Kubernetes v1.17.13, v1.18.10, v1.19.3 - Addresses Security Announcement

Kubernetes v1.17.13, v1.18.10, and v1.19.3 are now available in Rancher to address following CVEs:

  1. CVE-2020-8563 - Secret leaks in kube-controller-manager when using vSphere provider
  2. CVE-2020-8564 - Docker config secrets leaked when file is malformed and log level >= 4
  3. CVE-2020-8566 - Mask Ceph RBD adminSecrets in logs when logLevel >= 4

Please review Upgrading Kubernetes without Upgrading Rancher for more details.

Rancher 2.5.1
v1.19.3-rancher1-1
v1.18.10-rancher1-1
v1.17.13-rancher1-1

Rancher 2.4.8
v1.18.10-rancher1-1
v1.17.13-rancher1-1

Rancher 2.3.8
v1.17.13-rancher1-1

Note: If you are an air gapped user, please review the documentation on how to get these versions