Headline
CVE-2013-4253: openshift-extras/README.md at enterprise-2.0 · openshift/openshift-extras
The deployment script in the unsupported “OpenShift Extras” set of add-on scripts, in Red Hat Openshift 1, installs a default public key in the root user’s authorized_keys file.
Openshift Extras - Unofficial tools for use with OpenShift
This repository contains “odds and ends” for use with OpenShift servers that we hope will prove useful, but are not a supported part of the product (or, not yet).
The “master” branch is intended for use with current OpenShift Origin or OpenShift Online servers. "enterprise-" branches are intended for use with the corresponding OpenShift Enterprise version servers.
Contributing
Contributions via pull request are welcome and may be included under the same license as below.
See the following additional pages for details on contributing to the various subprojects in this repository:
- openshift.sh
- oo-install
Copyright
OpenShift Extras, except where otherwise noted, is released under the Apache License 2.0. See the LICENSE file included in this directory.
Security Notice
There were a few vulnerabilities with these scripts discovered by the Red Hat Security Team. They were addressed in this repository on the date the CVEs were filed. We believe the chance of these being exploited is vanishingly small but we would like users of these scripts to be aware nonetheless:
- CVE-2013-4253.
- CVE-2013-4281.