ELSA-2022-9588
- ULN >
- Oracle Linux Errata repository >
- ELSA-2022-9588
ELSA-2022-9588 - olcne security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2022-07-12 |
Description
olcne
[1.5.4-3]
- Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over
[1.5.4-2]
- Istio CVE-2022-31045, CVE-2022-29225, CVE-2022-29224,CVE-2022-29226,CVE-2022-29228,CVE-2022-29227
[1.5.4-1]
- Upgrade Kubernetes to 1.23.7
[1.5.3-1]
- Address qemu CVE-2022-26353, CVE-2021-3748
[1.5.2-1]
- Excluded unnecessary directories from k8s backup files
[1.5.1-1]
- Fixed the bug in fetching node metadata for non-cloud nodes
[1.5.0-2]
- Upgrade Helm to 3.7.1-2
[1.5.0-2]
- fix null pointer exception in systemd service state validation
[1.5.0-1]
- Introduce support for compact Kubernetes clusters
- Introduce MetalLB
- Introduce Oracle Cloud Infrastructure Cloud Controller Manager
- Improved log messages in Platform API Server and Platform Agent
- Upgrade Kubernetes to 1.22.8
- Upgrade Istio to 1.13.2
- Renamed the oci-csi module to oci-ccm
[1.5.0-20.alpha]
- Update istio-1.13.2 grafana to 7.5.15
[1.5.0-14.alpha]
- Metallb fix
[1.5.0-11.alpha]
- Remove module directories when olcne rpm is uninstalled
[1.5.0-10.alpha]
- OCI CCM 0.13.0
[1.5.0-9.alpha]
- Reworked log messages
[1.5.0-8.alpha]
- Update Istio to 1.13.2(prometheus-2.31.1, grafana-8.4.6)
[1.5.0-7.alpha]
- Update Istio to 1.12.6(prometheus-2.30.1, grafana-7.5.15)
[1.5.0-6.alpha]
- Update to k8s 1.22 with golang 1.17
[1.5.0-5.alpha]
- Update internal docs for oci-ccm module
[1.5.0-4.alpha]
- Extend oci-ccm module to support load balancer
[1.5.0-3.alpha]
- Firewall pre-req
[1.5.0-2.alpha]
- Ensure that config map settings needed by metallb is preserved during k8s upgrade
[1.5.0-1.alpha]
- Metallb module
[1.4.1-14]
- Added 1.4 extra images to registry-image-helper.sh script
[1.4.1-13]
- Update sudoers file and changed its permissions to '0440'
[1.4.1-12]
- Update olcne-kubernetes.md file for 'compact' flag
[1.4.1-11]
- Ensure that the order of items in an upgraded config file is stable with respect to the original file
[1.4.1-10]
- Ensure that old olcnectl config files are upgraded
[1.4.1-9]
- Rename oci-csi module to oci-ccm and add support for oci-ccm loadbalancer creation
[1.4.1-8]
- Make 'compact' flag updatable
[1.4.1-7]
- Introduce 'compact' that enables control-plane nodes to run any workloads
[1.4.1-6]
- Ability to label 1 or more kubernetes nodes
[1.4.1-5]
- Fixed a bug where specifying a port in the container-registry argument
to the Kubernetes module would result in pods not being able to start.
[1.4.1-4]
- Update helm to 3.7.1
[1.4.1-3]
- Update versions to Istio-1.12.2, prometheus-2.31.1 and grafana-7.5.11
[1.4.1-2]
- Allow loadbalancer to be configured regardless of security list mode
[1.4.0-4]
- Fix bug in initialising certs manager when environment name not mentioned
[1.4.0-3]
- Fix bug in fetching report for multi-environment
[1.4.0-2]
- Pause image is 3.4.1
[1.4.0-1]
- CSI plugin
- Reports feature
- Kubernetes-1.20.6 to Kubernetes-1.21.6 upgrade
- Istio-1.9.4 to Istio-1.11.4 upgrade
- Component upgrades
- Config file feature
[1.3.0-13]
- Fix iptables issue when running on OL7 host using OL8 image
[1.3.0-12]
- Address CVE's ISTIO-SECURITY-2021-003, ISTIO-SECURITY-2021-005, ISTIO-SECURITY-2021-006, ISTIO-SECURITY-2021-007
[1.3.0-11]
- Fixed yaml file to stop olcne-nginx and keepalived services at uninstall [Orabug: 32296282]
[1.3.0-10]
- Fixed missing double semicolon in registry image helper
[1.3.0-9]
istio
[1.13.5-1]
- Added Oracle specific files for 1.13.5-1
kubernetes
[1.23.7-1]
- Added Oracle specific build files for Kubernetes
cri-tools
[1.23.0-1]
- Added Oracle Specific Build Files for cri-tools
cri-o
[1.23.3-1]
- Added Oracle Specifile Files for cri-o
kata
[1.12.1-5]
- updated cri-o and cri-tools versions to support kubernetes-1.23
[1.12.1-4]
- update kata-image versions
- update kernel-uek-container version to kernel-uek-container-5.4.17-2136.306.1.3
[1.21.1-3]
- Support k8s 1.21.6
- updated kernel-uek-container version
- updated kata-image versions
- added buildhost variable
[1.12.1-2]
- Golang 1.15.9
[1.12.1-1]
- Updated to kata 1.12.1
- Updated guest kernel (kernel-uek-container) minimum version to UEK6U2 (5.4.17-2102.200.7)
etcd
[3.5.1-2]
- Updated THIRD_PARTY_LICENSES.txt file
[3.5.1-1]
- Added Oracle specific build files
Related CVEs
| CVE-2022-29228 |
| CVE-2022-29224 |
| CVE-2022-29226 |
| CVE-2022-29227 |
| CVE-2022-31045 |
| CVE-2022-29225 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 8 (x86_64) | cri-o-1.23.3-1.el8.src.rpm | 227f85c4a1dbc17d596fefb3cad15e2b4ec957504325f8826005811395f51c1d | - | ol8_x86_64_olcne15 |
| cri-tools-1.23.0-1.el8.src.rpm | 9f18c14374e5283fcbade8b6f109ba7d9d7afe2005a8a0f0557409fb7a355424 | - | ol8_x86_64_olcne15 | |
| etcd-3.5.1-2.el8.src.rpm | 23086640dce717c2ac2905725a42b1d585d6228a495d8762ff5c858c2280cf74 | - | ol8_x86_64_olcne15 | |
| istio-1.13.5-1.el8.src.rpm | c0554f1e8711cde775998855b94cc008afcf9eab2cd4f0c39c83b1c4fe365b97 | - | ol8_x86_64_olcne14 | |
| istio-1.13.5-1.el8.src.rpm | c0554f1e8711cde775998855b94cc008afcf9eab2cd4f0c39c83b1c4fe365b97 | - | ol8_x86_64_olcne15 | |
| kata-1.12.1-5.el8.src.rpm | 3c735bc1fcacf86dab98007fbf84afdb806c9d27515a57619cf9d808eed3b32e | - | ol8_x86_64_olcne15 | |
| kubernetes-1.23.7-1.el8.src.rpm | bf27e7909e1b5438716ebc1c0efbe904a55d4cd22b3a1b5f1eb58b7443a3b6db | - | ol8_x86_64_olcne15 | |
| olcne-1.5.4-3.el8.src.rpm | f6cd12c0a6d12379cfd71f172790459172a70674ba45441fd7c9b5d5f2b204ed | - | ol8_x86_64_olcne15 | |
| cri-o-1.23.3-1.el8.x86_64.rpm | bccc3760f0041b6941d843f67bc30613e61f0c92cf74067c90b8fd9aeae860ea | - | ol8_x86_64_olcne15 | |
