Oracle Errata SystemOracle Linux5.32021-09-09T12:48:43
ELSA-2020-5726: grafana kubernetes-cni kubernetes-cni-plugins kubernetes kubernetes olcne security update (IMPORTANT)
Oracle Linux 7
grafana
[%{}-1.0.1]
- Added Oracle Specific Build Files for grafana
kubernetes-cni
[0.7.1-1.0.1]
- Added Oracle specific build files for Kubernetes CNI
kubernetes-cni-plugins
[0.8.6-1.0.1]
- Added Oracle specific build files for Kubernetes CNI Plugins
kubernetes
[1.14.9-1.0.4]
- CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements
- CVE-2020-8555: Half-Blind SSRF in kube-controller-manager
[1.14.9-1.0.3]
- [CVE-2019-11254] kube-apiserver Denial of Service vulnerability from malicious YAML payloads
[1.14.9-1.0.2]
- Use bounded crio version
[1.14.9-1.0.1]
- Added Oracle specific build files for Kubernetes
kubernetes
[1.17.6-1.0.2.el7]
- Update to kubernetes-cni for CVE-2020-10749
[1.17.6-1.0.2.el7]
- Added Oracle specific build files for Kubernetes
olcne
[1.1.1-1]
- Update Istio to use Grafana 6.7.4 to address CVE-2020-13379
- Kubernetes update due to CVE-2020-10749 and CVE-2020-8555
IMPORTANTCopyright 2020 Oracle, Inc.CVE-2020-10749CVE-2020-13379CVE-2020-8555olcne-agentkubectlkubernetes-cni-pluginsolcne-api-serverolcne-prometheus-chartoraclelinux-releaseolcne-istio-chartgrafanakubeletkubernetes-cniolcne-utilskubeadmolcnectlolcne-nginx72f97b74ec551f03^7x86_640:6.7.4-1.0.1.el70:1.14.9-1.0.4.el70:1.17.6-1.0.2.el70:0.7.1-1.0.1.el70:0.8.6-1.0.2.el70:1.1.1-3.el7