Oracle Linux Cloud Native Environment Security Advisory ELSA-2022-9363

https://linux.oracle.com/errata/ELSA-2022-9363.html

The following updated rpms for Oracle Linux Cloud Native Environment 1.3 have been uploaded to the Unbreakable Linux Network:

x86_64:
olcnectl-1.3.5-1.el8.x86_64.rpm
olcne-agent-1.3.5-1.el8.x86_64.rpm
olcne-api-server-1.3.5-1.el8.x86_64.rpm
olcne-utils-1.3.5-1.el8.x86_64.rpm
olcne-nginx-1.3.5-1.el8.x86_64.rpm
olcne-prometheus-chart-1.3.5-1.el8.x86_64.rpm
olcne-grafana-chart-1.3.5-1.el8.x86_64.rpm
olcne-istio-chart-1.3.5-1.el8.x86_64.rpm
olcne-olm-chart-1.3.5-1.el8.x86_64.rpm
istio-istioctl-1.12.6-1.el8.x86_64.rpm
istio-1.12.6-1.el8.x86_64.rpm
istio-istioctl-1.11.4-1.el8.x86_64.rpm
istio-1.11.4-1.el8.x86_64.rpm


SRPMS:
https://oss.oracle.com/ol8/SRPMS-updates/olcne-1.3.5-1.el8.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/istio-1.12.6-1.el8.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/istio-1.11.4-1.el8.src.rpm

Related CVEs:

CVE-2022-24726
CVE-2022-24921




Description of changes:

olcne
[1.3.5-1]
- Update Istio to 1.12.6(prometheus-2.30.1, grafana-7.5.15)

istio
[1.12.6-1]
- Addresses CVE-2022-24726, CVE-2022-24921

istio
[1.11.4-1]
- Added Oracle specific files for 1.11.4-1


container-registry.oracle.com/olcne/pilot:1.11.4
- CVE-2022-24726, CVE-2022-24921

container-registry.oracle.com/olcne/proxyv2:1.11.4
- CVE-2022-24726, CVE-2022-24921

container-registry.oracle.com/olcne/grafana:v7.3.7
- CVE-2022-24726, CVE-2022-24921

container-registry.oracle.com/olcne/prometheus:v2.30.1
- CVE-2022-24726, CVE-2022-24921

container-registry.oracle.com/olcne/pilot:1.12.6
- CVE-2022-24726, CVE-2022-24921

container-registry.oracle.com/olcne/proxyv2:1.12.6
- CVE-2022-24726, CVE-2022-24921

container-registry.oracle.com/olcne/grafana:v7.5.15
- CVE-2022-24726, CVE-2022-24921

_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata