ELSA-2024-12329

ULN >
Oracle Linux Errata repository >
ELSA-2024-12329

ELSA-2024-12329 - cri-o security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2024-04-16

Description

cri-o
[1.25.5-2]
- Address CVE-2024-24786

cri-tools
[1.25.0-4]
- Address CVE-2024-24786

etcd
[3.5.9-4]
- Address protobuf [CVE-2024-24786]

[3.5.9-3]
- Address CVE-2023-39326 by upgrading golang to version 1.20.12

istio
[1.16.7-4]
- Address protobuf [CVE-2024-24786]
- Backport from 1.19.7 to address CVE-2024-23322, CVE-2024-23323, CVE-2024-23324, CVE-2024-23325, CVE-2024-23327

kubernetes
[1.25.16-2]
- Fixed CoreDNS version check

olcne
[1.6.7-3]
- Fixed unable to deploy new module(s) using config file containing already existing modules
- Update Istio-1.16.7 to address CVE-2024-24786, CVE-2024-23322, CVE-2024-23323, CVE-2024-23324, CVE-2024-23325, CVE-2024-23327
- Update Kubernetes-1.25.16 and components to address CVE-2024-24786

Related CVEs

CVE-2024-23327

CVE-2024-24786

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	cri-o-1.25.5-2.el7.src.rpm	f0cff5f65bff0fc1fb40af34bb9f0a03	-	ol7_x86_64_olcne16
	cri-tools-1.25.0-4.el7.src.rpm	331da3b8c938b475975df2e37af157c0	-	ol7_x86_64_olcne16
	etcd-3.5.9-4.el7.src.rpm	e1535ada58a7d09cad88bcca7bb9c8d1	-	ol7_x86_64_olcne16
	istio-1.16.7-4.el7.src.rpm	bf80219552a0944b54a2b6daeba62ed5	-	ol7_x86_64_olcne16
	kubernetes-1.25.16-2.el7.src.rpm	99939ebc432d6a82cc27c7403f4e7aa3	-	ol7_x86_64_olcne16
	olcne-1.6.7-3.el7.src.rpm	675557b2880064aa42821727274bf6a4	-	ol7_x86_64_olcne16
	cri-o-1.25.5-2.el7.x86_64.rpm	94c23540ecc56022a3651eb3c7cef59e	-	ol7_x86_64_olcne16
	cri-tools-1.25.0-4.el7.x86_64.rpm	3d051c789a14bbfad8f82fef6d0c886e	-	ol7_x86_64_olcne16
	etcd-3.5.9-4.el7.x86_64.rpm	4412906364dbd6a8fd3dd5a518971770	-	ol7_x86_64_olcne16
	istio-1.16.7-4.el7.x86_64.rpm	cc8831741521426a4859131fe179218b	-	ol7_x86_64_olcne16
	istio-istioctl-1.16.7-4.el7.x86_64.rpm	ac5d169c4a37f41edbb36a1684867f43	-	ol7_x86_64_olcne16
	kubeadm-1.25.16-2.el7.x86_64.rpm	3b85ed60e8077b452026779f7a1b9fe1	-	ol7_x86_64_olcne16
	kubectl-1.25.16-2.el7.x86_64.rpm	00141de6405cbb75f4e1cdfe585ad178	-	ol7_x86_64_olcne16
	kubelet-1.25.16-2.el7.x86_64.rpm	9dbb8d6d8e3ec087b68891343a9cced8	-	ol7_x86_64_olcne16
	olcne-agent-1.6.7-3.el7.x86_64.rpm	ce4b55ac1e15083cab52f11d3e4a36c9	-	ol7_x86_64_olcne16
	olcne-api-server-1.6.7-3.el7.x86_64.rpm	a50d51e5044fc2e77ca24c9788688c42	-	ol7_x86_64_olcne16
	olcne-calico-chart-1.6.7-3.el7.x86_64.rpm	85573758e4020d00c1a4fd2e5e92cc28	-	ol7_x86_64_olcne16
	olcne-gluster-chart-1.6.7-3.el7.x86_64.rpm	ed6d771008a162fdff64d43c2fdd01b0	-	ol7_x86_64_olcne16
	olcne-grafana-chart-1.6.7-3.el7.x86_64.rpm	bb6292621f224ea315e723f7519337b5	-	ol7_x86_64_olcne16
	olcne-istio-chart-1.6.7-3.el7.x86_64.rpm	404c01519a63b6a88d431177f45cdd2f	-	ol7_x86_64_olcne16
	olcne-metallb-chart-1.6.7-3.el7.x86_64.rpm	dad41de2d17efaa2c77196541f75559b	-	ol7_x86_64_olcne16
	olcne-multus-chart-1.6.7-3.el7.x86_64.rpm	43ed2d67315ca64d2e39d920d7fd6060	-	ol7_x86_64_olcne16
	olcne-nginx-1.6.7-3.el7.x86_64.rpm	f47f33bec716c70f63387815072c4958	-	ol7_x86_64_olcne16
	olcne-oci-ccm-chart-1.6.7-3.el7.x86_64.rpm	be0626199adc81a7c974831bd171c995	-	ol7_x86_64_olcne16
	olcne-olm-chart-1.6.7-3.el7.x86_64.rpm	39edfe36161eec29ecdbac94ebb48446	-	ol7_x86_64_olcne16
	olcne-prometheus-chart-1.6.7-3.el7.x86_64.rpm	1ab9f9cc550514b690bcacb505dbd05a	-	ol7_x86_64_olcne16
	olcne-utils-1.6.7-3.el7.x86_64.rpm	fdae3da62ea0dbf2d830a3010b3d7fb1	-	ol7_x86_64_olcne16
	olcnectl-1.6.7-3.el7.x86_64.rpm	0652020eb6e13dcfc174e6f72f4920c2	-	ol7_x86_64_olcne16

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691