A Red Hat OpenShift Do openshift/odo-init-image 1.1.3 security update has been released.

RHSA-2021:0949-01: Low: Red Hat OpenShift Do openshift/odo-init-image 1.1.3 security update

=====================================================================
Red Hat Security Advisory

Synopsis: Low: Red Hat OpenShift Do openshift/odo-init-image 1.1.3 security update
Advisory ID: RHSA-2021:0949-01
Product: OpenShift Do
Advisory URL:   https://access.redhat.com/errata/RHSA-2021:0949
Issue date: 2021-03-22
Keywords: odo, developer, cli, iterative development, containers, openshift, kubernetes
CVE Names: CVE-2018-20843 CVE-2019-5094 CVE-2019-5188
CVE-2019-11719 CVE-2019-11727 CVE-2019-11756
CVE-2019-12749 CVE-2019-14866 CVE-2019-15903
CVE-2019-17006 CVE-2019-17023 CVE-2019-17498
CVE-2019-19956 CVE-2019-20388 CVE-2019-20907
CVE-2020-1971 CVE-2020-6829 CVE-2020-7595
CVE-2020-8177 CVE-2020-12243 CVE-2020-12400
CVE-2020-12401 CVE-2020-12402 CVE-2020-12403
=====================================================================

1. Summary:

Updated openshift/odo-init-image container image is now available for Red
Hat Openshift Do 1.0.

2. Description:

Red Hat OpenShift Do (odo) is a simple CLI tool for developers to create,
build, and deploy applications on OpenShift. The odo tool is completely
client-based and requires no server within the OpenShift cluster for
deployment. It detects changes to local code and deploys it to the cluster
automatically, giving instant feedback to validate changes in real-time. It
supports multiple programming languages and frameworks.

Red Hat OpenShift Do openshift/odo-init-image 1.1.3 is a container image
that is used as part of the InitContainer setup that provisions odo
components.

The advisory addresses the following issues:

* Re-release of odo-init-image 1.1.3 for security updates

3. Solution:

Download and install a new CLI binary by following the instructions linked
from the References section.

4. Bugs fixed (  https://bugzilla.redhat.com/):

1832983 - Release of 1.1.3 odo-init-image

5. References:

  https://access.redhat.com/security/cve/CVE-2018-20843
  https://access.redhat.com/security/cve/CVE-2019-5094
  https://access.redhat.com/security/cve/CVE-2019-5188
  https://access.redhat.com/security/cve/CVE-2019-11719
  https://access.redhat.com/security/cve/CVE-2019-11727
  https://access.redhat.com/security/cve/CVE-2019-11756
  https://access.redhat.com/security/cve/CVE-2019-12749
  https://access.redhat.com/security/cve/CVE-2019-14866
  https://access.redhat.com/security/cve/CVE-2019-15903
  https://access.redhat.com/security/cve/CVE-2019-17006
  https://access.redhat.com/security/cve/CVE-2019-17023
  https://access.redhat.com/security/cve/CVE-2019-17498
  https://access.redhat.com/security/cve/CVE-2019-19956
  https://access.redhat.com/security/cve/CVE-2019-20388
  https://access.redhat.com/security/cve/CVE-2019-20907
  https://access.redhat.com/security/cve/CVE-2020-1971
  https://access.redhat.com/security/cve/CVE-2020-6829
  https://access.redhat.com/security/cve/CVE-2020-7595
  https://access.redhat.com/security/cve/CVE-2020-8177
  https://access.redhat.com/security/cve/CVE-2020-12243
  https://access.redhat.com/security/cve/CVE-2020-12400
  https://access.redhat.com/security/cve/CVE-2020-12401
  https://access.redhat.com/security/cve/CVE-2020-12402
  https://access.redhat.com/security/cve/CVE-2020-12403
  https://access.redhat.com/security/updates/classification/#low
  https://docs.openshift.com/container-platform/4.4/cli_reference/openshift_developer_cli/installing-odo.html

6. Contact:

The Red Hat security contact is . More contact
details at   https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.