Rancher Security Advisory: CVE-2019-1002101 & CVE-2019-9946 - 20190328 reported by Kubernetes

Follow
Table of Contents

March 28, 2019

This advisory was first communicated by email, on the date mentioned above, to all Rancher customers with a then active support subscription.

Dear Rancher User,

Kubernetes has announced patch versions today to address the following vulnerabilities:

  • CVE-2019-1002101, an issue discovered in kubectl, a kubernetes client
  • CVE-2019-9946, an issue discovered in the CNI framework

For more details on the announcements, see:

Kubernetes versions that address CVE-2019-1002101 and CVE-2019-9946 are:

  • v1.11.9
  • v1.12.7
  • v1.13.5

This email is to let you know of Rancher releases that will be made available later today to enable you to move to one of the above Kubernetes versions. The new Rancher releases are:

  • Rancher 2.2.1: release comes with the latest Kubernetes versions - i.e. v1.11.9, v1.12.7, v1.13.5 - for clusters launched by Rancher. To address Kubernetes CVE-2019-1002101 and CVE-2019-9946, we recommend upgrading your Kubernetes clusters to one of these versions.
  • Rancher 2.1.8: release comes with the latest Kubernetes versions - i.e. v1.11.9, v1.12.7, v1.13.5 - for clusters launched by Rancher. To address Kubernetes CVE-2019-1002101 and CVE-2019-9946, we recommend upgrading your Kubernetes clusters to one of these versions.
  • Rancher 2.0.13: release enables Kubernetes v1.11.9 support for clusters launched by Rancher. To address Kubernetes CVE-2019-1002101 and CVE-2019-9946, we recommend upgrading your Kubernetes clusters to this version.

If you are a Rancher 1.6.x user, please read the following:

  • Kubernetes v1.11.9 and v1.12.7 support has been added to Rancher catalog and made available to Rancher v1.6.26 users. If you run Rancher v1.6.26, the new versions will become available on the next catalog auto refresh.


If there are any questions, simply submit a request via this portal referencing this article and we will track and respond to your question as a Support Ticket.

Thanks
Rancher Support Team

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.