Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2016:1773
HistoryAug 24, 2016 - 7:27 p.m.

(RHSA-2016:1773) Important: Red Hat OpenShift Enterprise 2.2.10 security, bug fix, and enhancement update

2016-08-2419:27:03
access.redhat.com
46

0.972 High

EPSS

Percentile

99.8%

JSON

OpenShift Enterprise by Red Hat is the company’s cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or
private cloud deployments.

  • The Jenkins continuous integration server has been updated to upstream
    version 1.651.2 LTS that addresses a large number of security issues,
    including open redirects, a potential denial of service, unsafe handling of
    user provided environment variables and several instances of sensitive
    information disclosure. (CVE-2014-3577, CVE-2016-0788, CVE-2016-0789,
    CVE-2016-0790, CVE-2016-0791, CVE-2016-0792, CVE-2016-3721, CVE-2016-3722,
    CVE-2016-3723, CVE-2016-3724, CVE-2016-3725, CVE-2016-3726, CVE-2016-3727,
    CVE-2015-7501)

Space precludes documenting all of the bug fixes and enhancements in this
advisory. See the OpenShift Enterprise Technical Notes, which will be
updated shortly for release 2.2.10, for details about these changes:

https://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/Technical_Notes/index.html

All OpenShift Enterprise 2 users are advised to upgrade to these updated
packages.

OSVersionArchitecturePackageVersionFilename
RedHat6x86_64imagemagick-devel< 6.7.2.7-5.el6_8ImageMagick-devel-6.7.2.7-5.el6_8.x86_64.rpm
RedHat6noarchopenshift-origin-broker< 1.16.3.2-1.el6opopenshift-origin-broker-1.16.3.2-1.el6op.noarch.rpm
RedHat6noarchopenshift-origin-cartridge-diy< 1.26.2.2-1.el6opopenshift-origin-cartridge-diy-1.26.2.2-1.el6op.noarch.rpm
RedHat6noarchrubygem-openshift-origin-admin-console< 1.28.2.1-1.el6oprubygem-openshift-origin-admin-console-1.28.2.1-1.el6op.noarch.rpm
RedHat6noarchopenshift-origin-cartridge-ruby< 1.32.2.2-1.el6opopenshift-origin-cartridge-ruby-1.32.2.2-1.el6op.noarch.rpm
RedHat6noarchopenshift-origin-cartridge-cron< 1.25.4.2-1.el6opopenshift-origin-cartridge-cron-1.25.4.2-1.el6op.noarch.rpm
RedHat6x86_64imagemagick-perl< 6.7.2.7-5.el6_8ImageMagick-perl-6.7.2.7-5.el6_8.x86_64.rpm
RedHat6noarchrubygem-openshift-origin-msg-broker-mcollective< 1.36.2.4-1.el6oprubygem-openshift-origin-msg-broker-mcollective-1.36.2.4-1.el6op.noarch.rpm
RedHat6noarchrubygem-openshift-origin-frontend-haproxy-sni-proxy< 0.5.2.1-1.el6oprubygem-openshift-origin-frontend-haproxy-sni-proxy-0.5.2.1-1.el6op.noarch.rpm
RedHat6x86_64imagemagick-doc< 6.7.2.7-5.el6_8ImageMagick-doc-6.7.2.7-5.el6_8.x86_64.rpm
Rows per page:
1-10 of 351

Related

nessus 37
openvas 24
fedora 7
redhat 24
freebsd 3
veracode 10
redhatcve 7
vulnrichment 1
cvelist 9
nvd 9
osv 5
github 4
cve 10
prion 12
ubuntucve 11
packetstorm 1
mageia 2
oraclelinux 4
checkpoint_advisories 2
ibm 3
centos 5
seebug 1
debiancve 2
attackerkb 1
amazon 1
f5 2
canvas 1
securityvulns 1
nessus
nessus
RHEL 6 : Red Hat OpenShift Enterprise 2.2.10 (RHSA-2016:1773)
2018-12-04 00:00:00
FreeBSD : jenkins -- multiple vulnerabilities (e387834a-17ef-11e6-9947-7054d2909b71)
2016-05-12 00:00:00
Fedora 23 : jenkins (2016-9ba53cf8a2)
2016-07-14 00:00:00
openvas
openvas
Fedora Update for jenkins FEDORA-2016-fd6100dd68
2016-06-08 00:00:00
Jenkins Multiple Vulnerabilities (May 2016) - Windows
2016-05-20 00:00:00
Fedora Update for jenkins FEDORA-2016-9ba53cf8a2
2016-06-08 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: jenkins-1.651.2-1.fc24
2016-05-21 20:52:11
[SECURITY] Fedora 23 Update: jenkins-1.625.3-4.fc23
2016-05-26 21:54:36
[SECURITY] Fedora 22 Update: jenkins-1.609.3-7.fc22
2016-05-26 22:20:29
redhat
redhat
(RHSA-2016:1206) Moderate: jenkins security update
2016-06-06 18:57:05
(RHSA-2016:0711) Important: jenkins security update
2016-05-03 15:17:11
(RHSA-2016:0040) Critical: Red Hat JBoss Operations Network 3.1.2 Hotfix 11 update
2016-01-14 18:31:06
freebsd
freebsd
jenkins -- multiple vulnerabilities
2016-05-11 00:00:00
jenkins -- multiple vulnerabilities
2016-02-24 00:00:00
jenkins -- Jenkins core bundles vulnerable version of the commons-httpclient library
2021-10-06 00:00:00
veracode
veracode
Information Disclosure
2019-05-02 05:34:34
Denial Of Service (DoS)
2019-05-02 05:34:34
Remote Injection Attacks
2019-01-15 09:11:44
redhatcve
redhatcve
CVE-2016-3724
2016-05-12 08:48:49
CVE-2016-3723
2016-05-12 08:49:08
CVE-2016-3725
2016-05-12 08:48:53
vulnrichment
vulnrichment
CVE-2016-3721
2016-05-17 00:00:00
cvelist
cvelist
CVE-2016-3723
2016-05-17 14:00:00
CVE-2016-3724
2016-05-17 14:00:00
CVE-2016-3726
2016-05-17 14:00:00
nvd
nvd
CVE-2016-3724
2016-05-17 14:08:08
CVE-2016-3725
2016-05-17 14:08:09
CVE-2016-3722
2016-05-17 14:08:07
osv
osv
Missing permissions check in Jenkins Core
2022-05-14 03:57:44
Exposure of Sensitive Information in Jenkins Core
2022-05-14 03:57:45
Incorrect Authorization in Jenkins Core
2022-05-14 03:57:44
github
github
Missing permissions check in Jenkins Core
2022-05-14 03:57:44
Exposure of Sensitive Information in Jenkins Core
2022-05-14 03:57:45
Incorrect Authorization in Jenkins Core
2022-05-14 03:57:44
cve
cve
CVE-2016-3722
2016-05-17 14:08:07
CVE-2016-3725
2016-05-17 14:08:09
CVE-2016-3721
2016-05-17 14:08:05
prion
prion
Code injection
2016-05-17 14:08:00
Code injection
2016-05-17 14:08:00
Design/Logic Flaw
2016-05-17 14:08:00
ubuntucve
ubuntucve
CVE-2016-3725
2016-05-17 00:00:00
CVE-2016-3721
2016-05-17 00:00:00
CVE-2016-3724
2016-05-17 00:00:00
packetstorm
packetstorm
DoorGets CMS 7.0 Open Redirect
2017-07-02 00:00:00
mageia
mageia
Updated apache-commons-collections packages fix security vulnerability
2016-01-14 04:44:39
Updated jenkins-remoting packages fix CVE-2016-0792
2016-05-05 19:26:44
oraclelinux
oraclelinux
jakarta-commons-collections security update
2015-12-21 00:00:00
apache-commons-collections security update
2015-11-30 00:00:00
jakarta-commons-collections security update
2015-11-30 00:00:00
checkpoint_advisories
checkpoint_advisories
WebSphere Server and JBoss Platform Apache Commons Collections Remote Code Execution (CVE-2015-7501)
2015-11-17 00:00:00
Jenkins CI Server XStream Insecure Deserialization (CVE-2016-0792)
2016-05-26 00:00:00
ibm
ibm
Security Bulletin: IBM Sterling Global Mailbox is vulnerable to arbitrary command execution due to com.ibm.ws.org.apache.commons.collections (CVE-2015-7501)
2023-07-21 11:52:23
Security Bulletin: CVE-2014-3577 HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name
2020-08-04 18:41:17
Security Bulletin: IBM Content Navigator is affected by a vulnerability in Apache HttpComponents HttpClient
2019-01-04 23:10:01
centos
centos
jakarta security update
2015-12-02 13:38:14
apache security update
2015-12-01 22:25:12
jakarta security update
2015-12-21 11:17:35
seebug
seebug
Red Hat JBoss Portal安全绕过漏洞
2015-12-04 00:00:00
debiancve
debiancve
CVE-2015-7501
2017-11-09 17:29:00
CVE-2014-3577
2014-08-21 14:55:05
attackerkb
attackerkb
CVE-2015-7501
2017-11-09 00:00:00
amazon
amazon
Important: apache-commons-collections
2015-12-14 10:00:00
f5
f5
K04734219 : Red Hat JBoss vulnerability CVE-2015-7501
2020-02-11 00:00:00
K15737 : Apache vulnerability CVE-2014-3577
2014-10-23 00:00:00
canvas
canvas
Immunity Canvas: JBOSS6_JMXINVOKERSERVLET_DESERIALIZE
2017-11-09 17:29:00
securityvulns
securityvulns
Apache HttpClient certificate checking bypass
2014-08-18 00:00:00

0.972 High

EPSS

Percentile

99.8%

JSON
Related for RHSA-2016:1773
nessus37openvas24fedora7redhat24freebsd3veracode10redhatcve7vulnrichment1cvelist9nvd9osv5github4cve10prion12ubuntucve11packetstorm1mageia2oraclelinux4checkpoint_advisories2ibm3centos5seebug1debiancve2attackerkb1amazon1f52canvas1securityvulns1