Bug 1917938

Summary: upgrade version of dnsmasq package
Product: OpenShift Container Platform Reporter: Riccardo Pittau <rpittau>
Component: Bare Metal Hardware ProvisioningAssignee: Riccardo Pittau <rpittau>
Bare Metal Hardware Provisioning sub component: ironic QA Contact: Lubov <lshilin>
Status: CLOSED ERRATA Docs Contact:
Severity: urgent    
Priority: urgent CC: lshilin
Version: 4.7Keywords: Triaged, UpcomingSprint
Target Milestone: ---Flags: lshilin: needinfo-
Target Release: 4.7.0   
Hardware: Unspecified   
OS: Unspecified   
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-02-24 15:54:42 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 1917937    

Description Riccardo Pittau 2021-01-19 17:42:38 UTC
we need to set a minimum version of dnsmasq package with the fix for the security vulnerability described in https://access.redhat.com/security/vulnerabilities/RHSB-2021-001

Comment 2 Lubov 2021-01-31 09:08:26 UTC
Please, advice how to verify this

Comment 3 Lubov 2021-02-01 09:01:40 UTC
Verified on 4.7.0-0.nightly-2021-01-31-031653

$ oc exec -it metal3-7b4977849-srrs9 -c metal3-dnsmasq -- bash
[root@master-0-2 /]# rpm -qa dnsmasq

Comment 6 errata-xmlrpc 2021-02-24 15:54:42 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.