ELSA-2020-5726

ELSA-2020-5726 - grafana kubernetes-cni kubernetes-cni-plugins kubernetes kubernetes olcne security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2020-06-12

Description


grafana
[%{}-1.0.1]
- Added Oracle Specific Build Files for grafana

kubernetes-cni
[0.7.1-1.0.1]
- Added Oracle specific build files for Kubernetes CNI

kubernetes-cni-plugins
[0.8.6-1.0.1]
- Added Oracle specific build files for Kubernetes CNI Plugins

kubernetes
[1.14.9-1.0.4]
- CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements
- CVE-2020-8555: Half-Blind SSRF in kube-controller-manager

[1.14.9-1.0.3]
- [CVE-2019-11254] kube-apiserver Denial of Service vulnerability from malicious YAML payloads

[1.14.9-1.0.2]
- Use bounded crio version

[1.14.9-1.0.1]
- Added Oracle specific build files for Kubernetes

kubernetes
[1.17.6-1.0.2.el7]
- Update to kubernetes-cni for CVE-2020-10749

[1.17.6-1.0.2.el7]
- Added Oracle specific build files for Kubernetes

olcne
[1.1.1-1]
- Update Istio to use Grafana 6.7.4 to address CVE-2020-13379
- Kubernetes update due to CVE-2020-10749 and CVE-2020-8555


Related CVEs


CVE-2020-13379
CVE-2020-8555
CVE-2020-10749

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) grafana-6.7.4-1.0.1.el7.src.rpmb4fbf1e116a7f1896d1149d4114194b1-
kubernetes-1.14.9-1.0.4.el7.src.rpm5d674e44291979a283e1972bf543400e-
kubernetes-1.17.6-1.0.2.el7.src.rpm88a533fc4ee00d9bcaab6bf72e851f16-
kubernetes-cni-0.7.1-1.0.1.el7.src.rpmf79c937f906f9a4251f2fceea737c1e9-
kubernetes-cni-plugins-0.8.6-1.0.2.el7.src.rpmd0d6071990d2228efb95755bdc158b30-
olcne-1.1.1-3.el7.src.rpmfa196f70a06be59277db0fa4a3b20bea-
grafana-6.7.4-1.0.1.el7.x86_64.rpma25d550ead5b3d7083e70885f7905633-
kubeadm-1.14.9-1.0.4.el7.x86_64.rpm8cb32e8a99347f332ce92d67eab64514-
kubeadm-1.17.6-1.0.2.el7.x86_64.rpm449635e8b1e53a21598b3dd9ce38bd72-
kubectl-1.14.9-1.0.4.el7.x86_64.rpm70ce4cdc61c58627e72ce9f930498199-
kubectl-1.17.6-1.0.2.el7.x86_64.rpm714aba16830fb88dc2f3f9212852ebd3-
kubelet-1.14.9-1.0.4.el7.x86_64.rpm459e010b43ba1e03bb6d847d772376e0-
kubelet-1.17.6-1.0.2.el7.x86_64.rpm07b1ff68f1ac5e29dcfb1e088e02fd08-
kubernetes-cni-0.7.1-1.0.1.el7.x86_64.rpm01d78f2dace7d0294183489c0095cc58-
kubernetes-cni-plugins-0.8.6-1.0.2.el7.x86_64.rpm859755f024d6e8c516fb02e34324daec-
olcne-agent-1.1.1-3.el7.x86_64.rpm4257639265d2587ae15bbd769f2a1473-
olcne-api-server-1.1.1-3.el7.x86_64.rpm29de2247da1972a151a0fb19c220327d-
olcne-istio-chart-1.1.1-3.el7.x86_64.rpm829e3e2c11dfc813814935f207c5ae20-
olcne-nginx-1.1.1-3.el7.x86_64.rpm7a989e39291e0e494a35ca13d3f70eb1-
olcne-prometheus-chart-1.1.1-3.el7.x86_64.rpm9380862733b21129fef2f033ea39a94b-
olcne-utils-1.1.1-3.el7.x86_64.rpm9dbf45bf38c1e013c8a47a68fa95ad1f-
olcnectl-1.1.1-3.el7.x86_64.rpm191d5ff98a66fe2c197c6acc4679fc69-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete