[Git][security-tracker-team/security-tracker][master] k8s updates

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5a97713d by Moritz Muehlenhoff at 2022-07-13T14:15:01+02:00
k8s updates

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -97118,23 +97118,24 @@ CVE-2021-25743 (kubectl does not neutralize escape, meta or control sequences co
 CVE-2021-25742 (A security issue was discovered in ingress-nginx where a user that can ...)
 	NOT-FOR-US: Kubernetes ingress-nginx component
 CVE-2021-25741 (A security issue was discovered in Kubernetes where a user may be able ...)
-	- kubernetes <unfixed>
-	[bullseye] - kubernetes <not-affected> (Kubernetes in Bullseye only ships the client)
-	NOTE: Server components no longer built since 1.20.5+really1.20.2-1
+	- kubernetes 1.20.5+really1.20.2-1
+	NOTE: Server components no longer built since 1.20.5+really1.20.2-1, marking that as fixed version
+	NOTE: The source package itself it still vulnerable, but custom rebuilds are not really a usecase here
 	NOTE: https://github.com/kubernetes/kubernetes/issues/104980
 CVE-2021-25740 (A security issue was discovered with Kubernetes that could enable user ...)
-	- kubernetes <unfixed>
-	[bullseye] - kubernetes <not-affected> (Kubernetes in Bullseye only ships the client)
+	- kubernetes 1.20.5+really1.20.2-1
+	NOTE: Server components no longer built since 1.20.5+really1.20.2-1, marking that as fixed version
+	NOTE: The source package itself it still vulnerable, but custom rebuilds are not really a usecase here
 	NOTE: https://www.openwall.com/lists/oss-security/2021/07/14/1
 CVE-2021-25739
 	RESERVED
 CVE-2021-25738 (Loading specially-crafted yaml with the Kubernetes Java Client library ...)
 	NOT-FOR-US: Kubernetes Java client
 CVE-2021-25737 (A security issue was discovered in Kubernetes where a user may be able ...)
-	- kubernetes <unfixed> (bug #990793)
-	[bullseye] - kubernetes <not-affected> (Kubernetes in Bullseye only ships the client)
+	- kubernetes 1.20.5+really1.20.2-1 (bug #990793)
+	NOTE: Server components no longer built since 1.20.5+really1.20.2-1, marking that as fixed version
+	NOTE: The source package itself it still vulnerable, but custom rebuilds are not really a usecase here
 	NOTE: https://www.openwall.com/lists/oss-security/2021/05/18/4
-	NOTE: Server components no longer built since 1.20.5+really1.20.2-1
 CVE-2021-25736
 	RESERVED
 	- kubernetes <not-affected> (Windows-specific)
@@ -171287,9 +171288,9 @@ CVE-2020-8562 (As mitigations to a report from 2019 and CVE-2020-8555, Kubernete
 	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/8
 	NOTE: Server components no longer built since 1.20.5+really1.20.2-1
 CVE-2020-8561 (A security issue was discovered in Kubernetes where actors that contro ...)
-	- kubernetes <unfixed>
-	[bullseye] - kubernetes <not-affected> (Kubernetes in Bullseye only ships the client)
-	NOTE: Server components no longer built since 1.20.5+really1.20.2-1
+	- kubernetes 1.20.5+really1.20.2-1
+	NOTE: Server components no longer built since 1.20.5+really1.20.2-1, marking that as fixed version
+	NOTE: The source package itself it still vulnerable, but custom rebuilds are not really a usecase here
 	NOTE: https://github.com/kubernetes/kubernetes/issues/104720
 CVE-2020-8560
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a97713d1ca121404cf1b3248ea7446a5a4ce49d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a97713d1ca121404cf1b3248ea7446a5a4ce49d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220713/e4548752/attachment-0001.htm>