[El-errata] ELSA-2021-9029 Important: Oracle Linux Cloud Native Environment 1.1 olcne security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Feb 11 06:59:59 PST 2021


Oracle Linux Cloud Native Environment Security Advisory ELSA-2021-9029

http://linux.oracle.com/errata/ELSA-2021-9029.html

The following updated rpms for Oracle Linux Cloud Native Environment 1.1 
have been uploaded to the Unbreakable Linux Network:

x86_64:
kata-runtime-1.7.3-1.0.7.el7.x86_64.rpm
kata-1.7.3-1.0.12.el7.x86_64.rpm
kubelet-1.17.9-1.0.6.el7.x86_64.rpm
kubeadm-1.17.9-1.0.6.el7.x86_64.rpm
kubectl-1.17.9-1.0.6.el7.x86_64.rpm
olcnectl-1.1.10-1.el7.x86_64.rpm
olcne-utils-1.1.10-1.el7.x86_64.rpm
olcne-nginx-1.1.10-1.el7.x86_64.rpm
olcne-api-server-1.1.10-1.el7.x86_64.rpm
olcne-agent-1.1.10-1.el7.x86_64.rpm
olcne-prometheus-chart-1.1.10-1.el7.x86_64.rpm
olcne-istio-chart-1.1.10-1.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kata-runtime-1.7.3-1.0.7.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kata-1.7.3-1.0.12.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/kubernetes-1.17.9-1.0.6.el7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/olcne-1.1.10-1.el7.src.rpm

container_images:
container-registry.oracle.com/olcne/externalip-webhook:v1.0.0


Description of changes:

kata-runtime
[1.7.3-1.0.7]
- Address CVE-2020-28914

kata
[1.7.3-1.0.12]
- UEKR6 guest kernel support

[1.7.3-1.0.11]
- Address CVE-2020-28914

kubernetes
[1.17.9-1.0.6]
- Kata CVE-2020-28914

olcne
[1.1.10-1]
- Address CVE-2020-28914: An improper file permissions vulnerability 
affects Kata Containers prior to 1.11.5

[1.1.9-1]
- Enhance the Kubernetes module to restrict the usage of external IPs
- Address CVE-2020-8554: man-in-the-middle vulnerability using 
Kubernetes service External IPs


container-registry.oracle.com/olcne/externalip-webhook:v1.0.0
- CVE-2020-28914
- CVE-2020-8554




More information about the El-errata mailing list