Security update for cni-plugins SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2020:1050-1 Final 1 1 2020-07-23T18:21:27Z current 2020-07-23T18:21:27Z 2020-07-23T18:21:27Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for cni-plugins This update for cni-plugins fixes the following issues: cni-plugins updated to version 0.8.6 - CVE-2020-10749: Fixed a potential Man-in-the-Middle attacks in IPv4 clusters by spoofing IPv6 router advertisements (bsc#1172410). Release notes: https://github.com/containernetworking/plugins/releases/tag/v0.8.6 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2020-1050 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BA7FX35L3WKZN6K2V7HF7RSMUNSP7RWF/ E-Mail link for openSUSE-SU-2020:1050-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1172410 SUSE Bug 1172410 https://www.suse.com/security/cve/CVE-2020-10749/ SUSE CVE CVE-2020-10749 page openSUSE Leap 15.2 cni-plugins-0.8.6-lp152.2.4.1 cni-plugins-0.8.6-lp152.2.4.1 as a component of openSUSE Leap 15.2 A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container. CVE-2020-10749 openSUSE Leap 15.2:cni-plugins-0.8.6-lp152.2.4.1 moderate 6 AV:N/AC:M/Au:S/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BA7FX35L3WKZN6K2V7HF7RSMUNSP7RWF/ https://www.suse.com/security/cve/CVE-2020-10749.html CVE-2020-10749 https://bugzilla.suse.com/1172375 SUSE Bug 1172375 https://bugzilla.suse.com/1172410 SUSE Bug 1172410