Kubernetes v1.17.13, v1.18.10, v1.19.3 - Addresses Security Announcement

ryansann · October 16, 2020, 9:56pm

Kubernetes v1.17.13, v1.18.10, and v1.19.3 are now available in Rancher to address following CVEs:

CVE-2020-8563 - Secret leaks in kube-controller-manager when using vSphere provider
CVE-2020-8564 - Docker config secrets leaked when file is malformed and log level >= 4
CVE-2020-8566 - Mask Ceph RBD adminSecrets in logs when logLevel >= 4

Rancher 2.5.1
v1.19.3-rancher1-1
v1.18.10-rancher1-1
v1.17.13-rancher1-1

Rancher 2.4.8
v1.18.10-rancher1-1
v1.17.13-rancher1-1

Rancher 2.3.8
v1.17.13-rancher1-1

Note: If you are an air gapped user, please review the documentation on how to get these versions

Topic		Replies	Views
Kubernetes v1.16.13, v1.17.9, v1.18.6 - Addresses Security Announcement Announcements	0	1417	July 17, 2020
Kubernetes v1.19.15, v1.20.11, v1.21.5 - Addresses CVE-2021-25741 Announcements	0	1180	September 18, 2021
Rancher Release v2.4.16 - Addresses CVE-2021-31999, CVE-2021-25318, and CVE-2021-25320 Announcements	3	2268	August 9, 2021
Rancher Release - v2.1.3 - Addresses Kubernetes CVE-2018-1002105 Announcements	1	1000	December 5, 2018
Rancher Release - v2.1.7 - Addresses Kubernetes CVE-2019-1002100 Announcements	3	1257	March 7, 2019