A Oracle Linux Cloud Native Environment 1.6 istio security update has been released.

El-errata: ELSA-2023-12355 Important: Oracle Linux Cloud Native Environment 1.6 istio security update

Oracle Linux Cloud Native Environment Security Advisory ELSA-2023-12355

  http://linux.oracle.com/errata/ELSA-2023-12355.html

The following updated rpms for Oracle Linux Cloud Native Environment 1.6 have been uploaded to the Unbreakable Linux Network:

x86_64:
istio-1.16.4-1.el7.x86_64.rpm
istio-istioctl-1.16.4-1.el7.x86_64.rpm
kubelet-1.25.7-2.el7.x86_64.rpm
kubectl-1.25.7-2.el7.x86_64.rpm
kubeadm-1.25.7-2.el7.x86_64.rpm
olcnectl-1.6.1-8.el7.x86_64.rpm
olcne-agent-1.6.1-8.el7.x86_64.rpm
olcne-api-server-1.6.1-8.el7.x86_64.rpm
olcne-utils-1.6.1-8.el7.x86_64.rpm
olcne-nginx-1.6.1-8.el7.x86_64.rpm
olcne-prometheus-chart-1.6.1-8.el7.x86_64.rpm
olcne-grafana-chart-1.6.1-8.el7.x86_64.rpm
olcne-istio-chart-1.6.1-8.el7.x86_64.rpm
olcne-olm-chart-1.6.1-8.el7.x86_64.rpm
olcne-gluster-chart-1.6.1-8.el7.x86_64.rpm
olcne-oci-ccm-chart-1.6.1-8.el7.x86_64.rpm
olcne-metallb-chart-1.6.1-8.el7.x86_64.rpm
olcne-calico-chart-1.6.1-8.el7.x86_64.rpm
olcne-multus-chart-1.6.1-8.el7.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates//istio-1.16.4-1.el7.src.rpm
  http://oss.oracle.com/ol7/SRPMS-updates//kubernetes-1.25.7-2.el7.src.rpm
  http://oss.oracle.com/ol7/SRPMS-updates//olcne-1.6.1-8.el7.src.rpm

Related CVEs:

CVE-2022-27487
CVE-2022-27488
CVE-2022-27491
CVE-2022-27492
CVE-2022-27493
CVE-2022-27496



Description of changes:

istio
[1.16.4-1]
- Added Oracle specific files for 1.16.4-1

kubernetes
[1.25.7-2]
- libct/cg: add misc controller to v1 drivers (upstream runc patch)

olcne
[1.6.1-8]
- Update Istio config to include 1.15.7 to support upgrade from 1.5.x to 1.6.x

[1.6.1-7]
- Bugfix:Append a slash in oci-instance-metada query url

[1.6.1-6]
- Fixed helm installation in OLCNE upgrade

[1.6.1-5]
- Deprecate oci-private-key in favour of oci-private-key-file
- Updated olcne_version argument in olcnectl provision to support

[1.6.1-4]
- Update Istio version to 1.16.4 to address CVE's
- CVE-2022-27496
- CVE-2022-27488
- CVE-2022-27493
- CVE-2022-27492
- CVE-2022-27491
- CVE-2022-27487

[1.6.1-3]
- Resolved the issue to install multiple network cards using multus

[1.6.1-2]
- Update kubelet for upstream runc misc cgroups patch

[1.6.1-1]
- Fix the bug olcnectl provision fails if ol8_developer does not exist

_______________________________________________