There was a critical vulnerability in Kubernetes published earlier in the week - CVE-2018-1002105.
The vulnerability has been patched both the upstream project and by TUV, but the fix doesn't seem to have made it into the CentOS OpenShift build for 3.11: http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin311/ The fixed version is 3.11.43, version on the mirror is 3.11.0. I'm not 100% certain of the support state of OpenShift in CentOS as it's maintained by a SIG, so what needs to happen to get the vulnerability patched for CentOS? Adam Bishop gpg: E75B 1F92 6407 DFDF 9F1C BF10 C993 2504 6609 D460 jisc.ac.uk Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800. Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 2881024, VAT number GB 197 0632 86. The registered office is: One Castle Park, Tower Hill, Bristol BS2 0JA. T 0203 697 5800. _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
