-
Story
-
Resolution: Done
-
Medium
-
None
-
None
Issue: we currently perform adhoc CLM/CVE governance because of a lack of automated CVE checking on our deployment stack like we do for the application stack
There are currently two security issues around kubernetes that we are working with - in the future we should be more proactive and have a CLM job or process that verifies these - in concert with the CD deployment in TSC-25
Kubernetes 1.11.5 (server only) in Rancher 1.6.25 has the same fix as kubernetes 1.12.3 for https://github.com/kubernetes/kubernetes/issues/71411 - see LOG-895
http://onap-integration.eastus.cloudapp.azure.com:3000/group/onap-integration
- relates to
-
SECCOM-245 CVE - CLM Nexus-iq alternatives - MISP or github/Microsoft security scans
- In Progress
-
TSC-58 Dublin Toolchain Improvement
- Closed
-
TSC-25 Task Force to implement CD (Continuous Deployment)
- Closed
-
LOG-895 Upgrade Rancher to 1.6.25 to address CVE-2018-1002105 and move to Kubernetes 1.11.5 (server side)
- Closed
-
OOM-1539 CVE-2018-1002105: proxy request handling in kube-apiserver can leave vulnerable TCP connections · Issue #71411 · kubernetes/kubernetes · GitHub
- Closed
- mentioned in
-
Page Loading...