--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-aeea04cd13
2020-07-24 01:13:00.082331
--------------------------------------------------------------------------------
Name : origin
Product : Fedora 32
Version : 3.11.2
Release : 1.fc32
URL :
https://github.com/openshift/origin
Summary : OpenShift Open Source Container Management by Red Hat
Description :
OpenShift Origin is a distribution of Kubernetes optimized for enterprise application
development and deployment. OpenShift Origin adds developer and operational centric
tools on top of Kubernetes to enable rapid application development, easy
deployment and scaling, and long-term lifecycle maintenance for small and large
teams and applications. It provides a secure and multi-tenant configuration for
Kubernetes allowing you to safely host many different applications and workloads
on a unified cluster.
--------------------------------------------------------------------------------
Update Information:
* Security fix for CVE-2020-8551, CVE-2020-8552, CVE-2020-8555, CVE-2020-8945 *
Rebase to head of usptream 3.11 branch
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 14 2020 Jakub ��ajka <jcajka(a)fedoraproject.org> - 3.11.2-1
- Rebase to upstream 20c5b86c88657888e4906ed7942b85515c650f96, let's call it 3.11.2
- Fix for CVE-2020-8551, CVE-2020-8552, CVE-2020-8555, CVE-2020-8945
- Resolves: BZ#1816406, BZ#1816396, BZ#1842692, BZ#1802905
* Fri May 1 2020 Petr Pisar <ppisar(a)redhat.com> - 3.11.1-6
- Soften a dependency on bash-completion (bug #1493993)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1795838 - CVE-2020-8945 proglottis/gpgme: Use-after-free in GPGME bindings
during container image pull
https://bugzilla.redhat.com/show_bug.cgi?id=1795838
[ 2 ] Bug #1797909 - CVE-2020-8552 kubernetes: Use of unbounded 'client' label
in apiserver_request_total allows for memory exhaustion
https://bugzilla.redhat.com/show_bug.cgi?id=1797909
[ 3 ] Bug #1816403 - CVE-2020-8551 kubernetes: crafted requests to kubelet API allow for
memory exhaustion
https://bugzilla.redhat.com/show_bug.cgi?id=1816403
[ 4 ] Bug #1821583 - CVE-2020-8555 kubernetes: Server side request forgery (SSRF) in
kube-controller-manager allows users to leak secret information
https://bugzilla.redhat.com/show_bug.cgi?id=1821583
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-aeea04cd13' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------