CVE-2020-10749: A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.
Let's stable 0.8.6 if ready.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ebb1b8642b751e00b904de12b008d589e1a9c529 commit ebb1b8642b751e00b904de12b008d589e1a9c529 Author: William Hubbs <williamh@gentoo.org> AuthorDate: 2020-07-23 15:22:03 +0000 Commit: William Hubbs <williamh@gentoo.org> CommitDate: 2020-07-23 15:23:47 +0000 net-misc/cni-plugins: stable 0.8.6 on amd64 Bug: https://bugs.gentoo.org/733352 Signed-off-by: William Hubbs <williamh@gentoo.org> net-misc/cni-plugins/cni-plugins-0.8.6.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Thanks William. Please cleanup.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=19bce26bc438759a138df6dc58097cf7918849f6 commit 19bce26bc438759a138df6dc58097cf7918849f6 Author: William Hubbs <williamh@gentoo.org> AuthorDate: 2020-07-25 15:31:13 +0000 Commit: William Hubbs <williamh@gentoo.org> CommitDate: 2020-07-25 15:32:27 +0000 net-misc/cni-plugins: security cleanup Bug: https://bugs.gentoo.org/733352 Signed-off-by: William Hubbs <williamh@gentoo.org> net-misc/cni-plugins/Manifest | 4 --- net-misc/cni-plugins/cni-plugins-0.8.2.ebuild | 38 -------------------------- net-misc/cni-plugins/cni-plugins-0.8.3.ebuild | 38 -------------------------- net-misc/cni-plugins/cni-plugins-0.8.4.ebuild | 39 --------------------------- net-misc/cni-plugins/cni-plugins-0.8.5.ebuild | 31 --------------------- 5 files changed, 150 deletions(-)
Thanks