quay.io/coreos/hyperkube image for v1.4.12

coreos / coreos-kubernetes

CoreOS Container Linux+Kubernetes documentation & Vagrant installers

https://coreos.com/kubernetes/docs/latest/

Apache License 2.0

1.1k stars 466 forks source link

quay.io/coreos/hyperkube image for v1.4.12 #875

Closed felixbuenemann closed 7 years ago

felixbuenemann commented 7 years ago

Please consider releasing a hyperkube image vor K8s v1.4.12 which contains security fixes for CVE-2016-8859. See Kubernetes Changelog since v1.4.9 for details.

peebs commented 7 years ago

@felixbuenemann That CVE doesn't affect hyperkube images only alpine based images. So you would just need to bump the manifests to use the images from the PR: https://github.com/kubernetes/kubernetes/pull/42937/files

In general I'd recommend using a both a newer k8s version if possible and a repository that gets more attention in regards to keeping manifests up to date. (coreos/tectonic-installer or kubernetes-incubator/bootkube if you want to handle compute setup yourself)

felixbuenemann commented 7 years ago

Thanks for the info.