kubernetes security update

– Fixed kubernetes-cni version.
– Addresses CVE-2022-3172
– Updated Kubernetes package release version to 1.21.6-2
– Upgraded kubernetes-1.21.6 to 1.21.14
– Resolve Kubernetes CVE-2022-3172 for version 1.21
– Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045
– Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over
– Update gen-certs-helper script to skip printing olcne_transfer_script execution
– Cleanup grpc connection when node not found and use substr method in case fqdn used for hostname
– Adress Istio CVE-2022-31045, CVE-2022-29225, CVE-2022-29224,CVE-2022-29226,CVE-2022-29228,CVE-2022-29227
– Address qemu CVE-2022-26353, CVE-2021-3748
– Excluded unnecessary directories from k8s backup files
– Update Istio to 1.13.2
– Added 1.4 extra images to registry-image-helper.sh script
– Ensure that the order of items in an upgraded config file is stable with respect to the original file
– Ensure that old olcnectl config files are upgraded
– Fixed a bug where specifying a port in the container-registry argument
to the Kubernetes module would result in pods not being able to start.
– Allow loadbalancer to be configured regardless of security list mode
– Fix bug in initialising certs manager when environment name not mentioned
– Fix bug in fetching report for multi-environment
– Pause image is 3.4.1
– CSI plugin
– Reports feature
– Kubernetes-1.20.6 to Kubernetes-1.21.6 upgrade
– Istio-1.9.4 to Istio-1.11.4 upgrade
– Component upgrades
– Config file feature
– Fix iptables issue when running on OL7 host using OL8 image
– Address CVE’s ISTIO-SECURITY-2021-003, ISTIO-SECURITY-2021-005, ISTIO-SECURITY-2021-006, ISTIO-SECURITY-2021-007
– Fixed yaml file to stop olcne-nginx and keepalived services at uninstall [Orabug: 32296282]
– Fixed missing double semicolon in registry image helper
[1.3.0-9]Read More

Back to Main

Subscribe for the latest news:
Generated by Feedzy
%d bloggers like this: