[ELSA-2024-12225] conmon security update
conmon
[2.1.3-8]
- address CVE-2023-39326
cri-o
[1.26.4-1]
- Added Oracle Specific Files for cri-o
- Cherry-picked upstream commits for OCPBUGS-17150: oci: simplify stopping code https://github.com/cri-o/cri-o/pull/7185
- Fixed CVE-2023-39325: bump golang.org/x/net to v0.17.0
cri-tools
[1.26.1-4]
- Address CVE-2023-39326
etcd
[3.5.9-3]
- Address CVE-2023-39326 by upgrading golang to version 1.20.12
flannel-cni-plugin
[1.2.0-3]
- Build for aarch64
[1.2.0-2]
- Rebuild with golang 1.20.12
[1.2.0-1]
- Added Oracle specific build files for Flannel CNI Plugins
- Address CVE-2023-44487 and CVE-2023-39325
helm
[3.12.0-4]
- address CVE-2023-39326 by updating golang version to 1.20.12
istio
[1.17.8-2]
- Address CVE-2023-39326
kata
[1.12.1-17]
- Include OL9 for kernel-uek-container (currently in UEKR7_developer_preview)
[1.12.1-16]
- Rebuild with golang 1.20.12
[1.12.1-15]
- Updated for kubernetes 1.27 and 1.28
kata-agent
[1.12.1-11]
- Rebuild with -11 tag
[1.12.1-10]
- Updated Golang to 1.20.12 to address CVE CVE-2023-39326
kata-image
[1.12.1-11]
- Rebuild with -11 tag
[1.12.1-10]
- Updated Golang to 1.20.12 to address CVE CVE-2023-39326
kata-ksm-throttler
[1.12.1-11]
- Rebuild with -11 tag
[1.12.1-10]
- Updated Golang to 1.20.12 to address CVE CVE-2023-39326
kata-proxy
[1.12.1-11]
- Rebuild with -11 tag
[1.12.1-10]
- Updated Golang to 1.20.12 to address CVE CVE-2023-39326
kata-runtime
[1.12.1-11]
- Rebuild with -11 tag
[1.12.1-10]
- Updated Golang to 1.20.12 to address CVE CVE-2023-39326
kata-shim
[1.12.1-11]
- Rebuild with -11 tag
[1.12.1-10]
- Updated Golang to 1.20.12 to address CVE CVE-2023-39326
kubernetes
[1.26.10-3]
- Build with golang 1.20.12
kubernetes-cni
[1.1.2-4]
- Address CVE-2023-39326, update golang version to 1.20.12
kubernetes-cni-plugins
[1.2.0-6]
- Rebuild with golang 1.20.12
[1.2.0-5]
- update flannel-cni-plugin to 1.2.0
kubevirt
[0.58.0-5]
- Updated to address CVE-2023-39326
olcne
[1.7.6-5]
- Fix OLM upgrade failure
[1.7.6-4]
- Fixed unable to deploy new module(s) using config file containing already existing modules
[1.7.6-2]
- Corrected olcne repo version in the prompt text of the 'olcnectl provision' command
[1.7.6-1]
- Update kubernetes and components to address golang CVE-2023-39326
- Update istio and components to address golang CVE-2023-39326
- Update metallb, multus-cni, kubevirt, module-operator, calico, rook to address golang CVE-2023-39326
- Update cri-o to 1.26-4 patched
- add conmon resource to kubernetes module
[1.7.5-22]
- Fix OLM upgrade failure - same version upgrade
[1.7.5-21]
- Migrate ModuleOperator from verrazzano-install to ocne-modules namespace
[1.7.5-20]
- Update module-operator to address CVE-2023-39326
[1.7.5-19]
- Updated kubevirt 0.58.0 to address CVE-2023-39326
[1.7.5-18]
- Back port rebuild of calico 3.25.1
yq
[4.34.1-4]
- Update Golang to 1.20.12 to address CVE-2023-39326
- ID
- ELSA-2024-12225
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2024-12225.html
- Published
-
2024-03-18T00:00:00
(6 months ago) - Modified
-
2024-03-18T00:00:00
(6 months ago) - Rights
- Copyright 2024 Oracle, Inc.
- Other Advisories
-
-
ALAS-2024-1903
-
ALAS-2024-1920
-
ALAS2-2024-2388
-
ALAS2-2024-2424
-
ALAS2-2024-2446
-
ALAS2-2024-2458
-
ALAS2-2024-2543
-
ALAS2-2024-2556
-
ALAS2-2024-2618
-
ALPINE:CVE-2023-39326
-
ALSA-2024:0748
-
ALSA-2024:0887
-
ALSA-2024:1131
-
ALSA-2024:1149
-
ALSA-2024:2160
-
ALSA-2024:2193
-
ALSA-2024:2245
-
ALSA-2024:2272
-
ELSA-2024-0887
-
ELSA-2024-1131
-
ELSA-2024-1149
-
ELSA-2024-12189
-
ELSA-2024-12190
-
ELSA-2024-12191
-
ELSA-2024-12226
-
ELSA-2024-12261
-
ELSA-2024-12262
-
ELSA-2024-12263
-
ELSA-2024-12264
-
ELSA-2024-2193
-
ELSA-2024-2245
-
ELSA-2024-2272
-
ELSA-2024-2988
-
FEDORA-2024-193547def8
-
GLSA-202408-07
-
GO-2023-2382
-
RHSA-2024:0748
-
RHSA-2024:0887
-
RHSA-2024:1131
-
RHSA-2024:1149
-
RHSA-2024:1244
-
RHSA-2024:2160
-
RHSA-2024:2193
-
RHSA-2024:2245
-
RHSA-2024:2272
-
RHSA-2024:2988
-
SUSE-SU-2023:4708-1
-
SUSE-SU-2023:4709-1
-
SUSE-SU-2023:4930-1
-
SUSE-SU-2023:4931-1
-
USN-6574-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2024-12225 |
|
|
| CVE | CVE-2023-39326 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/yq?distro=oraclelinux-9 | oraclelinux |
 yq
|
< 4.34.1-4.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/virtctl?distro=oraclelinux-9 | oraclelinux |
virtctl
|
< 0.58.0-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcnectl?distro=oraclelinux-9 | oraclelinux |
olcnectl
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcne-utils?distro=oraclelinux-9 | oraclelinux |
olcne-utils
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcne-rook-chart?distro=oraclelinux-9 | oraclelinux |
olcne-rook-chart
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcne-prometheus-chart?distro=oraclelinux-9 | oraclelinux |
olcne-prometheus-chart
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcne-olm-chart?distro=oraclelinux-9 | oraclelinux |
olcne-olm-chart
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcne-oci-ccm-chart?distro=oraclelinux-9 | oraclelinux |
olcne-oci-ccm-chart
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcne-nginx?distro=oraclelinux-9 | oraclelinux |
olcne-nginx
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcne-multus-chart?distro=oraclelinux-9 | oraclelinux |
olcne-multus-chart
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcne-metallb-chart?distro=oraclelinux-9 | oraclelinux |
olcne-metallb-chart
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcne-kubevirt-chart?distro=oraclelinux-9 | oraclelinux |
olcne-kubevirt-chart
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcne-istio-chart?distro=oraclelinux-9 | oraclelinux |
olcne-istio-chart
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcne-grafana-chart?distro=oraclelinux-9 | oraclelinux |
olcne-grafana-chart
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcne-gluster-chart?distro=oraclelinux-9 | oraclelinux |
olcne-gluster-chart
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcne-calico-chart?distro=oraclelinux-9 | oraclelinux |
olcne-calico-chart
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcne-api-server?distro=oraclelinux-9 | oraclelinux |
olcne-api-server
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/olcne-agent?distro=oraclelinux-9 | oraclelinux |
olcne-agent
|
< 1.7.6-5.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kubernetes-cni?distro=oraclelinux-9 | oraclelinux |
kubernetes-cni
|
< 1.1.2-4.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kubernetes-cni-plugins?distro=oraclelinux-9 | oraclelinux |
kubernetes-cni-plugins
|
< 1.2.0-6.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kubelet?distro=oraclelinux-9 | oraclelinux |
kubelet
|
< 1.26.10-3.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kubectl?distro=oraclelinux-9 | oraclelinux |
kubectl
|
< 1.26.10-3.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kubeadm?distro=oraclelinux-9 | oraclelinux |
kubeadm
|
< 1.26.10-3.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kata?distro=oraclelinux-9 | oraclelinux |
kata
|
< 1.12.1-17.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kata-shim?distro=oraclelinux-9 | oraclelinux |
kata-shim
|
< 1.12.1-11.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kata-runtime?distro=oraclelinux-9 | oraclelinux |
kata-runtime
|
< 1.12.1-11.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kata-proxy?distro=oraclelinux-9 | oraclelinux |
kata-proxy
|
< 1.12.1-11.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kata-ksm-throttler?distro=oraclelinux-9 | oraclelinux |
kata-ksm-throttler
|
< 1.12.1-11.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kata-image | oraclelinux |
kata-image
|
< 1.12.1-11.11.ol9_202312212316 | |||
| Affected | pkg:rpm/oraclelinux/kata-agent?distro=oraclelinux-9 | oraclelinux |
kata-agent
|
< 1.12.1-11.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/istio?distro=oraclelinux-9 | oraclelinux |
istio
|
< 1.17.8-2.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/istio-istioctl?distro=oraclelinux-9 | oraclelinux |
istio-istioctl
|
< 1.17.8-2.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/helm?distro=oraclelinux-9 | oraclelinux |
helm
|
< 3.12.0-4.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/flannel-cni-plugin?distro=oraclelinux-9 | oraclelinux |
flannel-cni-plugin
|
< 1.2.0-3.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/etcd?distro=oraclelinux-9 | oraclelinux |
etcd
|
< 3.5.9-3.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/cri-tools?distro=oraclelinux-9 | oraclelinux |
cri-tools
|
< 1.26.1-4.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/cri-o?distro=oraclelinux-9 | oraclelinux |
cri-o
|
< 1.26.4-1.el9 | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/conmon?distro=oraclelinux-9 | oraclelinux |
conmon
|
< 2.1.3-8.el9 | oraclelinux-9 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |