[ELSA-2023-13028] conmon security update

Severity Important

Affected Packages 35

CVEs 2

conmon
[2.1.3-7]
- Resolve CVE-2023-39325

[2.1.3-6]
- Add ol8_baseos_latest, and ol9_baseos_latest, to Jenkinsfile

[2.1.3-5]
- Add systemd-devel as build requirement

[2.1.3-4]
- Add support ARM build

[2.1.3.3]
- Add OL9 support

[2.1.3.2]
- Update inline with Linux team building conmon for all but OL7.

cri-o
[1.25.2-3]
- Resolve CVE-2023-39325

cri-tools
[1.25.0-2]
- Resolve CVE-2023-39325

etcd
[3.5.9-2]
- Bump up version

[3.5.9-1]
- Added Oracle specific build files

flannel-cni-plugin
[1.0.1-3]
- Resolve CVE-2023-44487 and CVE-2023-39325

helm
[3.11.1-2]
- address CVE-2023-44487 and CVE-2023-39325

istio
kata
[1.12.1-14]
- Updated to address CVE-2023-44487 and CVE-2023-39325

[1.12.1-13]
- Rebuild kata to fix timestamp issue

[1.12.1-12]
- Add support for ARM build

[1.12.1-11]
- Add OL9 support

[1.12.1-10]
- Updated kata-runtime version to work with more versions of kvm_utils

kata-agent
[1.12.1-9]
- Updated to address CVE-2023-44487 and CVE-2023-39325

[1.12.1-8]
- Remove build_date global variable in kata-image specfile

[1.12.1-7]
- Add support for ARM build

[1.12.1-6]
- Add OL9 support

kata-image
[1.12.1-9]
- Updated to address CVE-2023-44487 and CVE-2023-39325

[1.12.1-8]
- Remove build_date global variable in specfile

[1.12.1-7]
- Add support for ARM build

[1.12.1-6]
- Restore OL7 and bump release

[1.12.1-5]
- Add support for Oracle Linux 9

[1.12.1-4]
- build for kata-agent-1.12.1-4

kata-ksm-throttler
[1.12.1-9]
- Updated to address CVE-2023-44487 and CVE-2023-39325

[1.12.1-8]
- Bump release inline with other kata packages for fixing timestamp issue

[1.12.1-7]
- Add support for ARM build

[1.12.1-6]
- Bump releaase inline with others for reversion of removal of OL7.

[1.12.1-5]
- Add support for Oracle Linux 9

kata-proxy
[1.12.1-9]
- Updated to address CVE-2023-44487 and CVE-2023-39325

[1.12.1-8]
- Bump release inline with other kata packages for fixing timestamp issue

[1.12.1-7]
- Add support for ARM build

[1.12.1-6]
- Revert OL7 removal

[1.12.1-5]
- Add support for Oracle Linux 9

kata-runtime
[1.12.1-9]
- Updated to address CVE-2023-44487 and CVE-2023-39325

[1.12.1-8]
- Bump release inline with other kata packages for fixing timestamp issue

[1.12.1-7]
- Add support for ARM build

[1.12.1-6]
- Add OL9 support

[1.12.1-5]
- Updated qemu-kvm machine options to work with more versions of kvm_utils

kata-shim
[1.12.1-9]
- Updated to address CVE-2023-44487 and CVE-2023-39325

[1.12.1-8]
- Bump release inline with other kata packages for fixing timestamp issue

[1.12.1-7]
- Add support for ARM build

[1.12.1-6]
- Bump releaase inline with others for reversion of removal of OL7.

[1.12.1-5]
- Add support for Oracle Linux 9

kubernetes
kubernetes-cni
[1.0.1-3]
- Resolve CVE-2023-44487 and CVE-2023-39325

kubernetes-cni-plugins
[1.0.1-4]
- Resolve CVE-2023-44487 and CVE-2023-39325

olcne
[1.6.5-9]
- Mark container-registry as updatable

[1.6.5-9]
- update metallb 0.12.1 to address CVE-2023-44487 and CVE-2023-39325

[1.6.5-8]
- Update externalip-webhook 1.0.0-3 to address CVE-2023-44487, CVE-2023-39325

[1.6.5-7]
- Update multus-cni 3.9.3 to address CVE-2023-44487 and CVE-2023-39325

[1.6.5-6]
- Update rook-1.10.9 to address CVE-2023-44487, CVE-2023-39325

[1.6.5-5]
- Update Istio, Grafana, Prometheus, and Kubernetes-dashboard to address CVE's
- CVE-2023-44487
- CVE-2023-39325

[1.6.5-4]
- Update kubernetes and components to address golang CVE-2023-44487, CVE-2023-39325

[1.6.5-3]
- update configmap-registry to 1.28.0 to address CVE-2023-44487 and CVE-2023-39325

[1.6.5-2]
- Update kubevirt 0.58.0 to address CVE-2023-44487 and CVE-2023-39325

[1.6.5-1]
- Update calico image versions to address golang CVE-2023-44487, CVE-2023-39325

yq
[4.34.1-3]
- address CVE-2023-44487 and CVE-2023-3932A

[4.34.1-2]
- Add support for ARM build

Package	Affected Version
pkg:rpm/oraclelinux/yq?distro=oraclelinux-8	< 4.34.1-3.el8
pkg:rpm/oraclelinux/olcnectl?distro=oraclelinux-8	< 1.6.5-10.el8
pkg:rpm/oraclelinux/olcne-utils?distro=oraclelinux-8	< 1.6.5-10.el8
pkg:rpm/oraclelinux/olcne-prometheus-chart?distro=oraclelinux-8	< 1.6.5-10.el8
pkg:rpm/oraclelinux/olcne-olm-chart?distro=oraclelinux-8	< 1.6.5-10.el8
pkg:rpm/oraclelinux/olcne-oci-ccm-chart?distro=oraclelinux-8	< 1.6.5-10.el8
pkg:rpm/oraclelinux/olcne-nginx?distro=oraclelinux-8	< 1.6.5-10.el8
pkg:rpm/oraclelinux/olcne-multus-chart?distro=oraclelinux-8	< 1.6.5-10.el8
pkg:rpm/oraclelinux/olcne-metallb-chart?distro=oraclelinux-8	< 1.6.5-10.el8
pkg:rpm/oraclelinux/olcne-istio-chart?distro=oraclelinux-8	< 1.6.5-10.el8
pkg:rpm/oraclelinux/olcne-grafana-chart?distro=oraclelinux-8	< 1.6.5-10.el8
pkg:rpm/oraclelinux/olcne-gluster-chart?distro=oraclelinux-8	< 1.6.5-10.el8
pkg:rpm/oraclelinux/olcne-calico-chart?distro=oraclelinux-8	< 1.6.5-10.el8
pkg:rpm/oraclelinux/olcne-api-server?distro=oraclelinux-8	< 1.6.5-10.el8
pkg:rpm/oraclelinux/olcne-agent?distro=oraclelinux-8	< 1.6.5-10.el8
pkg:rpm/oraclelinux/kubernetes-cni?distro=oraclelinux-8	< 1.0.1-3.el8
pkg:rpm/oraclelinux/kubernetes-cni-plugins?distro=oraclelinux-8	< 1.0.1-4.el8
pkg:rpm/oraclelinux/kubelet?distro=oraclelinux-8	< 1.25.15-1.el8
pkg:rpm/oraclelinux/kubectl?distro=oraclelinux-8	< 1.25.15-1.el8
pkg:rpm/oraclelinux/kubeadm?distro=oraclelinux-8	< 1.25.15-1.el8
pkg:rpm/oraclelinux/kata?distro=oraclelinux-8	< 1.12.1-14.el8
pkg:rpm/oraclelinux/kata-shim?distro=oraclelinux-8	< 1.12.1-9.el8
pkg:rpm/oraclelinux/kata-runtime?distro=oraclelinux-8	< 1.12.1-9.el8
pkg:rpm/oraclelinux/kata-proxy?distro=oraclelinux-8	< 1.12.1-9.el8
pkg:rpm/oraclelinux/kata-ksm-throttler?distro=oraclelinux-8	< 1.12.1-9.el8
pkg:rpm/oraclelinux/kata-image	< 1.12.1-9.9.ol8_202311161805
pkg:rpm/oraclelinux/kata-agent?distro=oraclelinux-8	< 1.12.1-9.el8
pkg:rpm/oraclelinux/istio?distro=oraclelinux-8	< 1.16.7-2.el8
pkg:rpm/oraclelinux/istio-istioctl?distro=oraclelinux-8	< 1.16.7-2.el8
pkg:rpm/oraclelinux/helm?distro=oraclelinux-8	< 3.11.1-2.el8
pkg:rpm/oraclelinux/flannel-cni-plugin?distro=oraclelinux-8	< 1.0.1-3.el8
pkg:rpm/oraclelinux/etcd?distro=oraclelinux-8	< 3.5.9-2.el8
pkg:rpm/oraclelinux/cri-tools?distro=oraclelinux-8	< 1.25.0-2.el8
pkg:rpm/oraclelinux/cri-o?distro=oraclelinux-8	< 1.25.2-3.el8
pkg:rpm/oraclelinux/conmon?distro=oraclelinux-8	< 2.1.3-7.el8

ID

ELSA-2023-13028

Severity

important

URL

https://linux.oracle.com/errata/ELSA-2023-13028.html

Published

2023-12-07T00:00:00
(9 months ago)

Modified

2023-12-07T00:00:00
(9 months ago)

Rights

Copyright 2023 Oracle, Inc.

Other Advisories

Source	# ID	Name	URL
elsa	ELSA-2023-13028		https://linux.oracle.com/errata/ELSA-2023-13028.html
CVE	CVE-2023-39325		https://linux.oracle.com/cve/CVE-2023-39325.html
CVE	CVE-2023-44487		https://linux.oracle.com/cve/CVE-2023-44487.html

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:rpm/oraclelinux/yq?distro=oraclelinux-8	oraclelinux	yq	< 4.34.1-3.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/olcnectl?distro=oraclelinux-8	oraclelinux	olcnectl	< 1.6.5-10.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/olcne-utils?distro=oraclelinux-8	oraclelinux	olcne-utils	< 1.6.5-10.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/olcne-prometheus-chart?distro=oraclelinux-8	oraclelinux	olcne-prometheus-chart	< 1.6.5-10.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/olcne-olm-chart?distro=oraclelinux-8	oraclelinux	olcne-olm-chart	< 1.6.5-10.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/olcne-oci-ccm-chart?distro=oraclelinux-8	oraclelinux	olcne-oci-ccm-chart	< 1.6.5-10.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/olcne-nginx?distro=oraclelinux-8	oraclelinux	olcne-nginx	< 1.6.5-10.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/olcne-multus-chart?distro=oraclelinux-8	oraclelinux	olcne-multus-chart	< 1.6.5-10.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/olcne-metallb-chart?distro=oraclelinux-8	oraclelinux	olcne-metallb-chart	< 1.6.5-10.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/olcne-istio-chart?distro=oraclelinux-8	oraclelinux	olcne-istio-chart	< 1.6.5-10.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/olcne-grafana-chart?distro=oraclelinux-8	oraclelinux	olcne-grafana-chart	< 1.6.5-10.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/olcne-gluster-chart?distro=oraclelinux-8	oraclelinux	olcne-gluster-chart	< 1.6.5-10.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/olcne-calico-chart?distro=oraclelinux-8	oraclelinux	olcne-calico-chart	< 1.6.5-10.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/olcne-api-server?distro=oraclelinux-8	oraclelinux	olcne-api-server	< 1.6.5-10.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/olcne-agent?distro=oraclelinux-8	oraclelinux	olcne-agent	< 1.6.5-10.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/kubernetes-cni?distro=oraclelinux-8	oraclelinux	kubernetes-cni	< 1.0.1-3.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/kubernetes-cni-plugins?distro=oraclelinux-8	oraclelinux	kubernetes-cni-plugins	< 1.0.1-4.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/kubelet?distro=oraclelinux-8	oraclelinux	kubelet	< 1.25.15-1.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/kubectl?distro=oraclelinux-8	oraclelinux	kubectl	< 1.25.15-1.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/kubeadm?distro=oraclelinux-8	oraclelinux	kubeadm	< 1.25.15-1.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/kata?distro=oraclelinux-8	oraclelinux	kata	< 1.12.1-14.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/kata-shim?distro=oraclelinux-8	oraclelinux	kata-shim	< 1.12.1-9.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/kata-runtime?distro=oraclelinux-8	oraclelinux	kata-runtime	< 1.12.1-9.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/kata-proxy?distro=oraclelinux-8	oraclelinux	kata-proxy	< 1.12.1-9.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/kata-ksm-throttler?distro=oraclelinux-8	oraclelinux	kata-ksm-throttler	< 1.12.1-9.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/kata-image	oraclelinux	kata-image	< 1.12.1-9.9.ol8_202311161805
Affected	pkg:rpm/oraclelinux/kata-agent?distro=oraclelinux-8	oraclelinux	kata-agent	< 1.12.1-9.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/istio?distro=oraclelinux-8	oraclelinux	istio	< 1.16.7-2.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/istio-istioctl?distro=oraclelinux-8	oraclelinux	istio-istioctl	< 1.16.7-2.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/helm?distro=oraclelinux-8	oraclelinux	helm	< 3.11.1-2.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/flannel-cni-plugin?distro=oraclelinux-8	oraclelinux	flannel-cni-plugin	< 1.0.1-3.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/etcd?distro=oraclelinux-8	oraclelinux	etcd	< 3.5.9-2.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/cri-tools?distro=oraclelinux-8	oraclelinux	cri-tools	< 1.25.0-2.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/cri-o?distro=oraclelinux-8	oraclelinux	cri-o	< 1.25.2-3.el8	oraclelinux-8
Affected	pkg:rpm/oraclelinux/conmon?distro=oraclelinux-8	oraclelinux	conmon	< 2.1.3-7.el8	oraclelinux-8

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date