A Oracle Linux Cloud Native Environment 1.1 olcne security update has been released.

El-errata: ELSA-2021-9029 Important: Oracle Linux Cloud Native Environment 1.1 olcne security update

Oracle Linux Cloud Native Environment Security Advisory ELSA-2021-9029

  http://linux.oracle.com/errata/ELSA-2021-9029.html

The following updated rpms for Oracle Linux Cloud Native Environment 1.1
have been uploaded to the Unbreakable Linux Network:

x86_64:
kata-runtime-1.7.3-1.0.7.el7.x86_64.rpm
kata-1.7.3-1.0.12.el7.x86_64.rpm
kubelet-1.17.9-1.0.6.el7.x86_64.rpm
kubeadm-1.17.9-1.0.6.el7.x86_64.rpm
kubectl-1.17.9-1.0.6.el7.x86_64.rpm
olcnectl-1.1.10-1.el7.x86_64.rpm
olcne-utils-1.1.10-1.el7.x86_64.rpm
olcne-nginx-1.1.10-1.el7.x86_64.rpm
olcne-api-server-1.1.10-1.el7.x86_64.rpm
olcne-agent-1.1.10-1.el7.x86_64.rpm
olcne-prometheus-chart-1.1.10-1.el7.x86_64.rpm
olcne-istio-chart-1.1.10-1.el7.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates/kata-runtime-1.7.3-1.0.7.el7.src.rpm
  http://oss.oracle.com/ol7/SRPMS-updates/kata-1.7.3-1.0.12.el7.src.rpm
  http://oss.oracle.com/ol7/SRPMS-updates/kubernetes-1.17.9-1.0.6.el7.src.rpm
  http://oss.oracle.com/ol7/SRPMS-updates/olcne-1.1.10-1.el7.src.rpm

container_images:
container-registry.oracle.com/olcne/externalip-webhook:v1.0.0

Description of changes:

kata-runtime
[1.7.3-1.0.7]
- Address CVE-2020-28914

kata
[1.7.3-1.0.12]
- UEKR6 guest kernel support

[1.7.3-1.0.11]
- Address CVE-2020-28914

kubernetes
[1.17.9-1.0.6]
- Kata CVE-2020-28914

olcne
[1.1.10-1]
- Address CVE-2020-28914: An improper file permissions vulnerability
affects Kata Containers prior to 1.11.5

[1.1.9-1]
- Enhance the Kubernetes module to restrict the usage of external IPs
- Address CVE-2020-8554: man-in-the-middle vulnerability using
Kubernetes service External IPs

container-registry.oracle.com/olcne/externalip-webhook:v1.0.0
- CVE-2020-28914
- CVE-2020-8554