Hello!
INC1912628 ([Security Advisory] CVE-2021-25741: Symlink Exchange Can Allow Host Filesystem Access) has been resolved.
Opened for:Â distributo...@kubernetes.io
Followers:Â kubernete...@googlegroups.com, kuberne...@googlegroups.com, kubernetes-sec...@googlegroups.com, kubernetes-se...@googlegroups.com, distributo...@kubernetes.io, kubernetes+a...@discoursemail.com
Dhananjay Arunesh updated your request with the following comments:
How can I track and update my request?
We want to make sure we have provided you with a complete resolution.
Please review the resolution detail and let us know whether you are all set by approving the resolution.
Thank you,
Product Security
@Lisa Olson we have a CVE from the Kubernetes security group here. Can you help @Sarah and me kick off the process of documenting this to our customers, so they are aware that we are providing a fix for it? 😊
Â
Thank you
Max
--
You received this message because you are subscribed to the Google Groups "distributors-announce" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
distributors-ann...@kubernetes.io.
To view this discussion on the web visit
https://groups.google.com/a/kubernetes.io/d/msgid/distributors-announce/16562759.58599.1638266031910%40app141040.ytz3.service-now.com.
Hi Max,
Sorry, I was out last week. I understand that you are including an update Open Source library that includes the fix for this vulnerability. Is that correct?
What products are being updated? What are the new version numbers? When will the new versions be released?
Based on this, we can come up with a plan to document this in the Security Update Guide.
Lisa