Skip to content
This repository has been archived by the owner on Dec 7, 2023. It is now read-only.

Patch CVE-2019-18960 -- Use Firecracker v0.19.1 for ignite master #501

Merged
merged 3 commits into from
Dec 10, 2019
Merged

Patch CVE-2019-18960 -- Use Firecracker v0.19.1 for ignite master #501

merged 3 commits into from
Dec 10, 2019

Conversation

stealthybox
Copy link
Contributor

@stealthybox stealthybox commented Dec 10, 2019
edited
Loading

Ignite was unaffected as it was not using vsock for its vm's, but we were distributing vulnerable binaries.
This dependency update resolves the security issue.

Firecracker v0.18.1 Release Notes

Other details in #500

Changes:

  • Patch CVE-2019-18960 -- Use Firecracker v0.19.1 for ignite master
  • Update FIRECRACKER_ARCH_SUFFIX for FC v0.18.1/v0.19.1
  • make autogen tidy-in-docker

This patch is similar to #499

@stealthybox stealthybox merged commit ec973f9 into weaveworks:master Dec 10, 2019
@stealthybox stealthybox deleted the master-CVE-2019-18960 branch December 10, 2019 07:34
@stealthybox
Copy link
Contributor Author

stealthybox commented Dec 10, 2019
edited
Loading

local e2e runs:

  • make e2e E2E_REGEX=Containerd passed ✔️
  • make e2e E2E_REGEX=DockerBridge passed ✔️
  • make e2e E2E_REGEX=DockerAndCNI failed ❌, but is not a regression

@stealthybox stealthybox mentioned this pull request Dec 16, 2019
Closed
@luxas luxas added this to the v0.7.0 milestone Jun 2, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@twelho twelho Awaiting requested review from twelho

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v0.7.0
Development

Successfully merging this pull request may close these issues.
2 participants
@stealthybox @luxas