Lucene search

K
oraclelinuxOracleLinuxELSA-2019-4593
HistoryApr 13, 2019 - 12:00 a.m.

kubernetes kubeadm-upgrade kubeadm-ha-setup security update

2019-04-1300:00:00
linux.oracle.com
279

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.963 High

EPSS

Percentile

99.4%

kubernetes
[1.12.7-1.1.2]

  • [OLCNE-257] fix coredns issue and minor upgrade issue
    [1.12.7-1.1.1]
  • [OLCNE-235] [CVE-2019-9946] portmap inserts rules at the front of the iptables nat chains
    [1.12.7-1.0.1]
  • Add Oracle Build Files For Version v1.12.7
    kubeadm-upgrade
    [0.0.1-1.0.22]
    – Bump up 1.12.7 version for coredns fix
    [0.0.1-1.0.21]
    – CVE-2019-9946
    [0.0.1-1.0.20]
    – CVE-2019-1002101
    [0.0.1-1.0.19]
    – Bump up 1.12.6 version
    [0.0.1-1.0.18]
    – OLCNE-201 upgrade from 1.9 to 1.12 fails
    [0.0.1-1.0.17]
    – Update the Kubernetes version to include the conntrack fix
    [0.0.1-1.0.16]
    – CVE-2019-1002100
    kubeadm-ha-setup
    [0.0.2-1.0.24]
  • Return stdout and stderr from Run function to allow the caller decided what to display
    [0.0.2-1.0.23]
  • [OLCNE-170] proxy variable is inherited in remote master
    [0.0.2-1.0.22]
  • The Trim function doesn’t work for replacing strings
  • Upgrade should use the pause container instead of pause-amd64
    [0.0.2-1.0.21]
  • Include 1.12.7 image and update 1.13 and metric servers info
    [0.0.2-1.0.20]
  • Support new registries and allow for password to have a colon
    [0.0.2-1.0.19]
  • –force flag for full restore
    [0.0.2-1.0.18]
  • Change update help message
    [0.0.2-1.0.17]
  • Change update message, add ha install command and ask for confirmation
    [0.0.2-1.0.16]
  • Change upgrade command name to update
    [0.0.2-1.0.15]
  • Fix upgrade for point release
    [0.0.2-1.0.14]
  • OLCNE-79 Move file.go to config.go
    [0.0.2-1.0.13]
  • OLCNE-144 Feature Flag 1.13 code
    [0.0.2-1.0.12]
  • Add support of upgrading HA master nodes
    [0.0.2-1.0.11]
  • Support deploying Kubernetes version 1.13.2
    [0.0.2-1.0.10]
  • CVE-2018-16875
    [0.0.2-1.0.9]
  • Add timeout to Run() (gitlab issues #3)
  • Rename path to linux-git.us.oracle.com/Kubernetes
    [0.0.2-1.0.8]
  • Remove releases.json dependency
    [0.0.2-1.0.7]
  • Pin dependent kubernetes packages
    [0.0.2-1.0.6]
  • Update deps for kube 1.13
    [0.0.2-1.0.5]
  • Add test runner in makefile and execute it in CI/CD
    [0.0.2-1.0.4]
  • Fix backup path issue again found by Tom Cocozzello
    [0.0.2-1.0.3]
  • [Orabug 29152516] Backup and restore /var/lib/kubelet/kubeadm-flags.env too
  • Cleanup kube-ipvs0 interface too
  • More code cleanup
  • Use map for checking kernel module
  • Fix client joining errors
  • Addressing Tom Cocozzello’s review
  • Enabling IPVS in HA
    [0.0.2-1.0.2]
  • Update dashboard image (CVE-2018-18264)
    [0.0.2-1.0.1]
  • Allow Oracle certified addons to be installed via cli
    kubernetes-cni
    [0.6.0-2.2.1]
  • [OLCNE-235] [CVE-2019-9946] portmap inserts rules at the front of the iptables nat chains
    kubernetes-cni-plugins
    [0.7.5-1.0.1.dev]
  • Update to v0.7.5

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.963 High

EPSS

Percentile

99.4%