Описание
ELSA-2020-2684: containernetworking-plugins security update (MODERATE)
[0.8.3-3]
- fix 'CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters'
- Resolves: #1842334
[0.8.3-2]
- build with no_openssl
[0.8.3-1]
- update to 0.8.3
- compile in FIPS mode
[0.8.1-4]
- rebuild against go-toolset-1.11
[0.8.1-3]
- rebuild against extras-rhel-7.8-go-toolset-candidate
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
containernetworking-plugins
0.8.3-3.el7_8
Oracle Linux x86_64
containernetworking-plugins
0.8.3-3.el7_8
Связанные CVE
Связанные уязвимости
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
A vulnerability was found in all versions of containernetworking/plugi ...
