Stay Connected:

ELSA-2021-9546

ELSA-2021-9546 - olcne istio istio kubernetes security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2021-11-09

Description


olcne
[1.3.2-2]
- Turn off default PodDisruptionBudget in istio template to unblock kubernetes module upgrade
- Update Kubernetes version to 1.20.11 to address CVE-2021-25741
- Update Istio to 1.9.8, 1.10.4 to address CVE-2021-32777, CVE-2021-32778, CVE-2021-32779, CVE-2021-32780 & CVE-2021-32781
- Update proxyv2 image to select iptables legacy or latest based on host operating system
- Fix major.minor k8s version

istio
[1.10.4-3]
- Updated iptables-switch for OL8 and OL7 logic

[1.10.4-2]
- Bump release, addresses the following envoy CVEs,
CVE-2021-32777, CVE-2021-32778, CVE-2021-32779, CVE-2021-32780 & CVE-2021-32781

[1.10.4-1]
- Added Oracle specific files for 1.10.4-1

istio
[1.9.8-3]
- Updated iptables-switch for OL8 and OL7 logic

[1.9.8-2]
- Bump release, addresses the following envoy CVEs,
CVE-2021-32777, CVE-2021-32778, CVE-2021-32779, CVE-2021-32780 & CVE-2021-32781

[1.9.8-1]
- Added Oracle specific files for 1.9.8-1

kubernetes
[1.20.11-4]
- Fix major.minor version

[1.20.11-3]
- Updated iptables-switch for OL8 and OL7 logic

[1.20.11-2]
- Bump release for CVE fix, addresses CVE-2021-25741

[1.20.11-1]
- Added Oracle specific build files for Kubernetes


Related CVEs


CVE-2021-32777
CVE-2021-32780
CVE-2021-32781
CVE-2021-32779
CVE-2021-25741
CVE-2021-32778

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (x86_64) istio-1.10.4-3.el8.src.rpmcc9180f01e9abc753ee06182ad5582b7-
istio-1.9.8-3.el8.src.rpm998ca986a4aa85962249d218f3b87653-
kubernetes-1.20.11-4.el8.src.rpm98ec26abcef2318ed0e6793527eabe0a-
olcne-1.3.2-2.el8.src.rpmffbdb94260b25b74f7243411f1a54398-
istio-1.10.4-3.el8.x86_64.rpmea9703d5099dd9ead089e3cf59466091-
istio-1.9.8-3.el8.x86_64.rpmf5748366c6ff16408d75e9cfb7326ecf-
istio-istioctl-1.10.4-3.el8.x86_64.rpmfd642329ec3905fb576e2cbd15e1ce5f-
istio-istioctl-1.9.8-3.el8.x86_64.rpm110c1e9f2e971e0a0b5e4190a370ea19-
kubeadm-1.20.11-4.el8.x86_64.rpm8c94c1bfbfebd457003e05d3f661e17f-
kubectl-1.20.11-4.el8.x86_64.rpm1c36a172dcd16d75305ee08cf4925286-
kubelet-1.20.11-4.el8.x86_64.rpm731d5103d0786082107b8a6ea0242f0e-
olcne-agent-1.3.2-2.el8.x86_64.rpm2a22cc3ea39077bb04e34a3b73c757a4-
olcne-api-server-1.3.2-2.el8.x86_64.rpm90950222b8e4fe92868ac0afe9c4d04c-
olcne-grafana-chart-1.3.2-2.el8.x86_64.rpm750892c9fca48ba2ca00c299b083be0d-
olcne-istio-chart-1.3.2-2.el8.x86_64.rpmb733b9ea808bed0908c5e6a32eada587-
olcne-nginx-1.3.2-2.el8.x86_64.rpm2d4162a3d7f674f651d1150d5ae62119-
olcne-olm-chart-1.3.2-2.el8.x86_64.rpm750fc9cd7fe314c1a4091b50cfd48b56-
olcne-prometheus-chart-1.3.2-2.el8.x86_64.rpm425d1717b203e90e569f114918dfabd8-
olcne-utils-1.3.2-2.el8.x86_64.rpm4f68fab3bf90d970a64d19cb84b5f548-
olcnectl-1.3.2-2.el8.x86_64.rpme17d2f4fae9a81940cc3cbfe1151ab40-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights