CVE-2020-8552: Kube-apiserver vulnerable to Denial of service(DoS)

[Ebaneck]

Component:

'kubernetes'

What happened:

Source: kubernetes/kubernetes#89378

The Kubernetes API server has been found to be vulnerable to a denial of service attack via authorized API requests.
CVSS Rating: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L (Medium)

Affected Versions
kube-apiserver v1.17.0 - v1.17.2
kube-apiserver v1.16.0 - v1.16.6
kube-apiserver < v1.15.10

Fixed Versions
v1.17.3
v1.16.7
v1.15.10

Resolution proposal (optional):

Bump the Kube-apiserver version for release and to be released branches.

• For branch 2.5 we use kube-apiserver 1.16.2(vulnerable)
• For branch 2.4 we use kube-apiserver 1.15.5(vulnerable)