[ELSA-2018-4061] kubernetes security update
Severity
Important
Affected Packages
3
CVEs
2
[1.9.1-2.1.5]
- Production built 1.9.1-2.1.5
- Fix the upgrade version check
- Remove w/a from [Orabug 27125915]
[1.9.1-2.1.4.dev]
- Make sure worker node upgrade properly
- [Orabug 27649898]
[1.9.1-2.1.3.dev]
- Ensure that the runtime mounts RO volumes read-only [CVE-2017-1002102]
- Update Dashboard version to v1.8.3 [CVE-2017-1002102]
- Fix nested volume mounts for read-only API data volumes [CVE-2017-1002102]
- Fixed kubeadm-setup.sh and kubeadm-registry.sh
- Add feature gate for subpath [CVE-2017-1002101]
- Add subpath e2e tests [CVE-2017-1002101]
- Lock subPath volumes [CVE-2017-1002101]
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/kubelet?distro=oraclelinux-7 | < 1.9.1-2.1.5.el7 |
pkg:rpm/oraclelinux/kubectl?distro=oraclelinux-7 | < 1.9.1-2.1.5.el7 |
pkg:rpm/oraclelinux/kubeadm?distro=oraclelinux-7 | < 1.9.1-2.1.5.el7 |
- ID
- ELSA-2018-4061
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2018-4061.html
- Published
-
2018-04-05T00:00:00
(6 years ago) - Modified
-
2018-04-05T00:00:00
(6 years ago) - Rights
- Copyright 2018 Oracle, Inc.
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2018-4061 | http://linux.oracle.com/errata/ELSA-2018-4061.html | |
CVE | CVE-2017-1002101 | http://linux.oracle.com/cve/CVE-2017-1002101.html | |
CVE | CVE-2017-1002102 | http://linux.oracle.com/cve/CVE-2017-1002102.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/kubelet?distro=oraclelinux-7 | oraclelinux | kubelet | < 1.9.1-2.1.5.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kubectl?distro=oraclelinux-7 | oraclelinux | kubectl | < 1.9.1-2.1.5.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kubeadm?distro=oraclelinux-7 | oraclelinux | kubeadm | < 1.9.1-2.1.5.el7 | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |