "2019-04-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1699701", }, ], notes: [ { category: "description", text: "Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.", title: "Vulnerability description", }, { category: "summary", text: "jenkins: Jenkins accepted cached legacy CLI authentication", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003049", }, { category: "external", summary: "RHBZ#1699701", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1699701", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003049", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003049", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003049", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003049", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", url: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", }, ], release_date: "2019-04-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-26T09:09:49+00:00", details: "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for release 3.11.117, for important\ninstructions on how to upgrade your cluster and fully apply this\nasynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:1605", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins: Jenkins accepted cached legacy CLI authentication", }, { cve: "CVE-2019-1003050", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-04-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1699333", }, ], notes: [ { category: "description", text: "The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names.", title: "Vulnerability description", }, { category: "summary", text: "jenkins: Improper escaping of job URLs in f:validateButton leads to cross-site scripting vulnerability.", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003050", }, { category: "external", summary: "RHBZ#1699333", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1699333", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003050", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003050", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003050", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003050", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1327", url: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1327", }, ], release_date: "2019-04-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-26T09:09:49+00:00", details: "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for release 3.11.117, for important\ninstructions on how to upgrade your cluster and fully apply this\nasynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:1605", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins: Improper escaping of job URLs in f:validateButton leads to cross-site scripting vulnerability.", }, ], }
rhba-2019_1605
Vulnerability from csaf_redhat
Published
2019-06-26 09:09
Modified
2024-11-22 13:25
Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix and enhancement update
Notes
Topic
Red Hat OpenShift Container Platform release 3.11.117 is now available with
updates to packages and images that fix several bugs and add enhancements.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 3.11.117. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHBA-2019:1606
Space precludes documenting all of the bug fixes and enhancements in this
advisory. See the following Release Notes documentation, which will be
updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html
All OpenShift Container Platform 3.11 users are advised to upgrade to these
updated packages and images.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Container Platform release 3.11.117 is now available with\nupdates to packages and images that fix several bugs and add enhancements.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 3.11.117. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2019:1606\n\nSpace precludes documenting all of the bug fixes and enhancements in this\nadvisory. See the following Release Notes documentation, which will be\nupdated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these\nupdated packages and images.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHBA-2019:1605", url: "https://access.redhat.com/errata/RHBA-2019:1605", }, { category: "external", summary: "1418021", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1418021", }, { category: "external", summary: "1571190", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1571190", }, { category: "external", summary: "1585070", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1585070", }, { category: "external", summary: "1600741", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1600741", }, { category: "external", summary: "1608260", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1608260", }, { category: "external", summary: "1624316", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1624316", }, { category: "external", summary: "1631687", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1631687", }, { category: "external", summary: "1639427", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1639427", }, { category: "external", summary: "1640382", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1640382", }, { category: "external", summary: "1645656", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1645656", }, { category: "external", summary: "1648973", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1648973", }, { category: "external", summary: "1651564", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1651564", }, { category: "external", summary: "1652746", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1652746", }, { category: "external", summary: "1656083", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1656083", }, { category: "external", summary: "1656487", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1656487", }, { category: "external", summary: "1661076", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1661076", }, { category: "external", summary: "1667063", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667063", }, { category: "external", summary: "1667801", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667801", }, { category: "external", summary: "1671315", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1671315", }, { category: "external", summary: "1671837", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1671837", }, { category: "external", summary: "1676399", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1676399", }, { category: "external", summary: "1680059", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1680059", }, { category: "external", summary: "1682924", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1682924", }, { category: "external", summary: "1688250", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1688250", }, { category: "external", summary: "1688318", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1688318", }, { category: "external", summary: "1689230", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1689230", }, { category: "external", summary: "1689796", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1689796", }, { category: "external", summary: "1690066", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1690066", }, { category: "external", summary: "1691023", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1691023", }, { category: "external", summary: "1694724", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1694724", }, { category: "external", summary: "1695903", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695903", }, { category: "external", summary: "1696249", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1696249", }, { category: "external", summary: "1698018", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1698018", }, { category: "external", summary: "1698922", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1698922", }, { category: "external", summary: "1699533", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1699533", }, { category: "external", summary: "1699696", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1699696", }, { category: "external", summary: "1700875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1700875", }, { category: "external", summary: "1701806", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1701806", }, { category: "external", summary: "1702544", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1702544", }, { category: "external", summary: "1702693", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1702693", }, { category: "external", summary: "1703136", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1703136", }, { category: "external", summary: "1703558", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1703558", }, { category: "external", summary: "1703749", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1703749", }, { category: "external", summary: "1703904", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1703904", }, { category: "external", summary: "1703947", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1703947", }, { category: "external", summary: "1705243", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1705243", }, { category: "external", summary: "1707448", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1707448", }, { category: "external", summary: "1707524", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1707524", }, { category: "external", summary: "1707799", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1707799", }, { category: "external", summary: "1708187", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1708187", }, { category: "external", summary: "1708442", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1708442", }, { category: "external", summary: "1708552", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1708552", }, { category: "external", summary: "1709254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1709254", }, { category: "external", summary: "1709626", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1709626", }, { category: "external", summary: "1710424", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710424", }, { category: "external", summary: "1710723", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710723", }, { category: "external", summary: "1712488", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1712488", }, { category: "external", summary: "1713211", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1713211", }, { category: "external", summary: "1717028", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1717028", }, { category: "external", summary: "1718458", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1718458", }, { category: "external", summary: "1718542", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1718542", }, { category: "external", summary: "1720466", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1720466", }, { category: "external", summary: "1720581", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1720581", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_1605.json", }, ], title: "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix and enhancement update", tracking: { current_release_date: "2024-11-22T13:25:17+00:00", generator: { date: "2024-11-22T13:25:17+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHBA-2019:1605", initial_release_date: "2019-06-26T09:09:49+00:00", revision_history: [ { date: "2019-06-26T09:09:49+00:00", number: "1", summary: "Initial version", }, { date: "2019-06-26T09:09:49+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T13:25:17+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift Container Platform 3.11", product: { name: "Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:3.11::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Enterprise", }, { branches: [ { category: "product_version", name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product: { name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product_id: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/cri-o-debuginfo@1.11.14-1.rhaos3.11.gitd56660e.el7?arch=x86_64", }, }, }, { category: "product_version", name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product_id: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/cri-o@1.11.14-1.rhaos3.11.gitd56660e.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", product: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", product_id: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.117-1.git.1.376e432.el7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", product: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", product_id: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.117-1.git.1.376e432.el7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.117-1.git.1.caa79fa.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", product: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", product_id: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.117-1.git.1.1635b0a.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", product: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", product_id: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.117-1.git.1.6a42b08.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", product: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", product_id: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.117-1.git.1.319d58e.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", product: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", product_id: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.117-1.git.1.0345fe3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", product: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", product_id: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.117-1.git.1.887bb82.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", product: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", product_id: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.117-1.git.1.be7a05c.el7?arch=x86_64", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", product_id: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.117-1.git.1.2b006d2.el7?arch=x86_64", }, }, }, { category: "product_version", name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", product: { name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", product_id: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-alertmanager@3.11.117-1.git.1.207ef35.el7?arch=x86_64", }, }, }, { category: "product_version", name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", product: { name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", product_id: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-node-exporter@3.11.117-1.git.1.dcee33f.el7?arch=x86_64", }, }, }, { category: "product_version", name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", product: { name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", product_id: "prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus@3.11.117-1.git.1.f52d417.el7?arch=x86_64", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", product: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", product_id: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.117-1.git.1.ef32a58.el7?arch=x86_64", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", product_id: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.117-1.git.1.6593fce.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product: { name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product_id: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/cri-o-debuginfo@1.11.14-1.rhaos3.11.gitd56660e.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product_id: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/cri-o@1.11.14-1.rhaos3.11.gitd56660e.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", product: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", product_id: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.117-1.git.1.376e432.el7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", product: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", product_id: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.117-1.git.1.376e432.el7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.117-1.git.1.caa79fa.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", product: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", product_id: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.117-1.git.1.1635b0a.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", product: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", product_id: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.117-1.git.1.6a42b08.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", product: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", product_id: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.117-1.git.1.319d58e.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", product: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", product_id: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.117-1.git.1.0345fe3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", product: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", product_id: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.117-1.git.1.887bb82.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", product: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", product_id: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.117-1.git.1.be7a05c.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", product_id: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.117-1.git.1.2b006d2.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", product: { name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", product_id: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-alertmanager@3.11.117-1.git.1.207ef35.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", product: { name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", product_id: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-node-exporter@3.11.117-1.git.1.dcee33f.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", product: { name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", product_id: "prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus@3.11.117-1.git.1.f52d417.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", product: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", product_id: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.117-1.git.1.ef32a58.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", product_id: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.117-1.git.1.6593fce.el7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", product: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", product_id: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/cri-o@1.11.14-1.rhaos3.11.gitd56660e.el7?arch=src", }, }, }, { category: "product_version", name: "jenkins-0:2.164.2.1555422716-1.el7.src", product: { name: "jenkins-0:2.164.2.1555422716-1.el7.src", product_id: "jenkins-0:2.164.2.1555422716-1.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins@2.164.2.1555422716-1.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", product: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", product_id: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.117-1.git.1.376e432.el7?arch=src&epoch=1", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.117-1.git.1.caa79fa.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", product: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", product_id: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.117-1.git.1.1635b0a.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", product: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", product_id: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.117-1.git.1.6a42b08.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", product: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", product_id: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.117-1.git.1.319d58e.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", product: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", product_id: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.117-1.git.1.0345fe3.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", product: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", product_id: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.117-1.git.1.887bb82.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", product: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", product_id: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.117-1.git.1.be7a05c.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", product_id: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.117-1.git.1.2b006d2.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", product: { name: "golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", product_id: "golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.117-1.git.1.207ef35.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", product: { name: "golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", product_id: "golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.117-1.git.1.dcee33f.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", product: { name: "golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", product_id: "golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.117-1.git.1.f52d417.el7?arch=src", }, }, }, { category: "product_version", name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.src", product: { name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.src", product_id: "jenkins-2-plugins-0:3.11.1559667994-1.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins-2-plugins@3.11.1559667994-1.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", product: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", product_id: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.117-1.git.1.ef32a58.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", product_id: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.117-1.git.1.6593fce.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", product: { name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", product_id: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible@3.11.123-1.git.0.db681ba.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "jenkins-0:2.164.2.1555422716-1.el7.noarch", product: { name: "jenkins-0:2.164.2.1555422716-1.el7.noarch", product_id: "jenkins-0:2.164.2.1555422716-1.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins@2.164.2.1555422716-1.el7?arch=noarch", }, }, }, { category: "product_version", name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", product: { name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", product_id: "jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins-2-plugins@3.11.1559667994-1.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", product: { name: "openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", product_id: "openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-playbooks@3.11.123-1.git.0.db681ba.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", product: { name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", product_id: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible@3.11.123-1.git.0.db681ba.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", product: { name: "openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", product_id: "openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-docs@3.11.123-1.git.0.db681ba.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", product: { name: "openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", product_id: "openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-roles@3.11.123-1.git.0.db681ba.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", product: { name: "openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", product_id: "openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-test@3.11.123-1.git.0.db681ba.el7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", }, product_reference: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", }, product_reference: "atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", }, product_reference: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", }, product_reference: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", }, product_reference: "atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", }, product_reference: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", }, product_reference: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", }, product_reference: "atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", }, product_reference: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", }, product_reference: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", }, product_reference: "atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", }, product_reference: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", }, product_reference: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", }, product_reference: "atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", }, product_reference: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", }, product_reference: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", }, product_reference: "cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", }, product_reference: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", }, product_reference: "cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", }, product_reference: "golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", }, product_reference: "golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", }, product_reference: "golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-0:2.164.2.1555422716-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", }, product_reference: "jenkins-0:2.164.2.1555422716-1.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-0:2.164.2.1555422716-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", }, product_reference: "jenkins-0:2.164.2.1555422716-1.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", }, product_reference: "jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-2-plugins-0:3.11.1559667994-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", }, product_reference: "jenkins-2-plugins-0:3.11.1559667994-1.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", }, product_reference: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", }, product_reference: "openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", }, product_reference: "openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", }, product_reference: "openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", }, product_reference: "openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", }, product_reference: "openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", }, product_reference: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", }, product_reference: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", }, product_reference: "openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", }, product_reference: "prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", }, product_reference: "prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", }, product_reference: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", }, product_reference: "prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", }, product_reference: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", }, product_reference: "prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, ], }, vulnerabilities: [ { cve: "CVE-2019-10320", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2019-05-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1714054", }, ], notes: [ { category: "description", text: "Jenkins Credentials Plugin 2.1.18 and earlier allowed users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attacker-specified path, and obtain the certificate content of files containing a PKCS#12 certificate.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-credentials-plugin: Certificate file read vulnerability in Credentials Plugin (SECURITY-1322)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10320", }, { category: "external", summary: "RHBZ#1714054", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1714054", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10320", url: "https://www.cve.org/CVERecord?id=CVE-2019-10320", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10320", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10320", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1322", url: "https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1322", }, ], release_date: "2019-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-26T09:09:49+00:00", details: "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for release 3.11.117, for important\ninstructions on how to upgrade your cluster and fully apply this\nasynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:1605", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins-credentials-plugin: Certificate file read vulnerability in Credentials Plugin (SECURITY-1322)", }, { cve: "CVE-2019-10328", cwe: { id: "CWE-184", name: "Incomplete List of Disallowed Inputs", }, discovery_date: "2019-06-01T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1716794", }, ], notes: [ { category: "description", text: "A flaw was found in the Jenkins Workflow Remote Loader plugin. An unsafe whitelist entry was made that allowed invoking arbitrary methods and bypassing sandbox protection. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-workflow-remote-loader: Unsafe Script Security whitelist entry in Pipeline Remote Loader Plugin (SECURITY-921)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10328", }, { category: "external", summary: "RHBZ#1716794", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1716794", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10328", url: "https://www.cve.org/CVERecord?id=CVE-2019-10328", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10328", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10328", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-05-31/#SECURITY-921", url: "https://jenkins.io/security/advisory/2019-05-31/#SECURITY-921", }, ], release_date: "2019-05-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-26T09:09:49+00:00", details: "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for release 3.11.117, for important\ninstructions on how to upgrade your cluster and fully apply this\nasynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:1605", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-workflow-remote-loader: Unsafe Script Security whitelist entry in Pipeline Remote Loader Plugin (SECURITY-921)", }, { cve: "CVE-2019-1003049", cwe: { id: "CWE-287", name: "Improper Authentication", }, discovery_date: "2019-04-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1699701", }, ], notes: [ { category: "description", text: "Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.", title: "Vulnerability description", }, { category: "summary", text: "jenkins: Jenkins accepted cached legacy CLI authentication", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003049", }, { category: "external", summary: "RHBZ#1699701", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1699701", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003049", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003049", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003049", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003049", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", url: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", }, ], release_date: "2019-04-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-26T09:09:49+00:00", details: "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for release 3.11.117, for important\ninstructions on how to upgrade your cluster and fully apply this\nasynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:1605", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins: Jenkins accepted cached legacy CLI authentication", }, { cve: "CVE-2019-1003050", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-04-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1699333", }, ], notes: [ { category: "description", text: "The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names.", title: "Vulnerability description", }, { category: "summary", text: "jenkins: Improper escaping of job URLs in f:validateButton leads to cross-site scripting vulnerability.", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003050", }, { category: "external", summary: "RHBZ#1699333", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1699333", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003050", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003050", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003050", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003050", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1327", url: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1327", }, ], release_date: "2019-04-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-06-26T09:09:49+00:00", details: "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for release 3.11.117, for important\ninstructions on how to upgrade your cluster and fully apply this\nasynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:1605", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.117-1.git.1.376e432.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.117-1.git.1.caa79fa.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.117-1.git.1.1635b0a.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.117-1.git.1.6a42b08.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.117-1.git.1.319d58e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.117-1.git.1.0345fe3.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.117-1.git.1.887bb82.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.117-1.git.1.be7a05c.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.src", "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.14-1.rhaos3.11.gitd56660e.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.117-1.git.1.2b006d2.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.117-1.git.1.dcee33f.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.117-1.git.1.f52d417.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.164.2.1555422716-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1559667994-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.123-1.git.0.db681ba.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.123-1.git.0.db681ba.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.117-1.git.1.ef32a58.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.117-1.git.1.6593fce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.117-1.git.1.f52d417.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.117-1.git.1.207ef35.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.117-1.git.1.dcee33f.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins: Improper escaping of job URLs in f:validateButton leads to cross-site scripting vulnerability.", }, ], }
fkie_cve-2019-1003049
Vulnerability from fkie_nvd
Published
2019-04-10 21:29
Modified
2024-11-21 04:17
Severity ?
Summary
Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
jenkins | jenkins | * | |
jenkins | jenkins | * | |
redhat | openshift_container_platform | 3.11 | |
oracle | communications_cloud_native_core_automated_test_suite | 1.9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", matchCriteriaId: "2491F2AA-41E4-4220-8330-23D9969B61FC", versionEndIncluding: "2.164.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", matchCriteriaId: "74C54E4A-7C75-4DA1-ABF9-CF345D3F0563", versionEndIncluding: "2.171", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", matchCriteriaId: "2F87326E-0B56-4356-A889-73D026DB1D4B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*", matchCriteriaId: "A4CA84D6-F312-4C29-A02B-050FCB7A902B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.", }, { lang: "es", value: "Los usuarios que almacenaron su autenticación CLI antes de que Jenkins se actualizara a la versión 2.150.2 o posteriores, o a la versión 2.160 o posteriores, permanecerían autenticados en Jenkins 2.171 y anteriores y en Jenkins LTS 2.164.1 y anteriores, ya que la solución para CVE-2019-1003004 en estas versiones no rechazaba las cachés de autenticación CLI remotas existentes.", }, ], id: "CVE-2019-1003049", lastModified: "2024-11-21T04:17:48.607", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-04-10T21:29:01.480", references: [ { source: "jenkinsci-cert@googlegroups.com", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/107901", }, { source: "jenkinsci-cert@googlegroups.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:1605", }, { source: "jenkinsci-cert@googlegroups.com", tags: [ "Vendor Advisory", ], url: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", }, { source: "jenkinsci-cert@googlegroups.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/107901", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:1605", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], sourceIdentifier: "jenkinsci-cert@googlegroups.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-613", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
gsd-2019-1003049
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.
Aliases
Aliases
{ GSD: { alias: "CVE-2019-1003049", description: "Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.", id: "GSD-2019-1003049", references: [ "https://access.redhat.com/errata/RHBA-2019:1605", "https://security.archlinux.org/CVE-2019-1003049", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2019-1003049", ], details: "Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.", id: "GSD-2019-1003049", modified: "2023-12-13T01:23:44.837709Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "jenkinsci-cert@googlegroups.com", ID: "CVE-2019-1003049", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Jenkins", version: { version_data: [ { version_affected: "=", version_value: "2.171 and earlier, LTS 2.164.1 and earlier", }, ], }, }, ], }, vendor_name: "Jenkins project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.securityfocus.com/bid/107901", refsource: "MISC", url: "http://www.securityfocus.com/bid/107901", }, { name: "https://access.redhat.com/errata/RHBA-2019:1605", refsource: "MISC", url: "https://access.redhat.com/errata/RHBA-2019:1605", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", refsource: "MISC", url: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", }, ], }, }, "gitlab.com": { advisories: [ { affected_range: "[2.164.1,2.171]", affected_versions: "All versions after 2.164.1 up to 2.171", cvss_v2: "AV:N/AC:M/Au:N/C:P/I:P/A:P", cvss_v3: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", cwe_ids: [ "CWE-1035", "CWE-613", "CWE-937", ], date: "2019-04-15", description: "Users who cached their CLI authentication would remain authenticated because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.", fixed_versions: [ "2.172", ], identifier: "CVE-2019-1003049", identifiers: [ "CVE-2019-1003049", ], not_impacted: "All versions up to 2.164.1, all versions after 2.171", package_slug: "maven/org.jenkins-ci.main/jenkins-core", pubdate: "2019-04-10", solution: "Upgrade to version 2.172 or above.", title: "Improper Authentication", urls: [ "https://nvd.nist.gov/vuln/detail/CVE-2019-1003049", "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", ], uuid: "93c1f7c9-36ea-49d2-b5c3-08b55ace726e", }, ], }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", cpe_name: [], versionEndIncluding: "2.164.1", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "2.171", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "jenkinsci-cert@googlegroups.com", ID: "CVE-2019-1003049", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject existing remoting-based CLI authentication caches.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-613", }, ], }, ], }, references: { reference_data: [ { name: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", refsource: "MISC", tags: [ "Vendor Advisory", ], url: "https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1289", }, { name: "107901", refsource: "BID", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/107901", }, { name: "RHBA-2019:1605", refsource: "REDHAT", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:1605", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, }, }, lastModifiedDate: "2023-10-25T18:16Z", publishedDate: "2019-04-10T21:29Z", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.