What OpenShift Online customers should know about L1TF

On Aug. 14, 2018, information was released about another set of “speculative execution” issues with Intel microprocessor hardware known as “L1 Terminal Fault”.  As with earlier issues like Spectre and Meltdown, this information was coordinated with the release of updated software solutions to help mitigate the issue. At the time the embargo was lifted, the […]

Read More...

OpenShift Online and Dedicated Response to Variant 4

On May 21, 2018, kernel patches were released for “Speculative Store Bypass” (also known as “Variant 4”), the latest bug related to the speculative execution vulnerabilities that first came to light under the names Spectre and Meltdown. When the initial vulnerabilities were announced, the remediations required a combination of software fixes in the Linux kernel […]

Read More...

What OpenShift Online and Dedicated Customers Should Know About the Recent DHCP Vulnerability

Red Hat recently announced information about CVE-2018-1111, a vulnerability in the integration between Network Manager and DHCP present in Red Hat Enterprise Linux. OpenShift Online and Dedicated run on top of RHEL and as such have the vulnerable package installed. However, because each cluster is contained within individual private networks all of the common ways […]

Read More...

What OpenShift Online & Dedicated Customers Should Know: Recent Source-to-Image Exposure

Red Hat recently announced information about CVE-2018-1102, a bug in the S2I (Source to Image) functionality of OpenShift Online and OpenShift Container Platform (OCP). This bug affects OpenShift Container Platform (OCP) versions 3.0 through 3.9, and the OpenShift Online service including our Starter, Pro, and Dedicated tiers. In response to this, the OpenShift Online Security […]

Read More...