Stay Connected:

ELSA-2019-4593

ELSA-2019-4593 - kubernetes kubeadm-upgrade kubeadm-ha-setup security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2019-04-13

Description


kubernetes
[1.12.7-1.1.2]
- [OLCNE-257] fix coredns issue and minor upgrade issue

[1.12.7-1.1.1]
- [OLCNE-235] [CVE-2019-9946] portmap inserts rules at the front of the iptables nat chains

[1.12.7-1.0.1]
- Add Oracle Build Files For Version v1.12.7

kubeadm-upgrade
[0.0.1-1.0.22]
-- Bump up 1.12.7 version for coredns fix

[0.0.1-1.0.21]
-- CVE-2019-9946

[0.0.1-1.0.20]
-- CVE-2019-1002101

[0.0.1-1.0.19]
-- Bump up 1.12.6 version

[0.0.1-1.0.18]
-- OLCNE-201 upgrade from 1.9 to 1.12 fails

[0.0.1-1.0.17]
-- Update the Kubernetes version to include the conntrack fix

[0.0.1-1.0.16]
-- CVE-2019-1002100

kubeadm-ha-setup
[0.0.2-1.0.24]
- Return stdout and stderr from Run function to allow the caller decided what to display

[0.0.2-1.0.23]
- [OLCNE-170] proxy variable is inherited in remote master

[0.0.2-1.0.22]
- The Trim function doesn't work for replacing strings
- Upgrade should use the pause container instead of pause-amd64

[0.0.2-1.0.21]
- Include 1.12.7 image and update 1.13 and metric servers info

[0.0.2-1.0.20]
- Support new registries and allow for password to have a colon

[0.0.2-1.0.19]
- --force flag for full restore

[0.0.2-1.0.18]
- Change update help message

[0.0.2-1.0.17]
- Change update message, add ha install command and ask for confirmation

[0.0.2-1.0.16]
- Change upgrade command name to update

[0.0.2-1.0.15]
- Fix upgrade for point release

[0.0.2-1.0.14]
- OLCNE-79 Move file.go to config.go

[0.0.2-1.0.13]
- OLCNE-144 Feature Flag 1.13 code

[0.0.2-1.0.12]
- Add support of upgrading HA master nodes

[0.0.2-1.0.11]
- Support deploying Kubernetes version 1.13.2

[0.0.2-1.0.10]
- CVE-2018-16875

[0.0.2-1.0.9]
- Add timeout to Run() (gitlab issues #3)
- Rename path to linux-git.us.oracle.com/Kubernetes

[0.0.2-1.0.8]
- Remove releases.json dependency

[0.0.2-1.0.7]
- Pin dependent kubernetes packages

[0.0.2-1.0.6]
- Update deps for kube 1.13

[0.0.2-1.0.5]
- Add test runner in makefile and execute it in CI/CD

[0.0.2-1.0.4]
- Fix backup path issue again found by Tom Cocozzello

[0.0.2-1.0.3]
- [Orabug 29152516] Backup and restore /var/lib/kubelet/kubeadm-flags.env too
- Cleanup kube-ipvs0 interface too
- More code cleanup
- Use map for checking kernel module
- Fix client joining errors
- Addressing Tom Cocozzello's review
- Enabling IPVS in HA

[0.0.2-1.0.2]
- Update dashboard image (CVE-2018-18264)

[0.0.2-1.0.1]
- Allow Oracle certified addons to be installed via cli

kubernetes-cni
[0.6.0-2.2.1]
- [OLCNE-235] [CVE-2019-9946] portmap inserts rules at the front of the iptables nat chains

kubernetes-cni-plugins
[0.7.5-1.0.1.dev]
- Update to v0.7.5


Related CVEs


CVE-2019-9946
CVE-2019-1002101

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) kubeadm-ha-setup-0.0.2-1.0.24.el7.src.rpme0e60b5d556ee5d973582363fec38c69ELSA-2020-5825
kubeadm-upgrade-0.0.1-1.0.22.el7.src.rpm90a6e61ce29c0556f19d04c462fbc2c5ELSA-2020-5654
kubernetes-1.12.7-1.1.2.el7.src.rpme5bf774cce9bf0cb1bd1b366a3b6e551ELBA-2021-9240
kubernetes-cni-0.6.0-2.2.1.el7.src.rpm1b3a6a0e303d8eb9da1f56f354d37bb7ELBA-2021-9240
kubernetes-cni-plugins-0.7.5-1.0.1.el7.src.rpmd7ddfd108982b8abe6f0538fb48b3741ELBA-2021-9240
kubeadm-1.12.7-1.1.2.el7.x86_64.rpm942145b52f909897cfe6e1a4994652afELBA-2021-9240
kubeadm-ha-setup-0.0.2-1.0.24.el7.x86_64.rpm68085eac56f41e0a44a04a912b2bc00aELSA-2020-5825
kubeadm-upgrade-0.0.1-1.0.22.el7.x86_64.rpmf6369b2b4a975c055bf8739e22caa603ELSA-2020-5654
kubectl-1.12.7-1.1.2.el7.x86_64.rpm6c197770fd286c431ed12e564159a099ELBA-2021-9240
kubelet-1.12.7-1.1.2.el7.x86_64.rpm1a774409866b4b794408680f0d1d2ea7ELBA-2021-9240
kubernetes-cni-0.6.0-2.2.1.el7.x86_64.rpm74ba480d6b5784977dccebdb38c670aaELBA-2021-9240
kubernetes-cni-plugins-0.7.5-1.0.1.el7.x86_64.rpm82cf5951b3d8018f4f4e6e6e41a98c74ELBA-2021-9240



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights