Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump k8s versions to mitigate CVE-2018-1002105 #1051

Closed
mateuszkwiatkowski opened this issue Dec 4, 2018 · 3 comments
Closed

Bump k8s versions to mitigate CVE-2018-1002105 #1051

mateuszkwiatkowski opened this issue Dec 4, 2018 · 3 comments

Comments

@mateuszkwiatkowski
Copy link
Contributor

This issue is fixed in Kubernetes v1.11.5, v1.12.3 but only 1.11.3 and 1.12.0 are currently supported by rke. Please release a new rke version with these updates supported given the CVE's severity.

Thank you in advance.
@superseb
Copy link
Contributor

superseb commented Dec 4, 2018

This is tracked in rancher/rancher#16835

@mateuszkwiatkowski
Copy link
Contributor Author

@superseb thank you. In the meantime I used rke v0.2.0-rc1 to upgrade Kubernetes to v1.12.3 and it worked fine.

@superseb
Copy link
Contributor

superseb commented Dec 5, 2018

v0.1.13 was released with updated k8s versions, see rancher/rancher#16835 and https://forums.rancher.com/t/rancher-security-advisory-kubernetes-cve-2018-1002105/12598/2

@superseb superseb closed this as completed Dec 5, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@superseb @mateuszkwiatkowski