| cri-tools-1.23.0-1.el8.x86_64.rpm | 276fbedc7950b8400c2ab9755350a9dce3d8488bd21e876f1579e6b351acda5c | - | ol8_x86_64_olcne15 | |
| etcd-3.5.1-2.el8.x86_64.rpm | 8d1186660abe175e0ac5a2b7061e91342c79181e478fc617b20b9fb475e1b64b | - | ol8_x86_64_olcne15 | |
| istio-1.13.5-1.el8.x86_64.rpm | de014affdfc423f9ec00b74e490451dfaabb2e689a180ac6c84670286dccb685 | - | ol8_x86_64_olcne14 | |
| istio-1.13.5-1.el8.x86_64.rpm | de014affdfc423f9ec00b74e490451dfaabb2e689a180ac6c84670286dccb685 | - | ol8_x86_64_olcne15 | |
| istio-istioctl-1.13.5-1.el8.x86_64.rpm | 7dcfce0e495f147e5745c4c5e9e0cb471ef4824e436d3275fc8910c7fd9aa379 | - | ol8_x86_64_olcne14 | |
| istio-istioctl-1.13.5-1.el8.x86_64.rpm | 7dcfce0e495f147e5745c4c5e9e0cb471ef4824e436d3275fc8910c7fd9aa379 | - | ol8_x86_64_olcne15 | |
| kata-1.12.1-5.el8.x86_64.rpm | d20e55b4ffea8761b530a23575128b855a1469fce4bc186443604dd6e9e52267 | - | ol8_x86_64_olcne15 | |
| kubeadm-1.23.7-1.el8.x86_64.rpm | 1cb1098364681f2c061bec2b3882bfabd7cf2327d6b94839deb401ed90c8c23c | - | ol8_x86_64_olcne15 | |
| kubectl-1.23.7-1.el8.x86_64.rpm | 681a77e768bc5a9932d285ee05cf0e5e0f44c30dc2d38e61bee7e95ac8d3f4ff | - | ol8_x86_64_olcne15 | |
| kubelet-1.23.7-1.el8.x86_64.rpm | f64ee08b68a686fba54368d8c8db90c978432fc056348185a10b3430576500ed | - | ol8_x86_64_olcne15 | |
| olcne-agent-1.5.4-3.el8.x86_64.rpm | 5a9711bbdf534019db053aba353e8f3d5bf8e1b1af79786227ef9f1291c1934b | - | ol8_x86_64_olcne15 | |
| olcne-api-server-1.5.4-3.el8.x86_64.rpm | d3ac395c1d2e2ee492eeb9812e2bd416f9fb05e35d434c8e6ce9623ebc182840 | - | ol8_x86_64_olcne15 | |
| olcne-gluster-chart-1.5.4-3.el8.x86_64.rpm | d70351e10f528dfb7c658f388be63b04c2ec03491167977dcd6015c068904413 | - | ol8_x86_64_olcne15 | |
| olcne-grafana-chart-1.5.4-3.el8.x86_64.rpm | bb20f0fcf3b6820588f134005e42d1f9379feb86f9b6e2759f8327077fb3a86b | - | ol8_x86_64_olcne15 | |
| olcne-istio-chart-1.5.4-3.el8.x86_64.rpm | c1dd4a34399f077ac95111d9f4bffe572b19975f4b42506391c0f5b945d2c237 | - | ol8_x86_64_olcne15 | |
| olcne-metallb-chart-1.5.4-3.el8.x86_64.rpm | 4bb427a5b7ecc645f2e772f1ff0ccca071231af13a0ae9dc19f6f6136dea8331 | - | ol8_x86_64_olcne15 | |
| olcne-nginx-1.5.4-3.el8.x86_64.rpm | bc782dc47e6bd4422d56110bc955dfe53fea481a209cd438f46a2cd63b0f722e | - | ol8_x86_64_olcne15 | |
| olcne-oci-ccm-chart-1.5.4-3.el8.x86_64.rpm | 1ff805e640409e6f043c21e94df1b09b1d5077ce7369bf4f68f3ab27ea877177 | - | ol8_x86_64_olcne15 | |
| olcne-olm-chart-1.5.4-3.el8.x86_64.rpm | 400fb6c9e6716ff1de52ae2a128da26422a87e82c68d1962cdec72d41c15529f | - | ol8_x86_64_olcne15 | |
| olcne-prometheus-chart-1.5.4-3.el8.x86_64.rpm | b4297b6a9b5cd7a2184a965d0d9231984826d23f045915b52135dcc73f15a775 | - | ol8_x86_64_olcne15 | |
| olcne-utils-1.5.4-3.el8.x86_64.rpm | 5cb9cf8fa2bd0d6d12460e2b8ce936b845b289aacb8cd7835e43a6c07f4d21b6 | - | ol8_x86_64_olcne15 | |
| olcnectl-1.5.4-3.el8.x86_64.rpm | d961116d7ab89807a00580becf701db63bb1e505c3745c9053337cf0b1b2c577 | - | ol8_x86_64_olcne15 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
