kernel-uek-container
[4.14.35-1902.303.5.3.el7]
- rds: Deregister all FRWR mr with free_mr (Hans Westgaard Ry) [Orabug: 31476202]
- Revert ‘rds: Do not cancel RDMAs that have been posted to the HCA’ (Gerd Rausch) [Orabug: 31475329]
- Revert ‘rds: Introduce rds_conn_to_path helper’ (Gerd Rausch) [Orabug: 31475329]
- Revert ‘rds: Three cancel fixes’ (Gerd Rausch) [Orabug: 31475318]
[4.14.35-1902.303.5.2.el7]
- rds: Three cancel fixes (Hakon Bugge) [Orabug: 31463014]
[4.14.35-1902.303.5.1.el7]
- x86/speculation: Add SRBDS vulnerability and mitigation documentation (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}
- x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}
- x86/cpu: Add ‘table’ argument to cpu_matches() (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}
- x86/cpu: Add a steppings field to struct x86_cpu_id (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}
[4.14.35-1902.303.5.el7]
- net/mlx5: Decrease default mr cache size (Artemy Kovalyov) [Orabug: 31446379]
[4.14.35-1902.303.4.el7]
- net/rds: suppress memory allocation failure reports (Manjunath Patil) [Orabug: 31422157]
- rds: Do not cancel RDMAs that have been posted to the HCA (Hakon Bugge) [Orabug: 31422151]
- rds: Introduce rds_conn_to_path helper (Hakon Bugge) [Orabug: 31422151]
kata-image
[1.7.3-1.0.5.1]
- Address Kata CVE 2023
kata-runtime
[1.7.3-1.0.5]
- Address Kata CVE-2020-2023
- Address Kata CVE-2020-2024
- Address Kata CVE-2020-2025
- Address Kata CVE-2020-2026
kata
[1.7.3-1.0.7]
- Address CVE-2020-2023
- Address CVE-2020-2024
- Address CVE-2020-2025
- Address CVE-2020-2026
kubernetes
[1.14.9-1.0.6]
- CVE-2020-8559: Privilege escalation from compromised node to cluster
- CVE-2020-8557: Node disk DOS by writing to container /etc/hosts
[1.14.9-1.0.5]
- Update dependency on Kata containers to a build that includes fixes for CVE-2020-2023 thru CVE-2020-2026
kubernetes
[1.17.9-1.0.1.el7]
- Added Oracle specific build files for Kubernetes
istio
[1.4.10-1.0.1]
- CVE-2020-15104:
Incorrect validation of wildcard DNS Subject Alternative Names
[1.4.10-1.0.0]
- Added Oracle Specific Build Files for istio/istio
olcne
[1.1.2-6]
- Include kata-runtime in the default template
[1.1.2-5]
- CVE-2020-8559: Privilege escalation from compromised node to cluster
- CVE-2020-8557: Node disk DOS by writing to container /etc/hosts
[1.1.2-4]
- Update arguments added for istio module.
[1.1.2-3]
- Ensure Istio sidecar injector uses valid executable
[1.1.2-2]
- Update Kubernetes to use Kata 1.7.3-1.0.7 to address CVE-2020-2023 thru CVE-2020-2026
[1.1.2-1]
- Added istio-1.4.10 charts and updated istio.yaml to use istio-1.4.10