Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 27: FEDORA-2018-320cb9d7fb Critical Cri-O Security Fix

fedora
Calendar Grey June 26, 2018
Dist Fedora Esm H88
Delve into the recent Fedora 27 cri-o security patch. Uncover critical bug resolutions and enhancements for a fortified system.
New version with a few bug fixes ---- Latest build with fixes.

Summary

Kubernetes Container Runtime Interface for OCI-based containers

New version with a few bug fixes ---- Latest build with fixes.

* Mon Jun 18 2018 Dan Walsh - 2:1.10.3-1.rhaos3.10.gite558bd

- bump to v1.10.3

* Tue Jun 12 2018 Dan Walsh - 2:1.10.2-2.rhaos3.10.git1ffcbb

- bump to v1.10.2

* Tue May 8 2018 Dan Walsh - 2:1.10.1-1.git728df92

- bump to v1.10.1

* Tue May 8 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-37.git52d0f53

- autobuilt 52d0f53

* Mon May 7 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-36.git5eb8c3b

- autobuilt 5eb8c3b

* Sun May 6 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-35.git4e54603

- autobuilt 4e54603

* Sat May 5 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-34.git0489381

- autobuilt 0489381

* Fri May 4 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-33.git6db7ef8

- autobuilt 6db7ef8

* Wed May 2 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-32.git4e6919c

- autobuilt commit 4e6919c

* Wed May 2 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-31.git4e4f1e2

- autobuilt commit 4e4f1e2

* Mon Apr 30 2018 Dan Walsh - 2:1.10.0-30.gita221a5d

- Fix crio.conf to use correct path to conmon and systemd for cgroup management

* Mon Apr 30 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-28.gita221a5d

- autobuilt commit a221a5d

* Fri Apr 27 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-27.gitc971f7b

- autobuilt commit c971f7b

* Thu Apr 26 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-26.git733d791

- autobuilt commit 733d791

* Tue Apr 24 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-25.git596d052

- autobuilt commit 596d052

* Tue Apr 17 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-24.gitc24e0d9

- autobuilt commit c24e0d9

* Tue Apr 17 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-23.gitc24e0d9

- autobuilt commit c24e0d9

* Mon Apr 16 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-22.gitc24e0d9

- autobuilt commit c24e0d9

* Mon Apr 16 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-21.gitc24e0d9

- autobuilt commit c24e0d9

* Mon Apr 16 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-20.gitc24e0d9

- autobuilt commit c24e0d9

* Mon Apr 16 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-19.gitc24e0d9

- autobuilt commit c24e0d9

* Sun Apr 15 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-18.gitc24e0d9

- autobuilt commit c24e0d9

* Sat Apr 14 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-17.gitc24e0d9

- autobuilt commit c24e0d9

* Fri Apr 13 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-16.gitc24e0d9

- autobuilt commit c24e0d9

* Thu Apr 12 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-15.gitc24e0d9

- autobuilt commit c24e0d9

* Wed Apr 11 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-14.gitc24e0d9

- autobuilt commit c24e0d9

* Tue Apr 10 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-13.gitc24e0d9

- autobuilt commit c24e0d9

* Tue Apr 10 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-12.gitc24e0d9

- autobuilt commit c24e0d9

* Tue Apr 10 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-11.git1eec122

- autobuilt commit 1eec122

* Mon Apr 9 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-10.git1eec122

- autobuilt commit 1eec122

* Mon Apr 9 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-9.git1eec122

- autobuilt commit 1eec122

* Sun Apr 8 2018 Lokesh Mandvekar (Bot) - 2:1.10.0-8.gitd0dbfe0

- autobuilt commit d0dbfe0

* Sun Apr 8 2018 Lokesh Mandvekar - 2:1.10.0-7.gitd0dbfe0

- autobuilt commit d0dbfe0

* Sun Apr 8 2018 Lokesh Mandvekar - 2:1.10.0-6.gitd0dbfe0

- autobuilt commit d0dbfe0

* Sun Apr 8 2018 Lokesh Mandvekar - 2:1.10.0-5.git86b61d4

- built commit 86b61d4

* Fri Mar 30 2018 Dan Walsh - 2:1.10.0-4

- Release of v1.10.0

* Mon Mar 26 2018 Lokesh Mandvekar - 2:1.10.0-3.gitb0f6d98

- built commit b0f6d98

* Fri Mar 16 2018 Dan Walsh - 2:1.10.0-beta.1

- bump to v1.10.0-beta.1

* Tue Mar 13 2018 Dan Walsh - 2:1.9.10-1.git8723732

- bump to v1.9.10

* Fri Mar 9 2018 Dan Walsh - 2:1.9.9-1.git4d7e7dc

- bump to v1.9.9

* Thu Mar 1 2018 Lokesh Mandvekar - 2:1.9.8-1.git7d9d2aa

- bump to v1.9.8

- enable integration tests for centos

* Fri Feb 23 2018 Lokesh Mandvekar - 2:1.9.7-2.gita98f9c9

- make sure correct version in changelog

* Fri Feb 23 2018 Dan Walsh - 2:1.9.7-1.gita98f9c9

- Merge pull request #1357 from runcom/netns-fixes

- sandbox_stop: close/remove the netns _after_ stopping the containers

- sandbox net: set netns closed after actaully closing it

* Wed Feb 21 2018 Dan Walsh - 2:1.9.6-1.git5e48c92

- vendor: update c/image to handle text/plain from registries

* Fri Feb 16 2018 Dan Walsh - 2:1.9.5-1.git125ec8a

- image: Add lock around image cache access

* Thu Feb 15 2018 Dan Walsh - 2:1.9.4-1.git28c7dee

- imageService: cache information about images

- container_create: correctly set user

- system container: add /var/tmp as RW

* Sun Feb 11 2018 Dan Walsh - 2:1.9.3-1.git63ea1dd

- Update containers/image and containers/storage

- Pick up lots of fixes in image and storage library

* Thu Feb 8 2018 Dan Walsh - 2:1.9.2-1.gitb066a83

- sandbox: fix sandbox logPath when crio restarts

- syscontainers, rhel: add ADDTL_MOUNTS

- Adapt to recent containers/image API updates

- container_create: only bind mount /etc/hosts if not provided by k8s

* Wed Feb 7 2018 Fedora Release Engineering - 2:1.9.1-2.gitb066a83

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

* Wed Jan 24 2018 Dan Walsh - 2:1.9.1-1.gitb066a8

- Final Release 1.9.1

* Mon Dec 18 2017 Lokesh Mandvekar - 2:1.9.0-4.gita85ea60

- need runc >= 2:1.0.0-15

* Fri Dec 15 2017 Dan Walsh - 2:1.9.0-3.gita85ea60

- Final Release 1.9.0

* Mon Dec 11 2017 Dan Walsh - 2:1.9.0-1.beta.1.gita85ea60

- Update to kubernetes 1.9.0 beta 2 cri requirements

- container_exec: fix terminal true process json

- lib: sandbox: refactor to memory store

* Sun Dec 10 2017 Dan Walsh - 2:1.9.0-1.beta.1.git0ab5e80

- Update to kubernetes 1.9.0 beta 1 cri requirements

* Sun Dec 10 2017 Dan Walsh - 2:1.8.3-1.gitd9922a9

- container_create: fix apparmor from container config

- container_create: correctly set image and kube envs

- oci: do not append conmon env to container process

- container_exec: use process file with runc exec

* Thu Nov 30 2017 Lokesh Mandvekar - 2:1.8.2-3.git3de7ab4c

- cri-o should require conmon and not the other way around

* Wed Nov 29 2017 Lokesh Mandvekar - 2:1.8.2-2.git3de7ab4c

- add additional deps

- From: Antonio Murdaca

* Wed Nov 29 2017 Lokesh Mandvekar - 2:1.8.2-1.git3de7ab4c

- bump to v1.8.2

* Tue Nov 28 2017 Lokesh Mandvekar - 2:1.8.1-2.git32d1708d

- separate conmon into a separate subpackage

* Wed Nov 22 2017 Dan Walsh - 1.8.1-1.git32d1708d

- Add /proc/scsi to masked paths

* Mon Nov 13 2017 Dan Walsh - 1.8.0-1.git80f54bc1

- bump v1.8.0

- Add support for Kubernetes v1.8

- kpod support moved to the kpod package.

* Thu Nov 9 2017 Lokesh Mandvekar - 1.0.3-1.git17bcfb4

- bump to v1.0.3

* Mon Oct 30 2017 Dan Walsh - 1.0.2-1.git748bc46

- Lots of bug fixes

- Fixes to pass cri-tools tests

* Wed Oct 25 2017 Dan Walsh - 1.0.1-1.git64a30e1

- Lots of bug fixes

- Fixes to pass cri-tools tests

* Mon Oct 16 2017 Dan Walsh - 1.0.0-6.gita636972

- Add epoch to make sure that this installs

* Mon Oct 16 2017 Dan Walsh - 1.0.0-5.gita636972

- Get the correct checksum

* Fri Oct 13 2017 Dan Walsh - 1.0.0-4.gitcd1bac5

- Release v1.0.0

- Performance improvements

- Add secrets patch to default mount directories from the host into containers

- Add kpod login/logout

- Change debug flag to log-level, allows admin to specify the loggin level

- Bump to kube v1.7.8

- Build with go 1.8.4

* Tue Oct 3 2017 Lokesh Mandvekar - 1.0.0-3.rc3.gitd2c6f64

- build v1.0.0-rc3 tag

* Tue Oct 3 2017 Lokesh Mandvekar - 1.0.0-2.rc3.dev.gita8ea146

- adjust runc dep for CentOS Virt SIG builds

* Tue Oct 3 2017 Lokesh Mandvekar - 1.0.0-1.rc3.dev.gita8ea146

- bump to 1.0.0-rc3.dev

- built commit a8ea146

* Wed Sep 20 2017 Lokesh Mandvekar - 1.0.0-1.rc2.git6784a66

- bump to v1.0.0-rc2

[ 1 ] Bug #1578110 - CVE-2018-1000400 cri-o: capabilities are not dropped when switching to a non-root user [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1578110

[ 2 ] Bug #1578135 - rpm dependencies: add and track Requires: cri-tools

https://bugzilla.redhat.com/show_bug.cgi?id=1578135

su -c 'dnf upgrade --advisory FEDORA-2018-320cb9d7fb' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZYWKWCBMF2UGDAYQARLAQ3WGHNL4DCOI/

Topics%20covered

Topics Covered

security advisory fedora update critical bug fix cri-o container runtime

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 27
Version: 1.10.3
Release: 1.gite558bd5.fc27
URL: https://github.com/cri-o/cri-o
Summary: Kubernetes Container Runtime Interface for OCI-based containers

Topics%20covered

Topics Covered

security advisory fedora update critical bug fix cri-o container runtime

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here