Bug 1321990 - Update openshift openvswitch images for CVE-2016-2074
Summary: Update openshift openvswitch images for CVE-2016-2074
Keywords:
Status: CLOSED DUPLICATE of bug 1323321
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 3.1.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: Troy Dawson
QA Contact: Meng Bo
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-03-29 14:15 UTC by Troy Dawson
Modified: 2016-04-04 15:06 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-04-04 15:06:23 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Troy Dawson 2016-03-29 14:15:35 UTC 
It has been determined that OpenShift 3.1 is not vulnerable to CVE-2016-2074
https://bugzilla.redhat.com/show_bug.cgi?id=1318553

We will still update openvswitch in OpenShift, as part of our ongoing efforts to keep OpenShift as secure and hardened as possible.
Comment 1 Troy Dawson 2016-03-29 14:19:17 UTC 
I think I worded my original entry poorly.
We are not updating openvswitch from 2.4.0 to 2.5.0.
We are updating to a patched version of 2.4.0.  Only the security vulnerability was patched.
Comment 2 Troy Dawson 2016-03-29 14:26:22 UTC 
We will be updating to openvswitch-2.4.0-2.el7_2
Comment 4 Yan Du 2016-03-30 09:58:58 UTC 
Already update to openvswitch-2.4.0-2.el7_2

# rpm -qa openvswitch
openvswitch-2.4.0-2.el7_2.x86_64

# rpm -qa | grep node
tuned-profiles-atomic-openshift-node-3.1.1.6-4.git.32.adf8ec9.el7aos.x86_64
atomic-openshift-node-3.1.1.6-4.git.32.adf8ec9.el7aos.x86_64

Covered some basic regression testing, pod/svc/route all work well. Move bug to verified.
Comment 6 Troy Dawson 2016-04-04 15:06:23 UTC 

*** This bug has been marked as a duplicate of bug 1323321 ***
Note You need to log in before you can comment on or make changes to this bug.