Update 2025-01-16

rancher · Jan 16, 2025 · 52dfee4 · 52dfee4
1 parent f53cfb0
commit 52dfee4
Show file tree

Hide file tree

Showing 21 changed files with 399 additions and 234 deletions.
diff --git a/docs/csv/report-harvester-master-cves.csv b/docs/csv/report-harvester-master-cves.csv
@@ -611,6 +611,7 @@ rancher/nginx-ingress-controller:v1.10.5-hardened4,harvester/master,libgio-2_0-0
 rancher/nginx-ingress-controller:v1.10.5-hardened4,harvester/master,libglib-2_0-0,2.78.6-150600.4.3.1,sles,SUSE-SU-2024:4254-1,HIGH,,rancher/nginx-ingress-controller:v1.10.5-hardened4 (sles 15.6),2.78.6-150600.4.8.1,false,affected,
 rancher/nginx-ingress-controller:v1.10.5-hardened4,harvester/master,libgmodule-2_0-0,2.78.6-150600.4.3.1,sles,SUSE-SU-2024:4254-1,HIGH,,rancher/nginx-ingress-controller:v1.10.5-hardened4 (sles 15.6),2.78.6-150600.4.8.1,false,affected,
 rancher/nginx-ingress-controller:v1.10.5-hardened4,harvester/master,libgobject-2_0-0,2.78.6-150600.4.3.1,sles,SUSE-SU-2024:4254-1,HIGH,,rancher/nginx-ingress-controller:v1.10.5-hardened4 (sles 15.6),2.78.6-150600.4.8.1,false,affected,
+rancher/rancher-agent:v2.9.3,harvester/master,github.com/rancher/rancher,v2.9.3,gobinary,CVE-2024-52281,HIGH,https://avd.aquasec.com/nvd/cve-2024-52281,usr/bin/agent,2.9.4,false,affected,
 rancher/rancher-agent:v2.9.3,harvester/master,github.com/rancher/steve,v0.0.0-20241002125954-dd27bd0c8d30,gobinary,CVE-2024-52280,HIGH,https://avd.aquasec.com/nvd/cve-2024-52280,usr/bin/agent,0.0.0-20241029132712-2175e090fe4b,false,affected,
 rancher/rancher-agent:v2.9.3,harvester/master,k8s.io/kubernetes,v1.30.1,gobinary,CVE-2024-5321,HIGH,https://avd.aquasec.com/nvd/cve-2024-5321,usr/bin/agent,"1.27.16, 1.28.12, 1.29.7, 1.30.3",false,affected,
 rancher/rancher-agent:v2.9.3,harvester/master,stdlib,v1.20.13,gobinary,CVE-2024-24790,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-24790,usr/bin/kubectl,"1.21.11, 1.22.4",false,affected,severity_changed_due_to_suse_cvss_score
@@ -643,6 +644,7 @@ rancher/rancher:v2.9.3,harvester/master,stdlib,v1.21.10,gobinary,CVE-2024-24790,
 rancher/rancher:v2.9.3,harvester/master,stdlib,v1.21.10,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,usr/bin/kustomize,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score
 rancher/rancher:v2.9.3,harvester/master,stdlib,v1.22.3,gobinary,CVE-2024-24790,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-24790,usr/bin/loglevel,"1.21.11, 1.22.4",false,affected,severity_changed_due_to_suse_cvss_score
 rancher/rancher:v2.9.3,harvester/master,stdlib,v1.22.3,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,usr/bin/loglevel,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score
+rancher/rancher:v2.9.3,harvester/master,github.com/rancher/rancher,v2.9.3,gobinary,CVE-2024-52281,HIGH,https://avd.aquasec.com/nvd/cve-2024-52281,usr/bin/rancher,2.9.4,false,affected,
 rancher/rancher:v2.9.3,harvester/master,github.com/rancher/steve,v0.0.0-20241002125954-dd27bd0c8d30,gobinary,CVE-2024-52280,HIGH,https://avd.aquasec.com/nvd/cve-2024-52280,usr/bin/rancher,0.0.0-20241029132712-2175e090fe4b,false,affected,
 rancher/rancher:v2.9.3,harvester/master,k8s.io/kubernetes,v1.30.1,gobinary,CVE-2024-5321,HIGH,https://avd.aquasec.com/nvd/cve-2024-5321,usr/bin/rancher,"1.27.16, 1.28.12, 1.29.7, 1.30.3",false,affected,
 rancher/rancher:v2.9.3,harvester/master,stdlib,v1.22.6,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,usr/bin/rancher-machine,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score

diff --git a/docs/csv/report-harvester-master-stats.csv b/docs/csv/report-harvester-master-stats.csv
@@ -74,9 +74,9 @@ rancher/mirrored-prometheus-prometheus:v2.45.0,0,10,10
 rancher/mirrored-sig-storage-snapshot-controller:v8.1.0,0,0,0
 rancher/mirrored-sig-storage-snapshot-validation-webhook:v8.1.0,0,0,0
 rancher/nginx-ingress-controller:v1.10.5-hardened4,0,5,5
-rancher/rancher-agent:v2.9.3,0,3,3
+rancher/rancher-agent:v2.9.3,0,4,4
 rancher/rancher-webhook:v0.5.3,0,1,1
-rancher/rancher:v2.9.3,1,9,10
+rancher/rancher:v2.9.3,1,10,11
 rancher/rke2-cloud-provider:v1.30.6-0.20241016053533-5ec454f50e7a-build20241016,0,0,0
 rancher/rke2-runtime:v1.30.7-rke2r1,0,1,1
 rancher/shell:v0.1.24,1,17,18

diff --git a/docs/csv/report-harvester-v1.4-head-cves.csv b/docs/csv/report-harvester-v1.4-head-cves.csv
@@ -619,6 +619,7 @@ rancher/nginx-ingress-controller:v1.10.5-hardened4,harvester/v1.4-head,libgio-2_
 rancher/nginx-ingress-controller:v1.10.5-hardened4,harvester/v1.4-head,libglib-2_0-0,2.78.6-150600.4.3.1,sles,SUSE-SU-2024:4254-1,HIGH,,rancher/nginx-ingress-controller:v1.10.5-hardened4 (sles 15.6),2.78.6-150600.4.8.1,false,affected,
 rancher/nginx-ingress-controller:v1.10.5-hardened4,harvester/v1.4-head,libgmodule-2_0-0,2.78.6-150600.4.3.1,sles,SUSE-SU-2024:4254-1,HIGH,,rancher/nginx-ingress-controller:v1.10.5-hardened4 (sles 15.6),2.78.6-150600.4.8.1,false,affected,
 rancher/nginx-ingress-controller:v1.10.5-hardened4,harvester/v1.4-head,libgobject-2_0-0,2.78.6-150600.4.3.1,sles,SUSE-SU-2024:4254-1,HIGH,,rancher/nginx-ingress-controller:v1.10.5-hardened4 (sles 15.6),2.78.6-150600.4.8.1,false,affected,
+rancher/rancher-agent:v2.9.3,harvester/v1.4-head,github.com/rancher/rancher,v2.9.3,gobinary,CVE-2024-52281,HIGH,https://avd.aquasec.com/nvd/cve-2024-52281,usr/bin/agent,2.9.4,false,affected,
 rancher/rancher-agent:v2.9.3,harvester/v1.4-head,github.com/rancher/steve,v0.0.0-20241002125954-dd27bd0c8d30,gobinary,CVE-2024-52280,HIGH,https://avd.aquasec.com/nvd/cve-2024-52280,usr/bin/agent,0.0.0-20241029132712-2175e090fe4b,false,affected,
 rancher/rancher-agent:v2.9.3,harvester/v1.4-head,k8s.io/kubernetes,v1.30.1,gobinary,CVE-2024-5321,HIGH,https://avd.aquasec.com/nvd/cve-2024-5321,usr/bin/agent,"1.27.16, 1.28.12, 1.29.7, 1.30.3",false,affected,
 rancher/rancher-agent:v2.9.3,harvester/v1.4-head,stdlib,v1.20.13,gobinary,CVE-2024-24790,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-24790,usr/bin/kubectl,"1.21.11, 1.22.4",false,affected,severity_changed_due_to_suse_cvss_score
@@ -651,6 +652,7 @@ rancher/rancher:v2.9.3,harvester/v1.4-head,stdlib,v1.21.10,gobinary,CVE-2024-247
 rancher/rancher:v2.9.3,harvester/v1.4-head,stdlib,v1.21.10,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,usr/bin/kustomize,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score
 rancher/rancher:v2.9.3,harvester/v1.4-head,stdlib,v1.22.3,gobinary,CVE-2024-24790,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-24790,usr/bin/loglevel,"1.21.11, 1.22.4",false,affected,severity_changed_due_to_suse_cvss_score
 rancher/rancher:v2.9.3,harvester/v1.4-head,stdlib,v1.22.3,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,usr/bin/loglevel,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score
+rancher/rancher:v2.9.3,harvester/v1.4-head,github.com/rancher/rancher,v2.9.3,gobinary,CVE-2024-52281,HIGH,https://avd.aquasec.com/nvd/cve-2024-52281,usr/bin/rancher,2.9.4,false,affected,
 rancher/rancher:v2.9.3,harvester/v1.4-head,github.com/rancher/steve,v0.0.0-20241002125954-dd27bd0c8d30,gobinary,CVE-2024-52280,HIGH,https://avd.aquasec.com/nvd/cve-2024-52280,usr/bin/rancher,0.0.0-20241029132712-2175e090fe4b,false,affected,
 rancher/rancher:v2.9.3,harvester/v1.4-head,k8s.io/kubernetes,v1.30.1,gobinary,CVE-2024-5321,HIGH,https://avd.aquasec.com/nvd/cve-2024-5321,usr/bin/rancher,"1.27.16, 1.28.12, 1.29.7, 1.30.3",false,affected,
 rancher/rancher:v2.9.3,harvester/v1.4-head,stdlib,v1.22.6,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,usr/bin/rancher-machine,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score

diff --git a/docs/csv/report-harvester-v1.4-head-stats.csv b/docs/csv/report-harvester-v1.4-head-stats.csv
@@ -74,9 +74,9 @@ rancher/mirrored-prometheus-prometheus:v2.45.0,0,10,10
 rancher/mirrored-sig-storage-snapshot-controller:v8.1.0,0,0,0
 rancher/mirrored-sig-storage-snapshot-validation-webhook:v8.1.0,0,0,0
 rancher/nginx-ingress-controller:v1.10.5-hardened4,0,5,5
-rancher/rancher-agent:v2.9.3,0,3,3
+rancher/rancher-agent:v2.9.3,0,4,4
 rancher/rancher-webhook:v0.5.3,0,1,1
-rancher/rancher:v2.9.3,1,9,10
+rancher/rancher:v2.9.3,1,10,11
 rancher/rke2-cloud-provider:v1.30.6-0.20241016053533-5ec454f50e7a-build20241016,0,0,0
 rancher/rke2-runtime:v1.30.7-rke2r1,0,1,1
 rancher/shell:v0.1.24,1,17,18

diff --git a/docs/csv/report-harvester-v1.4.0-cves.csv b/docs/csv/report-harvester-v1.4.0-cves.csv
@@ -781,6 +781,7 @@ rancher/rancher:v2.9.2,harvester/v1.4.0,stdlib,v1.22.3,gobinary,CVE-2024-34156,M
 rancher/rancher:v2.9.2,harvester/v1.4.0,github.com/rancher/rancher,v2.9.2,gobinary,CVE-2023-32197,CRITICAL,https://avd.aquasec.com/nvd/cve-2023-32197,usr/bin/rancher,"2.8.9, 2.9.3",false,affected,
 rancher/rancher:v2.9.2,harvester/v1.4.0,github.com/rancher/rancher,v2.9.2,gobinary,CVE-2024-22036,CRITICAL,https://avd.aquasec.com/nvd/cve-2024-22036,usr/bin/rancher,"2.7.16, 2.8.9, 2.9.3",false,affected,
 rancher/rancher:v2.9.2,harvester/v1.4.0,github.com/rancher/rancher,v2.9.2,gobinary,CVE-2022-45157,HIGH,https://avd.aquasec.com/nvd/cve-2022-45157,usr/bin/rancher,"2.9.3, 2.8.9",false,affected,
+rancher/rancher:v2.9.2,harvester/v1.4.0,github.com/rancher/rancher,v2.9.2,gobinary,CVE-2024-52281,HIGH,https://avd.aquasec.com/nvd/cve-2024-52281,usr/bin/rancher,2.9.4,false,affected,
 rancher/rancher:v2.9.2,harvester/v1.4.0,github.com/rancher/steve,v0.0.0-20240911190153-79304d93b49b,gobinary,CVE-2024-52280,HIGH,https://avd.aquasec.com/nvd/cve-2024-52280,usr/bin/rancher,0.0.0-20241029132712-2175e090fe4b,false,affected,
 rancher/rancher:v2.9.2,harvester/v1.4.0,k8s.io/kubernetes,v1.30.1,gobinary,CVE-2024-5321,HIGH,https://avd.aquasec.com/nvd/cve-2024-5321,usr/bin/rancher,"1.27.16, 1.28.12, 1.29.7, 1.30.3",false,affected,
 rancher/rancher:v2.9.2,harvester/v1.4.0,stdlib,v1.22.5,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,usr/bin/rancher-machine,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score

diff --git a/docs/csv/report-harvester-v1.4.0-stats.csv b/docs/csv/report-harvester-v1.4.0-stats.csv
@@ -75,7 +75,7 @@ rancher/mirrored-sig-storage-snapshot-controller:v6.2.1,0,18,18
 rancher/mirrored-sig-storage-snapshot-validation-webhook:v6.2.2,0,17,17
 rancher/nginx-ingress-controller:v1.10.4-hardened3,0,11,11
 rancher/rancher-webhook:v0.5.2,0,1,1
-rancher/rancher:v2.9.2,4,15,19
+rancher/rancher:v2.9.2,4,16,20
 rancher/rke2-cloud-provider:v1.29.8-build20240910,0,1,1
 rancher/rke2-runtime:v1.29.9-rke2r1,0,0,0
 rancher/shell:v0.1.24,1,17,18

diff --git a/docs/csv/report-rancher-v2.10-head-cves.csv b/docs/csv/report-rancher-v2.10-head-cves.csv
@@ -220,10 +220,6 @@ rancher/flannel-cni:v1.4.1-rancher1,rancher/v2.10-head,stdlib,v1.21.7,gobinary,C
 rancher/flannel-cni:v1.4.1-rancher1,rancher/v2.10-head,stdlib,v1.21.7,gobinary,CVE-2024-24790,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-24790,opt/cni/bin/vlan,"1.21.11, 1.22.4",false,affected,severity_changed_due_to_suse_cvss_score
 rancher/flannel-cni:v1.4.1-rancher1,rancher/v2.10-head,stdlib,v1.21.7,gobinary,CVE-2023-45288,HIGH,https://avd.aquasec.com/nvd/cve-2023-45288,opt/cni/bin/vlan,"1.21.9, 1.22.2",false,affected,
 rancher/flannel-cni:v1.4.1-rancher1,rancher/v2.10-head,stdlib,v1.21.7,gobinary,CVE-2024-34156,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-34156,opt/cni/bin/vlan,"1.22.7, 1.23.1",false,affected,severity_changed_due_to_suse_cvss_score
-rancher/fleet:v0.11.3-rc.1,rancher/v2.10-head,github.com/go-git/go-git/v5,v5.12.1-0.20240629213349-b00c68ab7140,gobinary,CVE-2025-21613,HIGH,https://avd.aquasec.com/nvd/cve-2025-21613,usr/bin/fleet,5.13.0,false,affected,severity_changed_due_to_suse_cvss_score
-rancher/fleet:v0.11.3-rc.1,rancher/v2.10-head,github.com/go-git/go-git/v5,v5.12.1-0.20240629213349-b00c68ab7140,gobinary,CVE-2025-21614,HIGH,https://avd.aquasec.com/nvd/cve-2025-21614,usr/bin/fleet,5.13.0,false,affected,
-rancher/fleet:v0.11.3-rc.1,rancher/v2.10-head,github.com/go-git/go-git/v5,v5.12.1-0.20240629213349-b00c68ab7140,gobinary,CVE-2025-21613,HIGH,https://avd.aquasec.com/nvd/cve-2025-21613,usr/bin/fleetcontroller,5.13.0,false,affected,severity_changed_due_to_suse_cvss_score
-rancher/fleet:v0.11.3-rc.1,rancher/v2.10-head,github.com/go-git/go-git/v5,v5.12.1-0.20240629213349-b00c68ab7140,gobinary,CVE-2025-21614,HIGH,https://avd.aquasec.com/nvd/cve-2025-21614,usr/bin/fleetcontroller,5.13.0,false,affected,
 rancher/hardened-addon-resizer:1.8.20-build20240910,rancher/v2.10-head,golang.org/x/net,v0.17.0,gobinary,CVE-2024-45338,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-45338,pod_nanny,0.33.0,false,affected,severity_changed_due_to_suse_cvss_score
 rancher/hardened-addon-resizer:1.8.20-build20241001,rancher/v2.10-head,golang.org/x/net,v0.17.0,gobinary,CVE-2024-45338,MEDIUM,https://avd.aquasec.com/nvd/cve-2024-45338,pod_nanny,0.33.0,false,affected,severity_changed_due_to_suse_cvss_score
 rancher/hardened-calico:v3.28.1-build20240911,rancher/v2.10-head,libglib-2_0-0,2.78.6-150600.4.3.1,sles,SUSE-SU-2024:4254-1,HIGH,,rancher/hardened-calico:v3.28.1-build20240911 (sles 15.6),2.78.6-150600.4.8.1,false,affected,

diff --git a/docs/csv/report-rancher-v2.10-head-stats.csv b/docs/csv/report-rancher-v2.10-head-stats.csv
@@ -8,8 +8,8 @@ rancher/cis-operator:v1.3.5-rc.2,0,0,0
 rancher/eks-operator:v1.10.2-rc.3,0,0,0
 rancher/flannel-cni:v0.3.0-rancher9,0,32,32
 rancher/flannel-cni:v1.4.1-rancher1,0,10,10
-rancher/fleet-agent:v0.11.3-rc.1,0,0,0
-rancher/fleet:v0.11.3-rc.1,0,4,4
+rancher/fleet-agent:v0.11.3-rc.2,0,0,0
+rancher/fleet:v0.11.3-rc.2,0,0,0
 rancher/gke-operator:v1.10.2-rc.3,0,0,0
 rancher/hardened-addon-resizer:1.8.20-build20240910,0,0,0
 rancher/hardened-addon-resizer:1.8.20-build20241001,0,0,0