ELSA-2022-9774
- ULN >
- Oracle Linux Errata repository >
- ELSA-2022-9774
ELSA-2022-9774 - istio security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2022-09-08 |
Description
istio
[1.13.7-1]
- Added Oracle specific files for 1.13.7-1
olcne
[1.4.7-1]
- Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045
[1.4.6-2]
- Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over
- Update gen-certs-helper script to skip printing olcne_transfer_script execution
- Cleanup grpc connection when node not found and use substr method in case fqdn used for hostname
[1.4.6-1]
- Adress Istio CVE-2022-31045, CVE-2022-29225, CVE-2022-29224,CVE-2022-29226,CVE-2022-29228,CVE-2022-29227
[1.4.5-1]
- Address qemu CVE-2022-26353, CVE-2021-3748
[1.4.4-1]
- Excluded unnecessary directories from k8s backup files
[1.4.3-1]
- Update Istio to 1.13.2
[1.4.2-1]
- Added 1.4 extra images to registry-image-helper.sh script
[1.4.1-4]
- Ensure that the order of items in an upgraded config file is stable with respect to the original file
- Ensure that old olcnectl config files are upgraded
[1.4.1-3]
- Fixed a bug where specifying a port in the container-registry argument
to the Kubernetes module would result in pods not being able to start.
[1.4.1-2]
- Allow loadbalancer to be configured regardless of security list mode
[1.4.1-1]
- Fix bug in initialising certs manager when environment name not mentioned
[1.4.0-3]
- Fix bug in fetching report for multi-environment
[1.4.0-2]
- Pause image is 3.4.1
[1.4.0-1]
- CSI plugin
- Reports feature
- Kubernetes-1.20.6 to Kubernetes-1.21.6 upgrade
- Istio-1.9.4 to Istio-1.11.4 upgrade
- Component upgrades
- Config file feature
[1.3.0-13]
- Fix iptables issue when running on OL7 host using OL8 image
[1.3.0-12]
- Address CVE's ISTIO-SECURITY-2021-003, ISTIO-SECURITY-2021-005, ISTIO-SECURITY-2021-006, ISTIO-SECURITY-2021-007
[1.3.0-11]
- Fixed yaml file to stop olcne-nginx and keepalived services at uninstall [Orabug: 32296282]
[1.3.0-10]
- Fixed missing double semicolon in registry image helper
[1.3.0-9]
Related CVEs
| CVE-2022-31045 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (x86_64) | istio-1.13.7-1.el7.src.rpm | 639ee1fad32f1c4a52f18d8c5a139680 | - |
| olcne-1.4.7-1.el7.src.rpm | 9d135a9c6c188b58c26824460356ec9f | - | |
| istio-1.13.7-1.el7.x86_64.rpm | 1fa4c2ff3fdee8ffaae7f424bdf81889 | - | |
| istio-istioctl-1.13.7-1.el7.x86_64.rpm | 519cf10d4c52cc1b80734a8538d0a08f | - | |
| olcne-agent-1.4.7-1.el7.x86_64.rpm | cb43f335813eb5c1ab5697e63097d069 | - | |
| olcne-api-server-1.4.7-1.el7.x86_64.rpm | 6387ad716f5b44401b961a1685f41b26 | - | |
| olcne-gluster-chart-1.4.7-1.el7.x86_64.rpm | 7b6c0157bd5f6844ab5e90722e42e64f | - | |
| olcne-grafana-chart-1.4.7-1.el7.x86_64.rpm | 7db22cc119513ceec30676d2aab69145 | - | |
| olcne-istio-chart-1.4.7-1.el7.x86_64.rpm | 7791fbde4c698f21fe16a6c2cbdb83f1 | - | |
| olcne-nginx-1.4.7-1.el7.x86_64.rpm | 70e1ca78f407f2b214d86c8c4f3a60be | - | |
| olcne-oci-csi-chart-1.4.7-1.el7.x86_64.rpm | 71e20bba8176f0247d6119f67f3840b9 | - | |
| olcne-olm-chart-1.4.7-1.el7.x86_64.rpm | da456bcbef823571328b272f30079499 | - | |
| olcne-prometheus-chart-1.4.7-1.el7.x86_64.rpm | e667cdf578c7a200035e9751c454f99e | - | |
| olcne-utils-1.4.7-1.el7.x86_64.rpm | dc7b06e115e8358fd908b32a2e40d308 | - | |
| olcnectl-1.4.7-1.el7.x86_64.rpm | 824009488d43603cf1528dbff0ac0b52 | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
