https://cloud.google.com/kubernetes-engine/docs/security-bulletins

kubernetes官网安全更新

Kubernetes has disclosed a security issue in the kubernetes-csi
external-provisioner,
external-snapshotter,
and external-resizer
sidecars that impacts most versions of the sidecars bundled in
Container Storage
Interface (CSI) drivers. For further details, see the
Kubernetes disclosure.

What should I do?
This vulnerability does not affect any managed GKE components.
You may be affected if you manage your own CSI drivers in
GKE
Alpha clusters running GKE version 1.12 or higher. If you are affected,
check with your CSI driver vendor for upgrade instructions.

What vulnerabilities are addressed by this patch?
CVE-2019-11255:
This CVE is a vulnerability in the kubernetes-csi
external-provisioner,
external-snapshotter,
and
external-resizer
sidecars which can allow unauthorized volume data access or mutation. This
impacts most versions of the sidecars bundled in
CSI drivers.

kubernetes，简称K8s，是用8代替8个字符“ubernete”而成的缩写。是一个开源的，用于管理云平台中多个主机上的容器化的应用.

CVE-2019-11255

暂无

暂无