Hi all,
I don't think RPMs have a critical security vulnerability. The module in
problem should be origin-control-plane [1], which is container running within
OKD 3.11. I have two OKD 3.11 clusters , on each master node, I ran
docker pull docker.io/openshift/origin-control-plane:v3.11
On Mon, 7 Jan 2019 at 8:01 am, mabi wrote:
> ‐‐‐ Original Message ‐‐‐
> On Sunday, January 6, 2019 12:28 PM, Joel Pearson <
> japear...@agiledigital.com.au> wrote:
>
> I think it's worth mentioning here that the RPMs at
> http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin311/
‐‐‐ Original Message ‐‐‐
On Sunday, January 6, 2019 12:28 PM, Joel Pearson
wrote:
> I think it's worth mentioning here that the RPMs at
> http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin311/ have a
> critical security vulnerability, I think it's unsafe to use the RPMs if
Joel & all,
On the CVE subject you are correct however if you read [1] you will better
understand a) the PaaS sig process on how the Origin rpm is getting build
(based on the Origin release tag) and b) what is holding on getting a new
Origin v3.11 rpm out
Hope that helps a bit
Dani
[1]
I think it's worth mentioning here that the RPMs at
http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin311/ have a
critical security vulnerability, I think it's unsafe to use the RPMs if
you're planning on having your cluster available on the internet.