Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[GKE] April 13, 2022 #420

Open
github-actions bot opened this issue Apr 14, 2022 · 0 comments
Open

[GKE] April 13, 2022 #420

github-actions bot opened this issue Apr 14, 2022 · 0 comments
Labels
liens/Kubernetes Liens à propos de l'aktu

Comments

@github-actions
Copy link

Security

A security vulnerability, CVE-2022-23648, has been discovered in containerd's handling of path
traversal in the OCI image volume specification. Containers launched through containerd's CRI
implementation with a specially-crafted image configuration could gain full read access to
arbitrary files and directories on the host. This vulnerability may bypass any policy-based
enforcement on container setup (including a Kubernetes Pod Security Policy). This
vulnerability affects all GKE node operating systems
(Container-Optimized OS and Ubuntu) which use containerd by default. All
GKE, Autopilot, and GKE Sandbox nodes are affected.

For more information, see the GCP-2022-013 security bulletin.

Feature

Egress NAT policy to configure IP masquerade is now generally available on GKE Autopilot clusters with Dataplane v2 in versions 1.22.7-gke.1500+ or 1.23.4-gke.1600+. For configuration examples of Egress NAT policy, see Egress NAT Policy documentation.
@github-actions github-actions bot added the liens/Kubernetes Liens à propos de l'aktu label Apr 14, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
liens/Kubernetes Liens à propos de l'aktu
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
0 participants