OpenShift Online and Dedicated Response to Variant 4

On May 21, 2018, kernel patches were released for “Speculative Store Bypass” (also known as “Variant 4”), the latest bug related to the speculative execution vulnerabilities that first came to light under the names Spectre and Meltdown. When the initial vulnerabilities were announced, the remediations required a combination of software fixes in the Linux kernel […]

Read More...

What OpenShift Online and Dedicated Customers Should Know About the Recent DHCP Vulnerability

Red Hat recently announced information about CVE-2018-1111, a vulnerability in the integration between Network Manager and DHCP present in Red Hat Enterprise Linux. OpenShift Online and Dedicated run on top of RHEL and as such have the vulnerable package installed. However, because each cluster is contained within individual private networks all of the common ways […]

Read More...

What OpenShift Online & Dedicated Customers Should Know: Recent Source-to-Image Exposure

Red Hat recently announced information about CVE-2018-1102, a bug in the S2I (Source to Image) functionality of OpenShift Online and OpenShift Container Platform (OCP). This bug affects OpenShift Container Platform (OCP) versions 3.0 through 3.9, and the OpenShift Online service including our Starter, Pro, and Dedicated tiers. In response to this, the OpenShift Online Security […]

Read More...