This repository has been archived by the owner on Feb 5, 2020. It is now read-only.
Releases: coreos/tectonic-installer
Releases · coreos/tectonic-installer
1.9.6-tectonic.3
Tectonic 1.9.6-tectonic.3 (2019-02-20)
Core Components
- Updates the Kubelet to address heartbeat failures which cause Pods to be rescheduled erroneously
- Backports changes from Kubernetes PR #63492 which fixes the logic around the API to kubelet heartbeat connection
- Updates Docker for security fixes related to the runc escape (CVE CVE-2019-5736)
- Container Linux machines connected to Tectonic with automated host patching enabled will have already updated to 2051.0.0 (alpha channel), 2023.2.0 (beta channel), and 1967.5.0 (stable channel) with patched Docker versions
- Docker and runc were installed in a read-only manner that we believe already mitigated the effects of this CVE, but patches have been applied in addition
1.9.6-tectonic.2
Tectonic 1.9.6-tectonic.2 (2018-12-06)
Core Components
- Updates to Kubernetes 1.9.6 with security patches
- Addresses an unauthorized access vulnerability (CVE-2018-1002105) allowing complete exploitation of all pods running on a compute node to which a pod is scheduled with normal user privilege.
1.8.9-tectonic.4
Tectonic 1.8.9-tectonic.4 (2018-12-06)
Core Components
- Updates to Kubernetes 1.8.9 with security patches
- Addresses an unauthorized access vulnerability (CVE-2018-1002105) allowing complete exploitation of all pods running on a compute node to which a pod is scheduled with normal user privilege.
1.9.6-tectonic.1
Tectonic 1.9.6-tectonic.1 (2018-05-21)
Core Components
- Updates to Kubernetes 1.9.6
- Re-enables the correct functionality for using the subPath feature of Volume mounts. This was introduced as an overly aggressive solution to fix the security issues detailed in Kubernetes 1.8.9.
Tectonic Console
Updated theme that uses elements from the open-source PatternFly project.
Tectonic Application Lifecycle Management
Improve Console interface for Application Lifecycle Management to better reflect the structure of Kubernetes objects that represent your applications and Operators.
1.8.9-tectonic.3
Tectonic 1.8.9-tectonic.3 (2018-05-21)
Core Components
Allows upgrades from 1.8.9-tectonic.3 to later versions
1.8.9-tectonic.2
Tectonic 1.8.9-tectonic.2 (2018-04-10)
Tectonic Installer
- Security update: modifies etcd flags used on etcd Nodes to correctly use client authentication.
- Without this change, software running directly on a master node or worker node could connect to etcd unauthenticated. Pods running on the cluster were (and continue to be) blocked from accessing etcd.
- These changes apply to new installations only. Follow these instructions to modify a running etcd cluster.
1.7.14-tectonic.2
Tectonic 1.7.14-tectonic.2 (2018-04-10)
Tectonic Installer
- Security update: modifies etcd flags used on etcd Nodes to correctly use client authentication.
- Without this change, software running directly on a master node or worker node could connect to etcd unauthenticated. Pods running on the cluster were (and continue to be) blocked from accessing etcd.
- These changes apply to new installations only. Follow these instructions to modify a running etcd cluster.
1.8.9-tectonic.1
Tectonic 1.8.9-tectonic.1 (2018-03-15)
Core Components
- Updates to Kubernetes 1.8.9
- See the Kubelet upgrade guide for additional steps
- Addresses an unauthorized access and file traversal vulnerability (CVE-2017-1002101) allowing malicious Pods to access unauthorized files within a Volume or on the host.
- Only affects clusters using Pod Security Policies, which is not a default configuration
- Addresses an unauthorized access and file traversal vulnerability (CVE-2017-1002102) allowing malicious Pods to delete any file or directory on the host.
- Only affects clusters using Pod Security Policies, which is not a default configuration
1.8.4-tectonic.4
Tectonic 1.8.4-tectonic.4 (2018-03-15)
Core Components
- Allows upgrades from 1.7.14-tectonic.1 to later versions
1.7.14-tectonic.1
Tectonic 1.7.14-tectonic.1 (2018-03-15)
Core Components
- Updates to Kubernetes 1.7.14
- See the Kubelet upgrade guide for additional steps
- Addresses an unauthorized access and file traversal vulnerability (CVE-2017-1002101) allowing malicious Pods to access unauthorized files within a Volume or on the host.
- Only affects clusters using Pod Security Policies, which is not a default configuration
- Addresses an unauthorized access and file traversal vulnerability (CVE-2017-1002102) allowing malicious Pods to delete any file or directory on the host.
- Only affects clusters using Pod Security Policies, which is not a default configuration