[ELSA-2024-12328] cri-o security update
Severity
Important
Affected Packages
22
CVEs
2
cri-o
[1.25.5-2]
- Address CVE-2024-24786
cri-tools
[1.25.0-4]
- Address CVE-2024-24786
etcd
[3.5.9-4]
- Address protobuf [CVE-2024-24786]
[3.5.9-3]
- Address CVE-2023-39326 by upgrading golang to version 1.20.12
istio
[1.16.7-4]
- Address protobuf [CVE-2024-24786]
- Backport from 1.19.7 to address CVE-2024-23322, CVE-2024-23323, CVE-2024-23324, CVE-2024-23325, CVE-2024-23327
kubernetes
[1.25.16-2]
- Fixed CoreDNS version check
[1.25.16-1]
- Added Oracle specific build files for Kubernetes
olcne
[1.6.7-3]
- Fixed unable to deploy new module(s) using config file containing already existing modules
- Update Istio-1.16.7 to address CVE-2024-24786, CVE-2024-23322, CVE-2024-23323, CVE-2024-23324, CVE-2024-23325, CVE-2024-23327
- ID
- ELSA-2024-12328
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2024-12328.html
- Published
-
2024-04-16T00:00:00
(4 months ago) - Modified
-
2024-04-16T00:00:00
(4 months ago) - Rights
- Copyright 2024 Oracle, Inc.
- Other Advisories
-
- ALAS2-2024-2550
- ALAS2-2024-2568
- ALAS2-2024-2618
- ALPINE:CVE-2024-24786
- ALSA-2024:2548
- ALSA-2024:2549
- ALSA-2024:2550
- ALSA-2024:3254
- ALSA-2024:4246
- ELSA-2024-12329
- ELSA-2024-12347
- ELSA-2024-12348
- ELSA-2024-2548
- ELSA-2024-2549
- ELSA-2024-2550
- ELSA-2024-3254
- ELSA-2024-4246
- FEDORA-2024-5bae6c0ea7
- GLSA-202407-12
- GLSA-202407-25
- GO-2024-2611
- RHSA-2024:1874
- RHSA-2024:2548
- RHSA-2024:2549
- RHSA-2024:2550
- RHSA-2024:3254
- RHSA-2024:4246
- RLSA-2024:2548
- RLSA-2024:2549
- RLSA-2024:2550
- SUSE-SU-2024:2031-1
- SUSE-SU-2024:2050-1
- SUSE-SU-2024:2050-2
- SUSE-SU-2024:2090-1
- SUSE-SU-2024:3094-1
- SUSE-SU-2024:3097-1
- SUSE-SU-2024:3098-1
- SUSE-SU-2024:3120-1
- USN-6746-1
- USN-6746-2
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2024-12328 | https://linux.oracle.com/errata/ELSA-2024-12328.html | |
CVE | CVE-2024-24786 | https://linux.oracle.com/cve/CVE-2024-24786.html | |
CVE | CVE-2024-23327 | https://linux.oracle.com/cve/CVE-2024-23327.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/olcnectl?distro=oraclelinux-8 | oraclelinux | olcnectl | < 1.6.7-3.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/olcne-utils?distro=oraclelinux-8 | oraclelinux | olcne-utils | < 1.6.7-3.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/olcne-prometheus-chart?distro=oraclelinux-8 | oraclelinux | olcne-prometheus-chart | < 1.6.7-3.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/olcne-olm-chart?distro=oraclelinux-8 | oraclelinux | olcne-olm-chart | < 1.6.7-3.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/olcne-oci-ccm-chart?distro=oraclelinux-8 | oraclelinux | olcne-oci-ccm-chart | < 1.6.7-3.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/olcne-nginx?distro=oraclelinux-8 | oraclelinux | olcne-nginx | < 1.6.7-3.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/olcne-multus-chart?distro=oraclelinux-8 | oraclelinux | olcne-multus-chart | < 1.6.7-3.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/olcne-metallb-chart?distro=oraclelinux-8 | oraclelinux | olcne-metallb-chart | < 1.6.7-3.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/olcne-istio-chart?distro=oraclelinux-8 | oraclelinux | olcne-istio-chart | < 1.6.7-3.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/olcne-grafana-chart?distro=oraclelinux-8 | oraclelinux | olcne-grafana-chart | < 1.6.7-3.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/olcne-gluster-chart?distro=oraclelinux-8 | oraclelinux | olcne-gluster-chart | < 1.6.7-3.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/olcne-calico-chart?distro=oraclelinux-8 | oraclelinux | olcne-calico-chart | < 1.6.7-3.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/olcne-api-server?distro=oraclelinux-8 | oraclelinux | olcne-api-server | < 1.6.7-3.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/olcne-agent?distro=oraclelinux-8 | oraclelinux | olcne-agent | < 1.6.7-3.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/kubelet?distro=oraclelinux-8 | oraclelinux | kubelet | < 1.25.16-2.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/kubectl?distro=oraclelinux-8 | oraclelinux | kubectl | < 1.25.16-2.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/kubeadm?distro=oraclelinux-8 | oraclelinux | kubeadm | < 1.25.16-2.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/istio?distro=oraclelinux-8 | oraclelinux | istio | < 1.16.7-4.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/istio-istioctl?distro=oraclelinux-8 | oraclelinux | istio-istioctl | < 1.16.7-4.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/etcd?distro=oraclelinux-8 | oraclelinux | etcd | < 3.5.9-4.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/cri-tools?distro=oraclelinux-8 | oraclelinux | cri-tools | < 1.25.0-4.el8 | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/cri-o?distro=oraclelinux-8 | oraclelinux | cri-o | < 1.25.5-2.el8 | oraclelinux-8 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |