Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dnsmasq version bump in apt ppa - multiple CVEs #1169

Closed
jocado opened this issue Oct 5, 2017 · 1 comment
Closed

dnsmasq version bump in apt ppa - multiple CVEs #1169

jocado opened this issue Oct 5, 2017 · 1 comment
Assignees
@nelljerram

Comments

@jocado
Copy link

jocado commented Oct 5, 2017

Expected Behavior

Multiple security vulnerabilities should be fixed.

Current Behavior

Multiple security vulnerabilities present.

Possible Solution

Pull latest upstream version from Ubuntu repos.

Ubuntu 16.04 LTS:
dnsmasq 2.75-1ubuntu0.16.04.3

Ubuntu 14.04 LTS:
dnsmasq 2.68-1ubuntu0.2

Steps to Reproduce (for bugs)

Install calico 2.6 from PPA

Context

Details are in this article:
https://usn.ubuntu.com/usn/usn-3430-1/

Your Environment

  • Calico 2.6
  • Openstack
  • Ubuntu, Trusty and Xenial
@nelljerram
Copy link
Member

nelljerram commented Oct 16, 2017
edited
Loading

This has now been fixed, by upgrading the dnsmasq packages in all our PPAs (including calico-2.6) to v2.78, which:

  • fixes all of the CVEs referenced here
  • also includes all the dnsmasq enhancements that Calico for OpenStack depends on.

@KashifSaadat KashifSaadat mentioned this issue Nov 7, 2017
Merged
k8s-github-robot pushed a commit to kubernetes/kops that referenced this issue Nov 7, 2017
Merge pull request #3786 from KashifSaadat/canal-update
2c0e5be 
Automatic merge from submit-queue.

Update Canal to use Calico v2.6.2.

Calico v2.6 adds support for egress Network Policies with Kubernetes v1.8.

The dnsmasq packages have also been updated in v2.6.2, which resolves a number of CVEs detected on the older versions (projectcalico/calico#1169).
caseydavenport pushed a commit that referenced this issue Dec 14, 2021
@sridhartigera
Makefile changes to build with libbpf (#1169)
e4c0245 
* Makefile changes to build felix with libbpf

* Pin updates
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nelljerram nelljerram

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@caseydavenport @nelljerram @jocado