Charmed Kubernetes Bundles

ingress-nginx security issues

Bug #1969972 reported by Kevin W Monroe
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Charmed Kubernetes Bundles
Fix Released
Critical
Kevin W Monroe
Charmed Kubernetes Bundles 1.24
Kubernetes Worker Charm
Fix Released
Critical
Kevin W Monroe
Kubernetes Worker Charm 1.24

Bug Description

https://github.com/kubernetes/ingress-nginx/issues/8502
https://github.com/kubernetes/ingress-nginx/issues/8503

Security issue in ingress-nginx. We'll need to move to 1.2.0.

CVE References

Kevin W Monroe (kwmonroe)
Changed in charm-kubernetes-worker:
status: New → In Progress
importance: Undecided → Critical
assignee: nobody → Kevin W Monroe (kwmonroe)
milestone: none → 1.24
Changed in charmed-kubernetes-bundles:
status: New → In Progress
importance: Undecided → Critical
assignee: nobody → Kevin W Monroe (kwmonroe)
milestone: none → 1.24
Revision history for this message
Kevin W Monroe (kwmonroe) wrote :

PR for bundle (images to rocks):

https://github.com/charmed-kubernetes/bundle/pull/830

PR for worker:

https://github.com/charmed-kubernetes/charm-kubernetes-worker/pull/120

summary: - CVE-2021-25745 and CVE-2021-25746
+ ingress-nginx security issues
tags: added: review-needed
Kevin W Monroe (kwmonroe)
tags: removed: review-needed
Changed in charmed-kubernetes-bundles:
status: In Progress → Fix Committed
Kevin W Monroe (kwmonroe)
Changed in charm-kubernetes-worker:
status: In Progress → Fix Committed
Kevin W Monroe (kwmonroe)
information type: Public → Public Security
Kevin W Monroe (kwmonroe)
Changed in charmed-kubernetes-bundles:
status: Fix Committed → Fix Released
Changed in charm-kubernetes-worker:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.