[ELSA-2023-12357] istio security update

Severity Important

Affected Packages 17

CVEs 6

istio
[1.15.7-1]
- Added Oracle specific files for 1.15.7-1

kubernetes
[1.24.8-2]
- libct/cg: add misc controller to v1 drivers (upstream runc patch)

[1.24.8-1]
- Added Oracle specific build files for Kubernetes

olcne
[1.5.12-5]
- Bug fix - Append a slash in oci-instance-metada url

[1.5.12-4]
- Update Istio version to 1.15.7 to address CVE's
- CVE-2022-27496
- CVE-2022-27488
- CVE-2022-27493
- CVE-2022-27492
- CVE-2022-27491
- CVE-2022-27487

[1.5.12-3]
- Updated olcne_version argument in olcnectl provision to support <major.minor.patch>

[1.5.12-2]
- Update kubelet for upstream runc misc cgroups patch

[1.5.12-1]
- Fix the bug olcnectl provision fails if ol8_developer does not exist

Package	Affected Version
pkg:rpm/oraclelinux/olcnectl?distro=oraclelinux-7	< 1.5.12-5.el7
pkg:rpm/oraclelinux/olcne-utils?distro=oraclelinux-7	< 1.5.12-5.el7
pkg:rpm/oraclelinux/olcne-prometheus-chart?distro=oraclelinux-7	< 1.5.12-5.el7
pkg:rpm/oraclelinux/olcne-olm-chart?distro=oraclelinux-7	< 1.5.12-5.el7
pkg:rpm/oraclelinux/olcne-oci-ccm-chart?distro=oraclelinux-7	< 1.5.12-5.el7
pkg:rpm/oraclelinux/olcne-nginx?distro=oraclelinux-7	< 1.5.12-5.el7
pkg:rpm/oraclelinux/olcne-metallb-chart?distro=oraclelinux-7	< 1.5.12-5.el7
pkg:rpm/oraclelinux/olcne-istio-chart?distro=oraclelinux-7	< 1.5.12-5.el7
pkg:rpm/oraclelinux/olcne-grafana-chart?distro=oraclelinux-7	< 1.5.12-5.el7
pkg:rpm/oraclelinux/olcne-gluster-chart?distro=oraclelinux-7	< 1.5.12-5.el7
pkg:rpm/oraclelinux/olcne-api-server?distro=oraclelinux-7	< 1.5.12-5.el7
pkg:rpm/oraclelinux/olcne-agent?distro=oraclelinux-7	< 1.5.12-5.el7
pkg:rpm/oraclelinux/kubelet?distro=oraclelinux-7	< 1.24.8-2.el7
pkg:rpm/oraclelinux/kubectl?distro=oraclelinux-7	< 1.24.8-2.el7
pkg:rpm/oraclelinux/kubeadm?distro=oraclelinux-7	< 1.24.8-2.el7
pkg:rpm/oraclelinux/istio?distro=oraclelinux-7	< 1.15.7-1.el7
pkg:rpm/oraclelinux/istio-istioctl?distro=oraclelinux-7	< 1.15.7-1.el7

ID

ELSA-2023-12357

Severity

important

URL

https://linux.oracle.com/errata/ELSA-2023-12357.html

Published

2023-05-26T00:00:00
(16 months ago)

Modified

2023-05-26T00:00:00
(16 months ago)

Rights

Other Advisories

Source	# ID	URL
elsa	ELSA-2023-12357	https://linux.oracle.com/errata/ELSA-2023-12357.html
CVE	CVE-2022-27487	https://linux.oracle.com/cve/CVE-2022-27487.html
CVE	CVE-2022-27488	https://linux.oracle.com/cve/CVE-2022-27488.html
CVE	CVE-2022-27496	https://linux.oracle.com/cve/CVE-2022-27496.html
CVE	CVE-2022-27493	https://linux.oracle.com/cve/CVE-2022-27493.html
CVE	CVE-2022-27492	https://linux.oracle.com/cve/CVE-2022-27492.html
CVE	CVE-2022-27491	https://linux.oracle.com/cve/CVE-2022-27491.html

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/oraclelinux/olcnectl?distro=oraclelinux-7	oraclelinux	olcnectl	< 1.5.12-5.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/olcne-utils?distro=oraclelinux-7	oraclelinux	olcne-utils	< 1.5.12-5.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/olcne-prometheus-chart?distro=oraclelinux-7	oraclelinux	olcne-prometheus-chart	< 1.5.12-5.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/olcne-olm-chart?distro=oraclelinux-7	oraclelinux	olcne-olm-chart	< 1.5.12-5.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/olcne-oci-ccm-chart?distro=oraclelinux-7	oraclelinux	olcne-oci-ccm-chart	< 1.5.12-5.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/olcne-nginx?distro=oraclelinux-7	oraclelinux	olcne-nginx	< 1.5.12-5.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/olcne-metallb-chart?distro=oraclelinux-7	oraclelinux	olcne-metallb-chart	< 1.5.12-5.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/olcne-istio-chart?distro=oraclelinux-7	oraclelinux	olcne-istio-chart	< 1.5.12-5.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/olcne-grafana-chart?distro=oraclelinux-7	oraclelinux	olcne-grafana-chart	< 1.5.12-5.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/olcne-gluster-chart?distro=oraclelinux-7	oraclelinux	olcne-gluster-chart	< 1.5.12-5.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/olcne-api-server?distro=oraclelinux-7	oraclelinux	olcne-api-server	< 1.5.12-5.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/olcne-agent?distro=oraclelinux-7	oraclelinux	olcne-agent	< 1.5.12-5.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kubelet?distro=oraclelinux-7	oraclelinux	kubelet	< 1.24.8-2.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kubectl?distro=oraclelinux-7	oraclelinux	kubectl	< 1.24.8-2.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kubeadm?distro=oraclelinux-7	oraclelinux	kubeadm	< 1.24.8-2.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/istio?distro=oraclelinux-7	oraclelinux	istio	< 1.15.7-1.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/istio-istioctl?distro=oraclelinux-7	oraclelinux	istio-istioctl	< 1.15.7-1.el7	oraclelinux-7

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date