El-errata: ELSA-2021-9028 Important: Oracle Linux Cloud Native Environment 1.2 olcne security update
Oracle Linux Cloud Native Environment Security Advisory ELSA-2021-9028
http://linux.oracle.com/errata/ELSA-2021-9028.html
The following updated rpms for Oracle Linux Cloud Native Environment 1.2
have been uploaded to the Unbreakable Linux Network:
x86_64:
kubeadm-1.18.10-3.el7.x86_64.rpm
kubectl-1.18.10-3.el7.x86_64.rpm
kubelet-1.18.10-3.el7.x86_64.rpm
kata-proxy-1.11.5-1.el7.x86_64.rpm
kata-shim-1.11.5-1.el7.x86_64.rpm
kata-ksm-throttler-1.11.5-1.el7.x86_64.rpm
kata-runtime-1.11.5-1.el7.x86_64.rpm
kata-agent-1.11.5-1.el7.x86_64.rpm
kata-image-1.11.5-1.1.ol7_202101151825.x86_64.rpm
kata-1.11.5-2.el7.x86_64.rpm
olcne-agent-1.2.2-1.el7.x86_64.rpm
olcne-api-server-1.2.2-1.el7.x86_64.rpm
olcne-istio-chart-1.2.2-1.el7.x86_64.rpm
olcne-nginx-1.2.2-1.el7.x86_64.rpm
olcne-prometheus-chart-1.2.2-1.el7.x86_64.rpm
olcne-utils-1.2.2-1.el7.x86_64.rpm
olcnectl-1.2.2-1.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kubernetes-1.18.10-3.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kata-proxy-1.11.5-1.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kata-shim-1.11.5-1.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kata-ksm-throttler-1.11.5-1.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kata-runtime-1.11.5-1.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kata-agent-1.11.5-1.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kata-image-1.11.5-1.1.ol7_202101151825.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kata-1.11.5-2.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/olcne-1.2.2-1.el7.src.rpm
container_images:
container-registry.oracle.com/olcne/externalip-webhook:v1.0.0
Description of changes:
kubernetes
[1.18.10-3]
- Kata CVE-2020-28914
kata-proxy
[1.11.5-1]
- Added Oracle Specific Build Files for kata-proxy
kata-shim
[1.11.5-1]
- Added Oracle Specific Build Files for kata-shim
kata-ksm-throttler
[1.11.5-1]
- Added Oracle Specific Build Files for kata-ksm-throttler
kata-runtime
[1.11.5-1]
- Added Oracle Specific Files For kata-runtime
kata-agent
[1.11.5-1]
- Added Oracle Specific Build Files for kata-agent
kata-image
[1.11.5-1]
- Added Oracle Specific Build Files for kata-image
kata
[1.11.5-2]
- Update to kata 1.11.5
olcne
[1.2.2-1]
- Address CVE-2020-28914: An improper file permissions vulnerability
affects Kata Containers prior to 1.11.5
[1.2.1-1]
- Enhance the Kubernetes module to restrict the usage of external IPs
- Address CVE-2020-8554: man-in-the-middle vulnerability using
Kubernetes service External IPs
[1.2.0-4]
- Add support for deprecating module args
container-registry.oracle.com/olcne/externalip-webhook:v1.0.0
- CVE-2020-28914
- CVE-2020-8554
An Oracle Linux Cloud Native Environment 1.2 olcne security update has been released.