CVE-2018-1098

A cross-site request forgery flaw has been discovered in etcd. A remote attacker could set up a malicious website that execute POST requests to an etcd server to modify or add a key. Mitigation Configure and enable authentication on the etcd server...

Kubernetes: "Self" DOS with large deployment and scaling

Report Submission Form Summary: Good day! I was just messing around with some functions and trying to see what the impact was on my cluster. I found out that it took quite some resources to process a larger deployment, especially when scaling it. When I check your security release process I notic...

Fedora 30 : caddy / etcd / hugo (2020-279c61dd70)

"Rebuilt to fix GHSA-jf24-p9p9-4rjh Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Fedora Security Advisory FEDORA-2020-279c61dd70. include"compat.inc"; if description scriptid134130; scriptversion"1.1"; scriptcvsdate"Date: 2020/02/28";...

Fedora: Security Advisory for etcd (FEDORA-2020-279c61dd70)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 30 Update: etcd-3.3.12-5.20190413gitf29b1ad.fc30

A highly-available key value store for shared configuration...

Important: Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update

Red Hat OpenShift Container Platform release 3.11.170 is now available with updates to packages and images that fix several bugs. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This...

Critical Photon OS Security Update - PHSA-2020-0272

Updates of 'unbound', 'libxml2', 'libarchive', 'salt' packages of Photon OS have been released...

kubernetes security update

kubernetes 1.12.10-1.0.10 - CVE-2019-16276 Kubernetes Vulnerabilities Allow Authentication Bypass, DoS 1.12.10-1.0.9 - Define rolling update for flannel 1.12.10-1.0.8 - Modify flannel/dashboard image tags to use images that have the cve fix kubeadm-ha-setup 0.0.2-1.0.68 - Pull image prior to upda...

CVE-2018-16886

Etcd, versions 3.2.0 through 3.2.25 and 3.3.0 through 3.3.10, are vulnerable to an improper authentication issue when role-based access control RBAC is used and client-cert-auth is enabled. If an etcd client server's TLS certificate contains a Common Name CN which matches a valid RBAC username, a...

Photon OS 2.0: Etcd PHSA-2019-2.0-0187

An update of the etcd package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0187. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid132540;...

Critical Photon OS Security Update - PHSA-2019-3.0-0036

Updates of 'gdb', 'git', 'oniguruma', 'linux-secure', 'linux-esx', 'libgcrypt', 'python3', 'dbus', 'rsyslog', 'linux', 'sysstat', 'systemd', 'lua', 'sqlite', 'u-boot', 'etcd', 'linux-aws', 'polkit' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2019-0036

Updates of 'sysstat', 'gdb', 'rsyslog', 'polkit', 'sqlite', 'dbus', 'python3', 'etcd', 'lua', 'u-boot', 'libgcrypt', 'git', 'linux-esx', 'systemd', 'linux', 'linux-secure', 'linux-aws', 'oniguruma' packages of Photon OS have been released...

RHEL 7 : etcd (RHSA-2019:1352)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:1352 advisory. The etcd packages provide a highly available key-value store for shared configuration. The following packages have been upgraded to a later upstream...

Moderate: Red Hat Security Advisory: etcd security, bug fix, and enhancement update

An update for etcd is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

etcd: Improper Authentication in auth/store.go:AuthInfoFromTLS() via gRPC-gateway

Etcd, versions 3.2.0 through 3.2.25 and 3.3.0 through 3.3.10, are vulnerable to an improper authentication issue when role-based access control RBAC is used and client-cert-auth is enabled. If an etcd client server's TLS certificate contains a Common Name CN which matches a valid RBAC username, a...

Privilege Escalation

openshift-ansible is vulnerable to privilege escalation. A remote unauthenticated attacker could exploit the flawed SSL Certificate Authentication component to read and modify all the data about the Openshift cluster in the etcd datastore, potentially adding another compute node, or bringing down...

Fedora Update for etcd FEDORA-2019-219b0b0b6a

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 29 Update: etcd-3.3.12-4.20190413gitf29b1ad.fc29

A highly-available key value store for shared configuration...

Fedora 29 : etcd (2019-219b0b0b6a)

etcd.service: do not pass command line flags already defined in environment ---- Fix building of etcd ---- Bump to commit f29b1ada19713544b698dab8c94c97cfa1e83dac ---- Bump to commit e1ca3b4434945e57e8e3a451cdbde74a903cc8e1 Security fix for CVE-2018-16886 Security fix for CVE-2018-1098...

Fedora 30 : etcd (2019-833466697f)

Bump to commit e1ca3b4434945e57e8e3a451cdbde74a903cc8e1 Security fix for CVE-2018-16886 Security fix for CVE-2018-1098 CVE-2018-1099 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...