Releases: insekticid/k8s-upgrade
RKE 1.2.3
RKE 1.1.4 - Kubernetes v1.18.6-rancher1-1
https://github.com/rancher/rke/releases/tag/v1.1.4
https://github.com/rancher/rancher/releases/tag/v2.4.5
CVE-2020-8557 - Node disk DOS by writing to container /etc/hosts
CVE-2020-8558 - Node setting allows for neighboring hosts to bypass localhost boundary
CVE-2020-8559 - Privilege escalation from compromised node to cluster
RKE 1.0.8 - Kubernetes v1.17.5-rancher1
https://github.com/rancher/rke/releases/tag/v1.0.8
https://github.com/rancher/rancher/releases/tag/v2.4.3
Kubernetes version
1.17.5 (default)
1.16.9
1.15.11
RKE 1.0.6 - Kubernetes v1.17.4-rancher1-2
https://github.com/rancher/rke/releases/tag/v1.0.6
https://github.com/rancher/rancher/releases/tag/v2.3.6
Kubernetes version
v1.17.4-rancher1-2
v1.16.8-rancher1-2
v1.15.11-rancher1-2
RKE 0.3.2 - Kubernetes v1.15.5
https://github.com/rancher/rke/releases/tag/v0.3.2
https://github.com/rancher/rancher/releases/tag/v2.3.2
Kubernetes 1.16 is GA - Kubernetes 1.16 is now available as GA, but due to the deprecation of different APIs in the Kubernetes 1.16 release, Kubernetes 1.16 is not the default version. Please review any apps deployed from the Rancher library catalog to upgrade to the latest version to prepare for the upcoming release.
RKE 0.3.1 - Kubernetes v1.15.4
https://github.com/rancher/rancher/releases/tag/v2.3.1
CVE-2019-11253
https://groups.google.com/forum/m/#!topic/kubernetes-announce/_a6vYXOzBVw
CVE-2019-16276
https://groups.google.com/forum/#!msg/kubernetes-security-announce/PtsUCqFi4h4/Su9Qg5TaBwAJ
This release comes with the latest Kubernetes versions, i.e. v1.13.12, v1.14.8, v1.15.5, for Rancher launched Kubernetes clusters to address the CVE-2019-11253 and CVE-2019-16276. Rancher recommends upgrading all Kubernetes clusters to these Kubernetes versions.
RKE 0.2.8 - Kubernetes 1.14.6
https://github.com/rancher/rancher/releases/tag/v2.2.8
https://groups.google.com/forum/m/#!topic/kubernetes-announce/p-c33PN6pzw
A security issue has been found in the net/http library of the Go language that affects all versions and all components of Kubernetes. The vulnerabilities can result in a DoS against any process with an HTTP or HTTPS listener.
Am I vulnerable?
Yes. All versions of Kubernetes are affected.
Go has released versions go1.12.8 and go1.11.13, and we have released the following versions of Kubernetes built using patched versions of Go.
· Kubernetes v1.15.3 - go1.12.9
· Kubernetes v1.14.6 - go1.12.9
· Kubernetes v1.13.10 - go1.11.13