The software described in this documentation is either no longer supported or is in extended support.
Oracle recommends that you upgrade to a current supported release.
This section lists the notable changes in Release 1.1.5 of Oracle Linux Cloud Native Environment.
This release resolves CVE-2020-16845. This CVE relates to Go where it can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs. The components updated for this are:
Platform API Server: Updated to Release 1.1.5.
Platform Agent: Updated to Release 1.1.5.
Platform CLI: Updated to Release 1.1.5.
Kata Containers: Security fixes have been back ported to Release 1.7.3.
CRI-O: Security fixes have been back ported to Release 1.17.0.
Kubernetes: Security fixes have been back ported to Release 1.17.9.
Istio: Security fixes have been back ported to Release 1.14.10.
Helm: Security fixes have been back ported to Release 3.1.1.
Prometheus: Security fixes have been back ported to Release 2.13.1.
Grafana: Security fixes have been back ported to Release 6.7.4.
The Platform API Server is also updated to include a fix for an
issue related to the Kubernetes pod subnet flag
(--pod-cidr
) not being honored in the flannel
configuration.
For information about updating to this errata release, see Updates and Upgrades.