About the February 2019 Cri-O / RunC / Docker vulnerability
February 13, 2019 | by
What OpenShift Online and OpenShift Dedicated customers should know about the recently announced vulnerability of runc/docker/CRI-O
On February 11th, 2019, details of a vulnerability that researchers have confirmed is present on certain versions of runc (impacting docker and CRI-O) was published. These tools are deployed as part of the OpenShift product and impact the Red Hat OpenShift hosted properties.
The Starter and Pro tiers are affected by the vulnerability, but known exploits are mitigated by the SELinux configuration deployed on cluster nodes. As soon as the patched runc, docker, and/or CRI-O code is available, the SRE team will update the cluster infrastructure.
The OSD environment is also affected by the vulnerability, but known exploits are mitigated by the SELinux configuration deployed to cluster nodes. The SRE team will update the cluster infrastructure as soon as the patched runc and docker code is available. OSD customers will be communicated to separately regarding cluster remediation.
Argo Workflows is an open source project that is container-native and uses Kubernetes to run its workflow steps. Argo enables users to create a multi-step workflow that can orchestrate parallel jobs ...
This is a guest post by John Janetos, Tigera Tigera and Red Hat have partnered to deliver an integrated Security and Observability solution for Kubernetes networking and microservices that empowers ...
The Quay team at Red Hat is proud to announce that Red Hat Quay 3.4 is generally available as of today. We’ve been working on this release for quite some time now. While we initially planned this as ...