|
|
Subscribe / Log in / New account

SUSE alert openSUSE-SU-2025:0318-1 (minikube)



From:
              opensuse-security@opensuse.org


To:
              security-announce@lists.opensuse.org


Subject:
              openSUSE-SU-2025:0318-1: important: Security update for minikube


Date:
              Mon, 25 Aug 2025 21:05:07 +0200


Message-ID:
              <20250825190507.0D8CEFF47@maintenance.suse.de>


Archive-link:
              Article



   openSUSE Security Update: Security update for minikube
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2025:0318-1
Rating:             important
References:         #1234528 
Cross-References:   CVE-2024-45337
CVSS scores:
                    CVE-2024-45337 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:
                    openSUSE Backports SLE-15-SP6
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:

   This update for minikube fixes the following issues:

   - Update to version 1.36.0:
     * Features
       - Support Kubernetes version v1.33.1 #20784
       - New flag "-f" to allow passing a config file for addon configure
         command. #20255
       - vfkit: bump to Preferred driver on macOs #20808
       - vfkit: new network option "--network vment-shared' for vfkit driver
         #20501
     * Bug Fixes:
       - fix bootpd check on macOS >= 15 #20400
       - fix bug in parsing proxies with dashes #20648
       - fix waiting for all pods having specified labels to be Ready #20315
       - fix: incorrect finalImg affecting downloading kic form github assets
         #20316
       - fix: reference missing files in schema (Closes #20752) #20761
       - Improvements:
       - Additional checks for 9p support #20288
       - vfkit: Graceful shutdown on stop #20504
       - vfkit: More robust state management #20506
       - vfkit vmnet: support running without sudoers configuration #20719
       - Revert "fix --wait's failure to work on coredns pods" #20313
     * Languages:
       - Add Indonesian translation #20494
       - Add more french translation #20361
       - Add more Korean translations #20634
       - Add more Chinese translations #20543#20543
       - fixed minor typo in german translation #20546
       - Version Updates:
       - Addon cloud-spanner: Update cloud-spanner-emulator/emulator image
         from 1.5.28 to 1.5.34 #20451 #20539 #20602#20623 #20670 #20704 #20795
       - Addon headlamp: Update headlamp-k8s/headlamp image from v0.26.0 to
         v0.28.0 #20311
       - Addon ingress: Update ingress-nginx/controller image from v1.11.3 to
         v1.12.2 #20789
       - Addon inspektor-gadget: Update inspektor-gadget image from v0.36.0
         to v0.40.0 #20325#20354#20512 #20736
       - Addon kong: Update kong image from 3.8.0 to 3.9.0 #20151 #20384
         #20728
       - Addon kong: Update kong/kubernetes-ingress-controller image from
         3.3.1 to 3.4.5 #20319#20446#20788
       - Addon kubevirt: Update bitnami/kubectl image from 1.31.3 to 1.33.1
         #20321#20349#20665#20731#20790
       - Addon nvidia-device-plugin: Update nvidia/k8s-device-plugin image
         from v0.17.0 to v0.17.2 #20786#20534
       - Addon registry: Update kube-registry-proxy image from 0.0.8 to 0.0.9
         #20717
       - Addon registry: Update registry image from 2.8.3 to 3.0.0 #20242
         #20425
       - Addon Volcano: Update volcano images from v1.10.0 to v1.11.2 #20318
         #20616 #20697
       - CNI: Update cilium from v1.17.0 to v3.30.0 #20419 #20390 #20584
         #20734 #20317 #20383 #20535 #20637 #20787
       - CNI: Update flannel from v0.26.2 to v0.26.7 #20385#20617 #20639
       - CNI: Update kindnetd from v20241108-5c6d2daf to v20250512-df8de77b
         #20327#20427 #20797
       - HA (multi-control plane): Update kube-vip from v0.8.10 to v0.9.1
         #20638#20238#20598 #20699
       - Kicbase: Bump ubuntu:jammy from 20240911.1 to 20250126 #20387 #20718
       - Kicbase/ISO: Update buildroot from 2023.02.9 to 2025.2 #20720
       - Kicbase/ISO: Update cni-plugins from v1.6.2 to v1.7.1 #20771
       - Kicbase/ISO: Update cri-dockerd from v0.3.15 to v0.4.0 #20747
       - Kicbase/ISO: Update docker from 27.4.0 to 28.0.4 #20436 #20523 #20591
       - Kicbase/ISO: Update runc from v1.2.3 to v1.3.0#20433#20604 #20764

   - update to 1.35.0 (boo#1234528, CVE-2024-45337):
     * Features:
       - Add support for AMD GPUs via --gpus=amd #19749
       - publish & download kicbase image in github release assets #19464
       - Support latest Kubernetes v1.32.0 #20091
       - Adds support for kubeadm.k8s.io/v1beta4 available since k8s v1.31
         #19790
     * Improvements:
       - Merge nvidia-gpu-device-plugin and nvidia-device-plugin. #19545
       - cilium: remove appArmorProfile for k8s<v1.30.0 #19888
       - auto-pause: restart service after configuration #19900
       - Revert "Change MINIKUBE_HOME logic" #20045
       - HA (multi-control plane): Update kube-vip from v0.8.6 to v0.8.7
         #20053
       - don't pollute minikube profile list with errors if exitcode is
         absent #19728
       - unified minikube cluster status query #18998
       - Vfkit driver: fix TestMachineType failing on macOS #19726
       - No more arch restriction on nerdctld #19730
       - remove helm-tiller addon #19636
       - More robust MAC address matching #19750
       - Add instructions to resolve docker context error #19197
     * Bug fixes:
       - fix --wait's failure to work on coredns pods #19748
       - Fix panic when no services in namespace with --all specified #19957
       - fix timeout when stopping KVM machine with CRI-O container runtime
         #19758
       - Fix long lines in lastStart.txt not outputting in log outputs #19740
       - Fix wrongly detecting kicbase arch as incorrect #19664
     * Breaking Changes:
       - skip building kvm2-arm64 till 19959 is resolved #20062
       - remove arm64 kvm #19985
     * Languages:
       - Add more Chinese translations #19490
       - Add more Chinese translations #19508
       - Fix chinnese translation on wrong line #19718
       - Add more chinnese translations #19962
       - Add more chinnese translations #19772
       - Fix french translation #19978
       - Improve french translation #19654
     * - Version Updates:
       - Please see the full changelog
       - https://github.com/kubernetes/minikube/releases/tag/v0.35.0


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Backports SLE-15-SP6:

      zypper in -t patch openSUSE-2025-318=1



Package List:

   - openSUSE Backports SLE-15-SP6 (aarch64 i586 x86_64):

      minikube-1.36.0-bp156.2.6.1

   - openSUSE Backports SLE-15-SP6 (aarch64 x86_64):

      docker-machine-driver-kvm2-1.36.0-bp156.2.6.1

   - openSUSE Backports SLE-15-SP6 (noarch):

      minikube-bash-completion-1.36.0-bp156.2.6.1
      minikube-fish-completion-1.36.0-bp156.2.6.1
      minikube-zsh-completion-1.36.0-bp156.2.6.1


References:

   https://www.suse.com/security/cve/CVE-2024-45337.html
   https://bugzilla.suse.com/1234528
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds