Kubernetes v1.17.13, v1.18.10, and v1.19.3 are now available in Rancher to address following CVEs:
- CVE-2020-8563 - Secret leaks in kube-controller-manager when using vSphere provider
- CVE-2020-8564 - Docker config secrets leaked when file is malformed and log level >= 4
- CVE-2020-8566 - Mask Ceph RBD adminSecrets in logs when logLevel >= 4
Please review Upgrading Kubernetes without Upgrading Rancher for more details.
Note: If you are an air gapped user, please review the documentation on how to get these versions