What is the severity of RHSA-2022:0044?

RHSA-2022:0044 addresses critical vulnerabilities including a denial of service in log4j.

How do I fix RHSA-2022:0044?

To fix RHSA-2022:0044, upgrade to the patched version of OpenShift Logging as recommended.

What vulnerabilities are addressed in RHSA-2022:0044?

RHSA-2022:0044 addresses vulnerabilities related to rubygem-bundler and log4j-core.

Is RHSA-2022:0044 applicable to all OpenShift versions?

RHSA-2022:0044 is specifically intended for OpenShift version 5.3.2 and may not apply to earlier versions.

What are the implications of ignoring RHSA-2022:0044?

Ignoring RHSA-2022:0044 could lead to exposure to denial of service attacks and potential exploitation of vulnerabilities in your logging system.

Vulnerability/
RHSA-2022:0044

10/1/2022

RHSA-2022:0044: Important: Red Hat OpenShift Enterprise Logging bug fix and security update (5.3.2)

First published: Mon Jan 10 2022(Updated: )

OpenShift Logging Bug Fix Release (5.3.2)<br>Security Fix(es):<br><li> rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source (CVE-2020-36327)</li> <li> log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software	Affected Version	How to fix
Red Hat OpenShift Container Platform

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2022:0044?
RHSA-2022:0044 addresses critical vulnerabilities including a denial of service in log4j.
How do I fix RHSA-2022:0044?
To fix RHSA-2022:0044, upgrade to the patched version of OpenShift Logging as recommended.
What vulnerabilities are addressed in RHSA-2022:0044?
RHSA-2022:0044 addresses vulnerabilities related to rubygem-bundler and log4j-core.
Is RHSA-2022:0044 applicable to all OpenShift versions?
RHSA-2022:0044 is specifically intended for OpenShift version 5.3.2 and may not apply to earlier versions.
What are the implications of ignoring RHSA-2022:0044?
Ignoring RHSA-2022:0044 could lead to exposure to denial of service attacks and potential exploitation of vulnerabilities in your logging system.

agent/severity
agent/references
agent/type
agent/event
agent/first-publish-date
agent/last-modified-date
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2022:0044
agent/trending
agent/title
agent/description
agent/remedy
agent/source
agent/tags
agent/softwarecombine
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/red hat
canonical/red hat openshift container platform

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.