[ELSA-2020-5725] kubernetes kubeadm-ha-setup kubernetes-cni kubernetes-cni-plugins security update
Severity
Important
Affected Packages
6
CVEs
2
kubernetes
[1.12.10-1.0.12]
- CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements
- CVE-2020-8555: Half-Blind SSRF in kube-controller-manager
kubeadm-ha-setup
[0.0.2-1.0.70]
- Enhance image tag read to depend on kubeadm-registry.sh for CVE release
CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements
CVE-2020-8555: Half-Blind SSRF in kube-controller-manager
kubernetes-cni
[0.7.1-1.0.1]
- Added Oracle specific build files for Kubernetes CNI
kubernetes-cni-plugins
[0.8.6-1.0.1]
- Added Oracle specific build files for Kubernetes CNI Plugins
| Package | Affected Version |
|---|---|
 pkg:rpm/oraclelinux/kubernetes-cni?distro=oraclelinux-7
|
< 0.7.1-1.0.1.el7 |
|
pkg:rpm/oraclelinux/kubernetes-cni-plugins?distro=oraclelinux-7
|
< 0.8.6-1.0.2.el7 |
|
pkg:rpm/oraclelinux/kubelet?distro=oraclelinux-7
|
< 1.12.10-1.0.12.el7 |
|
pkg:rpm/oraclelinux/kubectl?distro=oraclelinux-7
|
< 1.12.10-1.0.12.el7 |
|
pkg:rpm/oraclelinux/kubeadm?distro=oraclelinux-7
|
< 1.12.10-1.0.12.el7 |
|
pkg:rpm/oraclelinux/kubeadm-ha-setup?distro=oraclelinux-7
|
< 0.0.2-1.0.70.el7 |
- ID
- ELSA-2020-5725
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2020-5725.html
- Published
-
2020-06-12T00:00:00
(4 years ago) - Modified
-
2020-06-12T00:00:00
(4 years ago) - Rights
- Copyright 2020 Oracle, Inc.
- Other Advisories
ALPINE:CVE-2020-10749
ALSA-2020:4694
FEDORA-2020-aeea04cd13
openSUSE-SU-2020:1049-1
RHSA-2020:4694
RLSA-2020:4694
SUSE-SU-2020:1957-1| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2020-5725 |
|
|
| CVE | CVE-2020-8555 |
|
|
| CVE | CVE-2020-10749 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/kubernetes-cni?distro=oraclelinux-7 | oraclelinux |
kubernetes-cni
|
< 0.7.1-1.0.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kubernetes-cni-plugins?distro=oraclelinux-7 | oraclelinux |
kubernetes-cni-plugins
|
< 0.8.6-1.0.2.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kubelet?distro=oraclelinux-7 | oraclelinux |
kubelet
|
< 1.12.10-1.0.12.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kubectl?distro=oraclelinux-7 | oraclelinux |
kubectl
|
< 1.12.10-1.0.12.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kubeadm?distro=oraclelinux-7 | oraclelinux |
kubeadm
|
< 1.12.10-1.0.12.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kubeadm-ha-setup?distro=oraclelinux-7 | oraclelinux |
kubeadm-ha-setup
|
< 0.0.2-1.0.70.el7 | oraclelinux-7 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |