Oracle Linux 6263 Published by

An Oracle Linux Cloud Native Environment 1.2 olcne security update has been released.



El-errata: ELSA-2021-9028 Important: Oracle Linux Cloud Native Environment 1.2 olcne security update


Oracle Linux Cloud Native Environment Security Advisory ELSA-2021-9028

  http://linux.oracle.com/errata/ELSA-2021-9028.html

The following updated rpms for Oracle Linux Cloud Native Environment 1.2
have been uploaded to the Unbreakable Linux Network:

x86_64:
kubeadm-1.18.10-3.el7.x86_64.rpm
kubectl-1.18.10-3.el7.x86_64.rpm
kubelet-1.18.10-3.el7.x86_64.rpm
kata-proxy-1.11.5-1.el7.x86_64.rpm
kata-shim-1.11.5-1.el7.x86_64.rpm
kata-ksm-throttler-1.11.5-1.el7.x86_64.rpm
kata-runtime-1.11.5-1.el7.x86_64.rpm
kata-agent-1.11.5-1.el7.x86_64.rpm
kata-image-1.11.5-1.1.ol7_202101151825.x86_64.rpm
kata-1.11.5-2.el7.x86_64.rpm
olcne-agent-1.2.2-1.el7.x86_64.rpm
olcne-api-server-1.2.2-1.el7.x86_64.rpm
olcne-istio-chart-1.2.2-1.el7.x86_64.rpm
olcne-nginx-1.2.2-1.el7.x86_64.rpm
olcne-prometheus-chart-1.2.2-1.el7.x86_64.rpm
olcne-utils-1.2.2-1.el7.x86_64.rpm
olcnectl-1.2.2-1.el7.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates/kubernetes-1.18.10-3.el7.src.rpm
  http://oss.oracle.com/ol7/SRPMS-updates/kata-proxy-1.11.5-1.el7.src.rpm
  http://oss.oracle.com/ol7/SRPMS-updates/kata-shim-1.11.5-1.el7.src.rpm
  http://oss.oracle.com/ol7/SRPMS-updates/kata-ksm-throttler-1.11.5-1.el7.src.rpm
  http://oss.oracle.com/ol7/SRPMS-updates/kata-runtime-1.11.5-1.el7.src.rpm
  http://oss.oracle.com/ol7/SRPMS-updates/kata-agent-1.11.5-1.el7.src.rpm
  http://oss.oracle.com/ol7/SRPMS-updates/kata-image-1.11.5-1.1.ol7_202101151825.src.rpm
  http://oss.oracle.com/ol7/SRPMS-updates/kata-1.11.5-2.el7.src.rpm
  http://oss.oracle.com/ol7/SRPMS-updates/olcne-1.2.2-1.el7.src.rpm

container_images:
container-registry.oracle.com/olcne/externalip-webhook:v1.0.0

Description of changes:

kubernetes
[1.18.10-3]
- Kata CVE-2020-28914

kata-proxy
[1.11.5-1]
- Added Oracle Specific Build Files for kata-proxy

kata-shim
[1.11.5-1]
- Added Oracle Specific Build Files for kata-shim

kata-ksm-throttler
[1.11.5-1]
- Added Oracle Specific Build Files for kata-ksm-throttler

kata-runtime
[1.11.5-1]
- Added Oracle Specific Files For kata-runtime

kata-agent
[1.11.5-1]
- Added Oracle Specific Build Files for kata-agent

kata-image
[1.11.5-1]
- Added Oracle Specific Build Files for kata-image

kata
[1.11.5-2]
- Update to kata 1.11.5

olcne
[1.2.2-1]
- Address CVE-2020-28914: An improper file permissions vulnerability
affects Kata Containers prior to 1.11.5

[1.2.1-1]
- Enhance the Kubernetes module to restrict the usage of external IPs
- Address CVE-2020-8554: man-in-the-middle vulnerability using
Kubernetes service External IPs

[1.2.0-4]
- Add support for deprecating module args

container-registry.oracle.com/olcne/externalip-webhook:v1.0.0
- CVE-2020-28914
- CVE-2020-8554