[El-errata] ELSA-2020-5827 Important: Oracle Linux Cloud Native Environment 1.1 security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Mon Aug 31 15:38:46 PDT 2020
Oracle Linux Cloud Native Environment Security Advisory ELSA-2020-5827
http://linux.oracle.com/errata/ELSA-2020-5827.html
The following updated rpms for Oracle Linux Cloud Native Environment 1.1
have been uploaded to the Unbreakable Linux Network:
x86_64:
olcnectl-1.1.5-2.el7.x86_64.rpm
olcne-utils-1.1.5-2.el7.x86_64.rpm
olcne-nginx-1.1.5-2.el7.x86_64.rpm
olcne-api-server-1.1.5-2.el7.x86_64.rpm
olcne-agent-1.1.5-2.el7.x86_64.rpm
olcne-prometheus-chart-1.1.5-2.el7.x86_64.rpm
olcne-istio-chart-1.1.5-2.el7.x86_64.rpm
conmon-2.0.10-3.el7.x86_64.rpm
coredns-1.6.5-1.0.3.el7.x86_64.rpm
cri-o-1.17.0-1.0.5.el7.x86_64.rpm
cri-tools-1.17.0-1.0.2.el7.x86_64.rpm
etcd-3.4.3-1.0.2.el7.x86_64.rpm
flannel-0.10.0-2.1.12.el7.x86_64.rpm
grafana-6.7.4-1.0.2.el7.x86_64.rpm
helm-3.1.1-1.0.2.el7.x86_64.rpm
istio-1.4.10-1.0.2.el7.x86_64.rpm
istio-pilot-discovery-1.4.10-1.0.2.el7.x86_64.rpm
istio-pilot-agent-1.4.10-1.0.2.el7.x86_64.rpm
istio-proxy-init-1.4.10-1.0.2.el7.x86_64.rpm
istio-istioctl-1.4.10-1.0.2.el7.x86_64.rpm
istio-sidecar-injector-1.4.10-1.0.2.el7.x86_64.rpm
istio-mixs-1.4.10-1.0.2.el7.x86_64.rpm
istio-mixc-1.4.10-1.0.2.el7.x86_64.rpm
istio-citadel-1.4.10-1.0.2.el7.x86_64.rpm
istio-galley-1.4.10-1.0.2.el7.x86_64.rpm
istio-node-agent-1.4.10-1.0.2.el7.x86_64.rpm
kata-1.7.3-1.0.9.el7.x86_64.rpm
kata-agent-1.7.3-1.0.6.el7.x86_64.rpm
kata-image-1.7.3-1.0.6.1.ol7_202008171204.x86_64.rpm
kata-ksm-throttler-1.7.3-1.0.5.el7.x86_64.rpm
kata-proxy-1.7.3-1.0.5.el7.x86_64.rpm
kata-runtime-1.7.3-1.0.6.el7.x86_64.rpm
kata-shim-1.7.3-1.0.5.el7.x86_64.rpm
kubelet-1.17.9-1.0.5.el7.x86_64.rpm
kubeadm-1.17.9-1.0.5.el7.x86_64.rpm
kubectl-1.17.9-1.0.5.el7.x86_64.rpm
kubernetes-cni-0.7.1-1.0.3.el7.x86_64.rpm
kubernetes-cni-plugins-0.8.6-1.0.3.el7.x86_64.rpm
kubernetes-dashboard-2.0.0-1.0.2.el7.x86_64.rpm
prometheus-2.13.1-1.0.3.el7.x86_64.rpm
yq-2.4.0-1.0.5.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/olcne-1.1.5-2.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/conmon-2.0.10-3.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/coredns-1.6.5-1.0.3.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/cri-o-1.17.0-1.0.5.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/cri-tools-1.17.0-1.0.2.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/etcd-3.4.3-1.0.2.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/flannel-0.10.0-2.1.12.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/grafana-6.7.4-1.0.2.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/helm-3.1.1-1.0.2.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/istio-1.4.10-1.0.2.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kata-1.7.3-1.0.9.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kata-agent-1.7.3-1.0.6.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kata-image-1.7.3-1.0.6.1.ol7_202008171204.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kata-ksm-throttler-1.7.3-1.0.5.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kata-proxy-1.7.3-1.0.5.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kata-runtime-1.7.3-1.0.6.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kata-shim-1.7.3-1.0.5.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kubernetes-1.17.9-1.0.5.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kubernetes-cni-0.7.1-1.0.3.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kubernetes-cni-plugins-0.8.6-1.0.3.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kubernetes-dashboard-2.0.0-1.0.2.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/prometheus-2.13.1-1.0.3.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/yq-2.4.0-1.0.5.el7.src.rpm
container_images:
container-registry.oracle.com/olcne/coredns:1.6.5-1
container-registry.oracle.com/olcne/etcd:3.4.3-1
container-registry.oracle.com/olcne/flannel:v0.10.0-2
container-registry.oracle.com/olcne/citadel:1.4.10-1
container-registry.oracle.com/olcne/mixer:1.4.10-1
container-registry.oracle.com/olcne/sidecar_injector:1.4.10-1
container-registry.oracle.com/olcne/galley:1.4.10-1
container-registry.oracle.com/olcne/pilot:1.4.10-1
container-registry.oracle.com/olcne/proxyv2:1.4.10-1
container-registry.oracle.com/olcne/proxy_init:1.4.10-1
container-registry.oracle.com/olcne/istio_kubectl:1.4.10-1
container-registry.oracle.com/olcne/kube-proxy:v1.17.9-1
container-registry.oracle.com/olcne/kube-apiserver:v1.17.9-1
container-registry.oracle.com/olcne/kube-scheduler:v1.17.9-1
container-registry.oracle.com/olcne/kube-controller-manager:v1.17.9-1
container-registry.oracle.com/olcne/kubernetes-dashboard:v2.0.0-1
container-registry.oracle.com/olcne/prometheus:v2.13.1-1
container-registry.oracle.com/olcne/grafana:v6.7.4-1
Description of changes:
olcne
[1.1.5-2]
- kubernetes pod subnet flag not honored in flannel configuration
[1.1.5-1]
- Address CVE-2020-16845
conmon
[2.0.10-3]
- Address CVE-2020-16845
coredns
[1.6.5-1.0.3]
- Address CVE-2020-16845
cri-o
[1.17.0-1.0.5]
- Address CVE-2020-16845
cri-tools
[1.17.0-1.0.2]
- Address CVE-2020-16845
[1.17.0-1.0.1]
- Added Oracle Specific Build Files for cri-tools
etcd
[3.4.3-1.0.2]
- Address CVE-2020-16845
flannel
[0.10.0-2.1.12]
- Address CVE-2020-16845
[0.10.0-2.1.11]
- Resize flannel image
[0.10.0-2.1.10]
- Fix image location
grafana
[6.7.4-1.0.2]
- Address CVE-2020-16845
helm
[3.1.1-1.0.2]
- Address CVE-2020-16845
istio
[1.4.10-1.0.2]
- CVE-2020-16845
encoding/binary: ReadUvarint and ReadVarint can read an unlimited number
of bytes from invalid inputs
kata
[1.7.3-1.0.9]
- Address CVE-2020-16845
kata-agent
[1.7.3-1.0.6]
- Address CVE-2020-16845
kata-image
[1.7.3-1.0.6.1]
- Address CVE-2020-16845
kata-ksm-throttler
[1.7.3-1.0.5]
- Address CVE-2020-16845
kata-proxy
[1.7.3-1.0.5]
- Address CVE-2020-16845
kata-runtime
[1.7.3-1.0.6]
- Address CVE-2020-16845
kata-shim
[1.7.3-1.0.5]
- Address CVE-2020-16845
kubernetes
[1.17.9-1.0.5]
- Pin min version of components
[1.17.9-1.0.4]
- Address CVE-2020-16845
kubernetes-cni
[0.7.1-1.0.3]
- Pin min version of cni-plugins
[0.7.1-1.0.2]
- Address CVE-2020-16845
kubernetes-cni-plugins
[0.8.6-1.0.3]
- Address CVE-2020-16845
kubernetes-dashboard
[2.0.0-1.0.2]
- Address CVE-2020-16845
prometheus
[2.13.1-1.0.3]
- Address CVE-2020-16845
yq
[2.4.0-1.0.5]
- Address CVE-2020-16845
container-registry.oracle.com/olcne/coredns:1.6.5-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/etcd:3.4.3-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/flannel:v0.10.0-2
- Address CVE-2020-16845
container-registry.oracle.com/olcne/citadel:1.4.10-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/mixer:1.4.10-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/sidecar_injector:1.4.10-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/galley:1.4.10-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/pilot:1.4.10-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/proxyv2:1.4.10-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/proxy_init:1.4.10-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/istio_kubectl:1.4.10-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/kube-proxy:v1.17.9-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/kube-apiserver:v1.17.9-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/kube-scheduler:v1.17.9-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/kube-controller-manager:v1.17.9-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/kubernetes-dashboard:v2.0.0-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/prometheus:v2.13.1-1
- Address CVE-2020-16845
container-registry.oracle.com/olcne/grafana:v6.7.4-1
- Address CVE-2020-16845
More information about the El-errata
mailing list