[ELSA-2024-12225] conmon security update
conmon
[2.1.3-8]
- address CVE-2023-39326
cri-o
[1.26.4-1]
- Added Oracle Specific Files for cri-o
- Cherry-picked upstream commits for OCPBUGS-17150: oci: simplify stopping code https://github.com/cri-o/cri-o/pull/7185
- Fixed CVE-2023-39325: bump golang.org/x/net to v0.17.0
cri-tools
[1.26.1-4]
- Address CVE-2023-39326
etcd
[3.5.9-3]
- Address CVE-2023-39326 by upgrading golang to version 1.20.12
flannel-cni-plugin
[1.2.0-3]
- Build for aarch64
[1.2.0-2]
- Rebuild with golang 1.20.12
[1.2.0-1]
- Added Oracle specific build files for Flannel CNI Plugins
- Address CVE-2023-44487 and CVE-2023-39325
helm
[3.12.0-4]
- address CVE-2023-39326 by updating golang version to 1.20.12
istio
[1.17.8-2]
- Address CVE-2023-39326
kata
[1.12.1-17]
- Include OL9 for kernel-uek-container (currently in UEKR7_developer_preview)
[1.12.1-16]
- Rebuild with golang 1.20.12
[1.12.1-15]
- Updated for kubernetes 1.27 and 1.28
kata-agent
[1.12.1-11]
- Rebuild with -11 tag
[1.12.1-10]
- Updated Golang to 1.20.12 to address CVE CVE-2023-39326
kata-image
[1.12.1-11]
- Rebuild with -11 tag
[1.12.1-10]
- Updated Golang to 1.20.12 to address CVE CVE-2023-39326
kata-ksm-throttler
[1.12.1-11]
- Rebuild with -11 tag
[1.12.1-10]
- Updated Golang to 1.20.12 to address CVE CVE-2023-39326
kata-proxy
[1.12.1-11]
- Rebuild with -11 tag
[1.12.1-10]
- Updated Golang to 1.20.12 to address CVE CVE-2023-39326
kata-runtime
[1.12.1-11]
- Rebuild with -11 tag
[1.12.1-10]
- Updated Golang to 1.20.12 to address CVE CVE-2023-39326
kata-shim
[1.12.1-11]
- Rebuild with -11 tag
[1.12.1-10]
- Updated Golang to 1.20.12 to address CVE CVE-2023-39326
kubernetes
[1.26.10-3]
- Build with golang 1.20.12
kubernetes-cni
[1.1.2-4]
- Address CVE-2023-39326, update golang version to 1.20.12
kubernetes-cni-plugins
[1.2.0-6]
- Rebuild with golang 1.20.12
[1.2.0-5]
- update flannel-cni-plugin to 1.2.0
kubevirt
[0.58.0-5]
- Updated to address CVE-2023-39326
olcne
[1.7.6-5]
- Fix OLM upgrade failure
[1.7.6-4]
- Fixed unable to deploy new module(s) using config file containing already existing modules
[1.7.6-2]
- Corrected olcne repo version in the prompt text of the 'olcnectl provision' command
[1.7.6-1]
- Update kubernetes and components to address golang CVE-2023-39326
- Update istio and components to address golang CVE-2023-39326
- Update metallb, multus-cni, kubevirt, module-operator, calico, rook to address golang CVE-2023-39326
- Update cri-o to 1.26-4 patched
- add conmon resource to kubernetes module
[1.7.5-22]
- Fix OLM upgrade failure - same version upgrade
[1.7.5-21]
- Migrate ModuleOperator from verrazzano-install to ocne-modules namespace
[1.7.5-20]
- Update module-operator to address CVE-2023-39326
[1.7.5-19]
- Updated kubevirt 0.58.0 to address CVE-2023-39326
[1.7.5-18]
- Back port rebuild of calico 3.25.1
yq
[4.34.1-4]
- Update Golang to 1.20.12 to address CVE-2023-39326
- ID
- ELSA-2024-12225
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2024-12225.html
- Published
-
2024-03-18T00:00:00
(6 months ago) - Modified
-
2024-03-18T00:00:00
(6 months ago) - Rights
- Copyright 2024 Oracle, Inc.
- Other Advisories
-
- ALAS-2024-1903
- ALAS-2024-1920
- ALAS2-2024-2388
- ALAS2-2024-2424
- ALAS2-2024-2446
- ALAS2-2024-2458
- ALAS2-2024-2543
- ALAS2-2024-2556
- ALAS2-2024-2618
- ALPINE:CVE-2023-39326
- ALSA-2024:0748
- ALSA-2024:0887
- ALSA-2024:1131
- ALSA-2024:1149
- ALSA-2024:2160
- ALSA-2024:2193
- ALSA-2024:2245
- ALSA-2024:2272
- ELSA-2024-0887
- ELSA-2024-1131
- ELSA-2024-1149
- ELSA-2024-12189
- ELSA-2024-12190
- ELSA-2024-12191
- ELSA-2024-12226
- ELSA-2024-12261
- ELSA-2024-12262
- ELSA-2024-12263
- ELSA-2024-12264
- ELSA-2024-2193
- ELSA-2024-2245
- ELSA-2024-2272
- ELSA-2024-2988
- FEDORA-2024-193547def8
- GLSA-202408-07
- GO-2023-2382
- RHSA-2024:0748
- RHSA-2024:0887
- RHSA-2024:1131
- RHSA-2024:1149
- RHSA-2024:1244
- RHSA-2024:2160
- RHSA-2024:2193
- RHSA-2024:2245
- RHSA-2024:2272
- RHSA-2024:2988
- SUSE-SU-2023:4708-1
- SUSE-SU-2023:4709-1
- SUSE-SU-2023:4930-1
- SUSE-SU-2023:4931-1
- USN-6574-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2024-12225 | https://linux.oracle.com/errata/ELSA-2024-12225.html | |
CVE | CVE-2023-39326 | https://linux.oracle.com/cve/CVE-2023-39326.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/yq?distro=oraclelinux-9 | oraclelinux | yq | < 4.34.1-4.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/virtctl?distro=oraclelinux-9 | oraclelinux | virtctl | < 0.58.0-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcnectl?distro=oraclelinux-9 | oraclelinux | olcnectl | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-utils?distro=oraclelinux-9 | oraclelinux | olcne-utils | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-rook-chart?distro=oraclelinux-9 | oraclelinux | olcne-rook-chart | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-prometheus-chart?distro=oraclelinux-9 | oraclelinux | olcne-prometheus-chart | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-olm-chart?distro=oraclelinux-9 | oraclelinux | olcne-olm-chart | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-oci-ccm-chart?distro=oraclelinux-9 | oraclelinux | olcne-oci-ccm-chart | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-nginx?distro=oraclelinux-9 | oraclelinux | olcne-nginx | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-multus-chart?distro=oraclelinux-9 | oraclelinux | olcne-multus-chart | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-metallb-chart?distro=oraclelinux-9 | oraclelinux | olcne-metallb-chart | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-kubevirt-chart?distro=oraclelinux-9 | oraclelinux | olcne-kubevirt-chart | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-istio-chart?distro=oraclelinux-9 | oraclelinux | olcne-istio-chart | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-grafana-chart?distro=oraclelinux-9 | oraclelinux | olcne-grafana-chart | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-gluster-chart?distro=oraclelinux-9 | oraclelinux | olcne-gluster-chart | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-calico-chart?distro=oraclelinux-9 | oraclelinux | olcne-calico-chart | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-api-server?distro=oraclelinux-9 | oraclelinux | olcne-api-server | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/olcne-agent?distro=oraclelinux-9 | oraclelinux | olcne-agent | < 1.7.6-5.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/kubernetes-cni?distro=oraclelinux-9 | oraclelinux | kubernetes-cni | < 1.1.2-4.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/kubernetes-cni-plugins?distro=oraclelinux-9 | oraclelinux | kubernetes-cni-plugins | < 1.2.0-6.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/kubelet?distro=oraclelinux-9 | oraclelinux | kubelet | < 1.26.10-3.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/kubectl?distro=oraclelinux-9 | oraclelinux | kubectl | < 1.26.10-3.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/kubeadm?distro=oraclelinux-9 | oraclelinux | kubeadm | < 1.26.10-3.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/kata?distro=oraclelinux-9 | oraclelinux | kata | < 1.12.1-17.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/kata-shim?distro=oraclelinux-9 | oraclelinux | kata-shim | < 1.12.1-11.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/kata-runtime?distro=oraclelinux-9 | oraclelinux | kata-runtime | < 1.12.1-11.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/kata-proxy?distro=oraclelinux-9 | oraclelinux | kata-proxy | < 1.12.1-11.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/kata-ksm-throttler?distro=oraclelinux-9 | oraclelinux | kata-ksm-throttler | < 1.12.1-11.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/kata-image | oraclelinux | kata-image | < 1.12.1-11.11.ol9_202312212316 | |||
Affected | pkg:rpm/oraclelinux/kata-agent?distro=oraclelinux-9 | oraclelinux | kata-agent | < 1.12.1-11.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/istio?distro=oraclelinux-9 | oraclelinux | istio | < 1.17.8-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/istio-istioctl?distro=oraclelinux-9 | oraclelinux | istio-istioctl | < 1.17.8-2.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/helm?distro=oraclelinux-9 | oraclelinux | helm | < 3.12.0-4.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/flannel-cni-plugin?distro=oraclelinux-9 | oraclelinux | flannel-cni-plugin | < 1.2.0-3.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/etcd?distro=oraclelinux-9 | oraclelinux | etcd | < 3.5.9-3.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/cri-tools?distro=oraclelinux-9 | oraclelinux | cri-tools | < 1.26.1-4.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/cri-o?distro=oraclelinux-9 | oraclelinux | cri-o | < 1.26.4-1.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/conmon?distro=oraclelinux-9 | oraclelinux | conmon | < 2.1.3-8.el9 | oraclelinux-9 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |