Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in OpenShift
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in OpenShift
ID: RHSA-2021:0799-01
Distribution: Red Hat
Plattformen: Red Hat Container-native Virtualization
Datum: Mi, 10. März 2021, 23:28
Referenzen: https://access.redhat.com/security/cve/CVE-2018-16300
https://access.redhat.com/security/cve/CVE-2020-9925
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2020-14351
https://access.redhat.com/security/cve/CVE-2018-14882
https://access.redhat.com/security/cve/CVE-2019-19956
https://access.redhat.com/security/cve/CVE-2020-9283
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2019-20916
https://access.redhat.com/security/cve/CVE-2020-15586
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2018-10103
https://access.redhat.com/security/cve/CVE-2020-25685
https://access.redhat.com/security/cve/CVE-2020-25683
https://access.redhat.com/security/cve/CVE-2020-24659
https://access.redhat.com/security/cve/CVE-2020-9915
https://access.redhat.com/security/cve/CVE-2020-1751
https://access.redhat.com/security/cve/CVE-2020-13632
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2020-9805
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-8624
https://access.redhat.com/security/cve/CVE-2019-20388
https://access.redhat.com/security/cve/CVE-2020-8619
https://access.redhat.com/security/cve/CVE-2020-9895
https://access.redhat.com/security/cve/CVE-2020-25681
https://access.redhat.com/security/cve/CVE-2020-14382
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2018-14461
https://access.redhat.com/security/cve/CVE-2019-15165
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/cve/CVE-2020-15503
https://access.redhat.com/security/cve/CVE-2020-25686
https://access.redhat.com/security/cve/CVE-2019-13627
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2018-14469
https://access.redhat.com/security/cve/CVE-2020-26160
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-1752
https://access.redhat.com/security/cve/CVE-2021-3121
https://access.redhat.com/security/cve/CVE-2018-14463
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2018-14465
https://access.redhat.com/security/cve/CVE-2020-8622
https://access.redhat.com/security/cve/CVE-2019-20807
https://access.redhat.com/security/cve/CVE-2019-14889
https://access.redhat.com/security/cve/CVE-2019-13050
https://access.redhat.com/security/cve/CVE-2019-19906
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-25705
https://access.redhat.com/security/cve/CVE-2018-14880
https://access.redhat.com/security/cve/CVE-2020-12321
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-29652
https://access.redhat.com/security/cve/CVE-2020-29661
https://access.redhat.com/security/cve/CVE-2020-9843
https://access.redhat.com/security/cve/CVE-2020-14391
https://access.redhat.com/security/cve/CVE-2018-14464
https://access.redhat.com/security/cve/CVE-2018-14467
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2018-16230
https://access.redhat.com/security/cve/CVE-2021-20206
https://access.redhat.com/security/cve/CVE-2020-13631
https://access.redhat.com/security/cve/CVE-2019-20454
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2020-9807
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-14040
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-5018
https://access.redhat.com/security/cve/CVE-2020-12400
https://access.redhat.com/security/cve/CVE-2018-14462
https://access.redhat.com/security/cve/CVE-2019-15166
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2020-9850
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2018-14466
https://access.redhat.com/security/cve/CVE-2018-16227
https://access.redhat.com/security/cve/CVE-2019-14559
https://access.redhat.com/security/cve/CVE-2018-14468
https://access.redhat.com/security/cve/CVE-2020-25682
https://access.redhat.com/security/cve/CVE-2020-6829
https://access.redhat.com/security/cve/CVE-2020-9803
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2018-16228
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2020-12403
https://access.redhat.com/security/cve/CVE-2018-16229
https://access.redhat.com/security/cve/CVE-2018-14881
https://access.redhat.com/security/cve/CVE-2018-20843
https://access.redhat.com/security/cve/CVE-2020-9893
https://access.redhat.com/security/cve/CVE-2019-16168
https://access.redhat.com/security/cve/CVE-2019-16935
https://access.redhat.com/security/cve/CVE-2020-28362
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-25687
https://access.redhat.com/security/cve/CVE-2020-8492
https://access.redhat.com/security/cve/CVE-2019-20387
https://access.redhat.com/security/cve/CVE-2020-16845
https://access.redhat.com/security/cve/CVE-2019-20907
https://access.redhat.com/security/cve/CVE-2020-25684
https://access.redhat.com/security/cve/CVE-2020-9806
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2020-8623
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2020-14422
https://access.redhat.com/security/cve/CVE-2020-10029
https://access.redhat.com/security/cve/CVE-2019-19221
https://access.redhat.com/security/cve/CVE-2018-14879
https://access.redhat.com/security/cve/CVE-2020-9894
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2020-1730
https://access.redhat.com/security/cve/CVE-2019-18197
https://access.redhat.com/security/cve/CVE-2020-15999
https://access.redhat.com/security/cve/CVE-2021-3156
https://access.redhat.com/security/cve/CVE-2020-9802
https://access.redhat.com/security/cve/CVE-2020-9862
https://access.redhat.com/security/cve/CVE-2019-20218
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2019-15903
https://access.redhat.com/security/cve/CVE-2020-6405
https://access.redhat.com/security/cve/CVE-2020-1971
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-7595
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2020-13630
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2018-10105
https://access.redhat.com/security/cve/CVE-2019-17450
https://access.redhat.com/security/cve/CVE-2018-16452
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2018-14470
https://access.redhat.com/security/cve/CVE-2018-16451
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-11068
https://access.redhat.com/security/cve/CVE-2020-9327
https://access.redhat.com/security/cve/CVE-2020-27813
https://access.redhat.com/security/cve/CVE-2020-3862
Applikationen: OKD

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: OpenShift Virtualization 2.6.0 security and bug
 fix update
Advisory ID:       RHSA-2021:0799-01
Product:           Container-native Virtualization
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:0799
Issue date:        2021-03-10
CVE Names:         CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 
                   CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 
                   CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 
                   CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 
                   CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 
                   CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 
                   CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 
                   CVE-2018-16451 CVE-2018-16452 CVE-2018-20843 
                   CVE-2019-5018 CVE-2019-8625 CVE-2019-8710 
                   CVE-2019-8720 CVE-2019-8743 CVE-2019-8764 
                   CVE-2019-8766 CVE-2019-8769 CVE-2019-8771 
                   CVE-2019-8782 CVE-2019-8783 CVE-2019-8808 
                   CVE-2019-8811 CVE-2019-8812 CVE-2019-8813 
                   CVE-2019-8814 CVE-2019-8815 CVE-2019-8816 
                   CVE-2019-8819 CVE-2019-8820 CVE-2019-8823 
                   CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 
                   CVE-2019-11068 CVE-2019-13050 CVE-2019-13627 
                   CVE-2019-14559 CVE-2019-14889 CVE-2019-15165 
                   CVE-2019-15166 CVE-2019-15903 CVE-2019-16168 
                   CVE-2019-16935 CVE-2019-17450 CVE-2019-18197 
                   CVE-2019-19221 CVE-2019-19906 CVE-2019-19956 
                   CVE-2019-20218 CVE-2019-20387 CVE-2019-20388 
                   CVE-2019-20454 CVE-2019-20807 CVE-2019-20907 
                   CVE-2019-20916 CVE-2020-1730 CVE-2020-1751 
                   CVE-2020-1752 CVE-2020-1971 CVE-2020-3862 
                   CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 
                   CVE-2020-3868 CVE-2020-3885 CVE-2020-3894 
                   CVE-2020-3895 CVE-2020-3897 CVE-2020-3899 
                   CVE-2020-3900 CVE-2020-3901 CVE-2020-3902 
                   CVE-2020-6405 CVE-2020-6829 CVE-2020-7595 
                   CVE-2020-8492 CVE-2020-8619 CVE-2020-8622 
                   CVE-2020-8623 CVE-2020-8624 CVE-2020-9283 
                   CVE-2020-9327 CVE-2020-9802 CVE-2020-9803 
                   CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 
                   CVE-2020-9843 CVE-2020-9850 CVE-2020-9862 
                   CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 
                   CVE-2020-9915 CVE-2020-9925 CVE-2020-10018 
                   CVE-2020-10029 CVE-2020-11793 CVE-2020-12321 
                   CVE-2020-12400 CVE-2020-12403 CVE-2020-13630 
                   CVE-2020-13631 CVE-2020-13632 CVE-2020-14040 
                   CVE-2020-14351 CVE-2020-14382 CVE-2020-14391 
                   CVE-2020-14422 CVE-2020-15503 CVE-2020-15586 
                   CVE-2020-15999 CVE-2020-16845 CVE-2020-24659 
                   CVE-2020-25681 CVE-2020-25682 CVE-2020-25683 
                   CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 
                   CVE-2020-25687 CVE-2020-25705 CVE-2020-26160 
                   CVE-2020-27813 CVE-2020-28362 CVE-2020-29652 
                   CVE-2020-29661 CVE-2021-3121 CVE-2021-3156 
                   CVE-2021-20206 
=====================================================================

1. Summary:

An update is now available for RHEL-8-CNV-2.6.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Description:

OpenShift Virtualization is Red Hat's virtualization solution designed for
Red Hat OpenShift Container Platform.

This advisory contains the following OpenShift Virtualization 2.6.0 images:

RHEL-8-CNV-2.6
==============
kubevirt-cpu-node-labeller-container-v2.6.0-5
kubevirt-cpu-model-nfd-plugin-container-v2.6.0-5
node-maintenance-operator-container-v2.6.0-13
kubevirt-vmware-container-v2.6.0-5
virtio-win-container-v2.6.0-5
kubevirt-kvm-info-nfd-plugin-container-v2.6.0-5
bridge-marker-container-v2.6.0-9
kubevirt-template-validator-container-v2.6.0-9
kubevirt-v2v-conversion-container-v2.6.0-6
kubemacpool-container-v2.6.0-13
kubevirt-ssp-operator-container-v2.6.0-40
hyperconverged-cluster-webhook-container-v2.6.0-73
hyperconverged-cluster-operator-container-v2.6.0-73
ovs-cni-plugin-container-v2.6.0-10
cnv-containernetworking-plugins-container-v2.6.0-10
ovs-cni-marker-container-v2.6.0-10
cluster-network-addons-operator-container-v2.6.0-16
hostpath-provisioner-container-v2.6.0-11
hostpath-provisioner-operator-container-v2.6.0-14
vm-import-virtv2v-container-v2.6.0-21
kubernetes-nmstate-handler-container-v2.6.0-19
vm-import-controller-container-v2.6.0-21
vm-import-operator-container-v2.6.0-21
virt-api-container-v2.6.0-111
virt-controller-container-v2.6.0-111
virt-handler-container-v2.6.0-111
virt-operator-container-v2.6.0-111
virt-launcher-container-v2.6.0-111
cnv-must-gather-container-v2.6.0-54
virt-cdi-importer-container-v2.6.0-24
virt-cdi-cloner-container-v2.6.0-24
virt-cdi-controller-container-v2.6.0-24
virt-cdi-uploadserver-container-v2.6.0-24
virt-cdi-apiserver-container-v2.6.0-24
virt-cdi-uploadproxy-container-v2.6.0-24
virt-cdi-operator-container-v2.6.0-24
hco-bundle-registry-container-v2.6.0-582

Security Fix(es):

* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows
for panic (CVE-2020-9283)

* golang: crypto/ssh: crafted authentication request can lead to nil
pointer dereference (CVE-2020-29652)

* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index
validation (CVE-2021-3121)

* golang.org/x/text: possibility to trigger an infinite loop in
encoding/unicode could lead to crash (CVE-2020-14040)

* golang: data race in certain net/http servers including ReverseProxy can
lead to DoS (CVE-2020-15586)

* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes
from invalid inputs (CVE-2020-16845)

* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)

* golang-github-gorilla-websocket: integer overflow leads to denial of
service (CVE-2020-27813)

* golang: math/big: panic during recursive division of very large numbers
(CVE-2020-28362)

* containernetworking-cni: Arbitrary path injection via type field in CNI
configuration (CVE-2021-20206)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

3. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

1732329 - Virtual Machine is missing documentation of its properties in yaml
 editor
1783192 - Guest kernel panic when start RHEL6.10 guest with q35 machine type
 and virtio disk in cnv
1791753 - [RFE] [SSP] Template validator should check validations in
 template's parent template
1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519
 public keys allows for panic
1848954 - KMP missing CA extensions  in cabundle of
 mutatingwebhookconfiguration
1848956 - KMP  requires downtime for CA stabilization during certificate
 rotation
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite
 loop in encoding/unicode could lead to crash
1853911 - VM with dot in network name fails to start with unclear message
1854098 - NodeNetworkState on workers doesn't have "status" key due
 to nmstate-handler pod failure to run "nmstatectl show"
1856347 - SR-IOV : Missing network name for sriov during vm setup
1856953 - CVE-2020-15586 golang: data race in certain net/http servers
 including ReverseProxy can lead to DoS
1859235 - Common Templates - after upgrade there are 2  common templates per
 each os-workload-flavor combination
1860714 - No API information from `oc explain`
1860992 - CNV upgrade - users are not removed from privileged 
 SecurityContextConstraints
1864577 - [v2v][RHV to CNV non migratable source VM fails to import to Ceph-rbd
 / File system due to overhead required for Filesystem
1866593 - CDI is not handling vm disk clone
1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an
 unlimited number of bytes from invalid inputs
1868817 - Container-native Virtualization 2.6.0 Images
1873771 - Improve the VMCreationFailed error message caused by VM low memory
1874812 - SR-IOV: Guest Agent  expose link-local ipv6 address  for sometime and
 then remove it
1878499 - DV import doesn't recover from scratch space PVC deletion
1879108 - Inconsistent naming of "oc virt" command in help text
1881874 - openshift-cnv namespace is getting stuck if the user tries to delete
 it while CNV is running
1883232 - Webscale: kubevirt/CNV datavolume importer pod inability to disable
 sidecar injection if namespace has sidecar injection enabled but VM Template does NOT
1883371 - CVE-2020-26160 jwt-go: access restriction bypass vulnerability
1885153 - [v2v][RHV to CNv VM import] Wrong Network mapping do not show a
 relevant error message
1885418 - [openshift-cnv] issues with memory overhead calculation when limits
 are used
1887398 - [openshift-cnv][CNV] nodes need to exist and be labeled first,
 *before* the NodeNetworkConfigurationPolicy is applied
1889295 - [v2v][VMware to CNV VM import API] diskMappings: volumeMode Block is
 not passed on to PVC request.
1891285 - Common templates and kubevirt-config cm - update machine-type
1891440 - [v2v][VMware to CNV VM import API]Source VM with no network interface
 fail with unclear error
1892227 - [SSP] cluster scoped resources are not being reconciled
1893278 - openshift-virtualization-os-images namespace not seen by user
1893646 - [HCO] Pod placement configuration - dry run is not performed for all
 the configuration stanza
1894428 - Message for VMI not migratable is not clear enough
1894824 - [v2v][VM import] Pick the smallest template for the imported VM, and
 not always Medium
1894897 - [v2v][VMIO] VMimport CR is not reported as failed when target VM is
 deleted during the import
1895414 - Virt-operator is accepting updates to the placement of its workload
 components even with running VMs
1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of
 very large numbers
1898072 - Add Fedora33 to Fedora common templates
1898840 - [v2v] VM import VMWare to CNV Import 63 chars vm name should not fail
1899558 - CNV 2.6 - nmstate fails to set state
1901480 - VM disk io can't worked if namespace have label kubemacpool
1902046 - Not possible to edit CDIConfig (through CDI CR / CDIConfig)
1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow
 leads to denial of service
1903014 - hco-webhook pod in CreateContainerError
1903585 - [v2v] Windows 2012 VM imported from RHV goes into Windows repair mode
1904797 - [VMIO][vmware] A migrated RHEL/Windows VM starts in emergency
 mode/safe mode when target storage is NFS and target namespace is NOT "default"
1906199 - [CNV-2.5] CNV Tries to Install on Windows Workers
1907151 - kubevirt version is not reported correctly via virtctl
1907352 - VM/VMI link changes to `kubevirt.io~v1~VirtualMachineInstance` on CNV
 2.6
1907691 - [CNV] Configuring NodeNetworkConfigurationPolicy caused "Internal
 error occurred" for creating datavolume
1907988 - VM loses dynamic IP address of its default interface after migration
1908363 - Applying NodeNetworkConfigurationPolicy for different NIC than
 default disables br-ex bridge and nodes lose connectivity
1908421 - [v2v] [VM import RHV to CNV] Windows imported VM boot failed:
 INACCESSIBLE BOOT DEVICE error
1908883 - CVE-2020-29652 golang: crypto/ssh: crafted authentication request can
 lead to nil pointer dereference
1909458 - [V2V][VMware to CNV VM import via api using VMIO] VM import  to Ceph
 RBD/BLOCK fails on "qemu-img: /data/disk.img" error
1910857 - Provide a mechanism to enable the HotplugVolumes feature gate via HCO
1911118 - Windows VMI LiveMigration / shutdown fails on 'XML error: non
 unique alias detected: ua-')
1911396 - Set networkInterfaceMultiqueue false in rhel 6 template for e1000e
 interface
1911662 - el6 guests don't work properly if virtio bus is specified on
 various devices
1912908 - Allow using "scsi" bus for disks in template validation
1913248 - Creating vlan interface on top of a bond device via
 NodeNetworkConfigurationPolicy fails
1913320 - Informative message needed with virtctl image-upload, that additional
 step is needed from the user
1913717 - Users should have read permitions for golden images data volumes
1913756 - Migrating to Ceph-RBD + Block fails when skipping zeroes
1914177 - CNV does not preallocate blank file data volumes
1914608 - Obsolete CPU models (kubevirt-cpu-plugin-configmap) are set on worker
 nodes
1914947 - HPP golden images - DV shoudld not be created with
 WaitForFirstConsumer
1917908 - [VMIO] vmimport pod fail to create when using ceph-rbd/block
1917963 - [CNV 2.6] Unable to install CNV disconnected - requires
 kvm-info-nfd-plugin which is not mirrored
1919391 - CVE-2021-20206 containernetworking-cni: Arbitrary path injection via
 type field in CNI configuration
1920576 - HCO can report ready=true when it failed to create a CR for a
 component operator
1920610 - e2e-aws-4.7-cnv consistently failing on Hyperconverged Cluster
 Operator
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks
 certain index validation
1923979 - kubernetes-nmstate: nmstate-handler pod crashes when configuring
 bridge device using ip tool
1927373 - NoExecute taint violates pdb; VMIs are not live migrated
1931376 - VMs disconnected from nmstate-defined bridge after
 CNV-2.5.4->CNV-2.6.0 upgrade

5. References:

https://access.redhat.com/security/cve/CVE-2018-10103
https://access.redhat.com/security/cve/CVE-2018-10105
https://access.redhat.com/security/cve/CVE-2018-14461
https://access.redhat.com/security/cve/CVE-2018-14462
https://access.redhat.com/security/cve/CVE-2018-14463
https://access.redhat.com/security/cve/CVE-2018-14464
https://access.redhat.com/security/cve/CVE-2018-14465
https://access.redhat.com/security/cve/CVE-2018-14466
https://access.redhat.com/security/cve/CVE-2018-14467
https://access.redhat.com/security/cve/CVE-2018-14468
https://access.redhat.com/security/cve/CVE-2018-14469
https://access.redhat.com/security/cve/CVE-2018-14470
https://access.redhat.com/security/cve/CVE-2018-14879
https://access.redhat.com/security/cve/CVE-2018-14880
https://access.redhat.com/security/cve/CVE-2018-14881
https://access.redhat.com/security/cve/CVE-2018-14882
https://access.redhat.com/security/cve/CVE-2018-16227
https://access.redhat.com/security/cve/CVE-2018-16228
https://access.redhat.com/security/cve/CVE-2018-16229
https://access.redhat.com/security/cve/CVE-2018-16230
https://access.redhat.com/security/cve/CVE-2018-16300
https://access.redhat.com/security/cve/CVE-2018-16451
https://access.redhat.com/security/cve/CVE-2018-16452
https://access.redhat.com/security/cve/CVE-2018-20843
https://access.redhat.com/security/cve/CVE-2019-5018
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2019-11068
https://access.redhat.com/security/cve/CVE-2019-13050
https://access.redhat.com/security/cve/CVE-2019-13627
https://access.redhat.com/security/cve/CVE-2019-14559
https://access.redhat.com/security/cve/CVE-2019-14889
https://access.redhat.com/security/cve/CVE-2019-15165
https://access.redhat.com/security/cve/CVE-2019-15166
https://access.redhat.com/security/cve/CVE-2019-15903
https://access.redhat.com/security/cve/CVE-2019-16168
https://access.redhat.com/security/cve/CVE-2019-16935
https://access.redhat.com/security/cve/CVE-2019-17450
https://access.redhat.com/security/cve/CVE-2019-18197
https://access.redhat.com/security/cve/CVE-2019-19221
https://access.redhat.com/security/cve/CVE-2019-19906
https://access.redhat.com/security/cve/CVE-2019-19956
https://access.redhat.com/security/cve/CVE-2019-20218
https://access.redhat.com/security/cve/CVE-2019-20387
https://access.redhat.com/security/cve/CVE-2019-20388
https://access.redhat.com/security/cve/CVE-2019-20454
https://access.redhat.com/security/cve/CVE-2019-20807
https://access.redhat.com/security/cve/CVE-2019-20907
https://access.redhat.com/security/cve/CVE-2019-20916
https://access.redhat.com/security/cve/CVE-2020-1730
https://access.redhat.com/security/cve/CVE-2020-1751
https://access.redhat.com/security/cve/CVE-2020-1752
https://access.redhat.com/security/cve/CVE-2020-1971
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-6405
https://access.redhat.com/security/cve/CVE-2020-6829
https://access.redhat.com/security/cve/CVE-2020-7595
https://access.redhat.com/security/cve/CVE-2020-8492
https://access.redhat.com/security/cve/CVE-2020-8619
https://access.redhat.com/security/cve/CVE-2020-8622
https://access.redhat.com/security/cve/CVE-2020-8623
https://access.redhat.com/security/cve/CVE-2020-8624
https://access.redhat.com/security/cve/CVE-2020-9283
https://access.redhat.com/security/cve/CVE-2020-9327
https://access.redhat.com/security/cve/CVE-2020-9802
https://access.redhat.com/security/cve/CVE-2020-9803
https://access.redhat.com/security/cve/CVE-2020-9805
https://access.redhat.com/security/cve/CVE-2020-9806
https://access.redhat.com/security/cve/CVE-2020-9807
https://access.redhat.com/security/cve/CVE-2020-9843
https://access.redhat.com/security/cve/CVE-2020-9850
https://access.redhat.com/security/cve/CVE-2020-9862
https://access.redhat.com/security/cve/CVE-2020-9893
https://access.redhat.com/security/cve/CVE-2020-9894
https://access.redhat.com/security/cve/CVE-2020-9895
https://access.redhat.com/security/cve/CVE-2020-9915
https://access.redhat.com/security/cve/CVE-2020-9925
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-10029
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/cve/CVE-2020-12321
https://access.redhat.com/security/cve/CVE-2020-12400
https://access.redhat.com/security/cve/CVE-2020-12403
https://access.redhat.com/security/cve/CVE-2020-13630
https://access.redhat.com/security/cve/CVE-2020-13631
https://access.redhat.com/security/cve/CVE-2020-13632
https://access.redhat.com/security/cve/CVE-2020-14040
https://access.redhat.com/security/cve/CVE-2020-14351
https://access.redhat.com/security/cve/CVE-2020-14382
https://access.redhat.com/security/cve/CVE-2020-14391
https://access.redhat.com/security/cve/CVE-2020-14422
https://access.redhat.com/security/cve/CVE-2020-15503
https://access.redhat.com/security/cve/CVE-2020-15586
https://access.redhat.com/security/cve/CVE-2020-15999
https://access.redhat.com/security/cve/CVE-2020-16845
https://access.redhat.com/security/cve/CVE-2020-24659
https://access.redhat.com/security/cve/CVE-2020-25681
https://access.redhat.com/security/cve/CVE-2020-25682
https://access.redhat.com/security/cve/CVE-2020-25683
https://access.redhat.com/security/cve/CVE-2020-25684
https://access.redhat.com/security/cve/CVE-2020-25685
https://access.redhat.com/security/cve/CVE-2020-25686
https://access.redhat.com/security/cve/CVE-2020-25687
https://access.redhat.com/security/cve/CVE-2020-25705
https://access.redhat.com/security/cve/CVE-2020-26160
https://access.redhat.com/security/cve/CVE-2020-27813
https://access.redhat.com/security/cve/CVE-2020-28362
https://access.redhat.com/security/cve/CVE-2020-29652
https://access.redhat.com/security/cve/CVE-2020-29661
https://access.redhat.com/security/cve/CVE-2021-3121
https://access.redhat.com/security/cve/CVE-2021-3156
https://access.redhat.com/security/cve/CVE-2021-20206
https://access.redhat.com/security/updates/classification/#moderate

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYEiw19zjgjWX9erEAQikNw//fqPqrIto1dp4kqhGqdOskWfdpYqO2DZL
tUtKHOWPYBcqHe22pjiL0FvQoDuoZ8rL/6yOebhUGni3lE+IflewwvG6poMDOnwK
IcNTd3oXw/CKBAQL5tEYmXfen1pIClcMrZ60hmv9cZ4Nn1TnOsA9N8H9tpQOTSM5
GbjjPlyeGab/zpBdVuaZJ3AwOK3gDbB+9dQTEHGgybLgwAHUnlGpNUlbJZmRPtji
4gFNdCzzlEQB1sDP5oXScTrQrIcpC8Zu3CrpqHYSYo6LJAAOMA+7KA2CSGoTqYkT
sAVaGbYWc30Pj4q4elHXmBvWP5cpwfy5T7ehjVTkrgF/iafVRzTlwjxGu9QZjg3y
vVgOIqtALTbjBSec79Mnh7VaJdbUDHNDZvZPtwKSKFsM61p6XijAJyIRF+ebTWru
bLtCSSSSKWsx/5ehaYBWbYt9m+aSXe6STWOvthK0+j2xEmFbyxvK4tqM1oi2jVyf
VDaMrb1uwnzo4yeVNKFkhbCAknUaKhE3nXrW6PVjVGXYCtOdOZZgw0heJZNoguoP
ajLKK76Z+ksd4zNym9o0uoEjwwzyBw+irqxeTAz+9tbazfH3yX2Ix9ybU15oYSZE
Ui/7WxgfIQAYGZtzlf0ZIJNPVC9jArC5SgD7p+1sQdpD7PfOKG6zkUpRsyBRXvHi
vbq6PZihzcg=
=J4NW
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung