Skip to content

Commit bf55dac

Browse files
jwilliams-mongojwilliams-mongo
committed
(DOCSP-9849): Operator 1.4.5 Release Notes (#239)
* (DOCSP-9849): Operator 1.4.5 Release Notes * (DOCSP-9849): adding notes for 1.2.5
1 parent a9d450b commit bf55dac

File tree

1 file changed

+72
-0
lines changed

1 file changed

+72
-0
lines changed

source/release-notes.txt

Lines changed: 72 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,42 @@ Release Notes for |k8s-op-full|
2020
Production Notes </reference/production-notes>
2121
Known Issues </reference/known-issues>
2222

23+
.. _ent-op-1.4.5:
24+
25+
|k8s-op-full| 1.4.5
26+
-------------------
27+
28+
Fixes CVE-2020-7922: |k8s| Operator generates potentially insecure certificates.
29+
30+
CVE Description
31+
~~~~~~~~~~~~~~~
32+
33+
X.509 certificates generated by the |k8s-op| may allow an attacker with
34+
access to the |k8s| cluster improper access to MongoDB instances.
35+
Customers who do not use X.509 authentication, and those who do not use
36+
the |k8s-op-short| to generate their X.509 certificates are unaffected.
37+
38+
Common Weakness Enumeration
39+
~~~~~~~~~~~~~~~~~~~~~~~~~~~
40+
41+
CWE-295: Improper Certificate Validation
42+
CVSS score: 6.4
43+
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
44+
45+
Affected Versions
46+
~~~~~~~~~~~~~~~~~
47+
48+
- 1.0, 1.1
49+
- 1.2.0 - 1.2.4
50+
- 1.3.0 - 1.3.1
51+
- 1.4.0 - 1.4.4
52+
53+
Fixed Versions
54+
~~~~~~~~~~~~~~
55+
56+
- 1.2.5
57+
- 1.4.5 and above
58+
2359
.. _ent-op-1.4.4:
2460

2561
|k8s-op-full| 1.4.4
@@ -295,6 +331,42 @@ Bug Fixes
295331

296332
- Sets ``USER`` in the |k8s-op-short| Docker image.
297333

334+
.. _ent-op-1.2.5:
335+
336+
|k8s-op-full| 1.2.5
337+
-------------------
338+
339+
Fixes CVE-2020-7922: |k8s| Operator generates potentially insecure certificates.
340+
341+
CVE Description
342+
~~~~~~~~~~~~~~~
343+
344+
X.509 certificates generated by the |k8s-op| may allow an attacker with
345+
access to the |k8s| cluster improper access to MongoDB instances.
346+
Customers who do not use X.509 authentication, and those who do not use
347+
the |k8s-op-short| to generate their X.509 certificates are unaffected.
348+
349+
Common Weakness Enumeration
350+
~~~~~~~~~~~~~~~~~~~~~~~~~~~
351+
352+
CWE-295: Improper Certificate Validation
353+
CVSS score: 6.4
354+
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
355+
356+
Affected Versions
357+
~~~~~~~~~~~~~~~~~
358+
359+
- 1.0, 1.1
360+
- 1.2.0 - 1.2.4
361+
- 1.3.0 - 1.3.1
362+
- 1.4.0 - 1.4.4
363+
364+
Fixed Versions
365+
~~~~~~~~~~~~~~
366+
367+
- 1.2.5
368+
- 1.4.5 and above
369+
298370
.. _ent-op-1.2.4:
299371

300372
|k8s-op-full| 1.2.4

0 commit comments

Comments
 (0)