FEDORA-2019-2b8ef08c95 — security update for kubernetes

kubernetes-1.15.2-1.fc30

FEDORA-2019-2b8ef08c95 created by jchaloup 2 years ago for Fedora 30

stable

Update to v1.15.2 + carry upstream #81330

How to install

sudo dnf upgrade --advisory=FEDORA-2019-2b8ef08c95

This update has been submitted for testing by jchaloup.

2 years ago

This update's test gating status has been changed to 'waiting'.

2 years ago

This update's test gating status has been changed to 'ignored'.

2 years ago

This update has been pushed to testing.

2 years ago

This update can be pushed to stable now if the maintainer wishes

2 years ago

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

Builds

kubernetes-1.15.2-1.fc30

Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

2 years ago

in testing

2 years ago

in stable

2 years ago

BZ#1722682 CVE-2019-11246 kubernetes:1.10/kubernetes: Incomplete fix for CVE-2019-1002101 allows for arbitrary file write via `kubectl cp` [fedora-all]

BZ#1722684 CVE-2019-11246 kubernetes: Incomplete fix for CVE-2019-1002101 allows for arbitrary file write via `kubectl cp` [fedora-all]

BZ#1737646 CVE-2019-11247 kubernetes: API server allows access to cluster-scoped custom resources as if resources were namespaced [fedora-all]

BZ#1737652 CVE-2019-11249 kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal [fedora-all]

BZ#1738369 CVE-2019-11248 kubernetes: /debug/pprof endpoint exposed on kubelet's healthz port [fedora-all]

BZ#1740435 CVE-2019-11250 kubernetes: Bearer tokens written to logs at high verbosity levels (>= 7) [fedora-all]

kubernetes-1.15.2-1.fc30

How to install

Automated Test Results