Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade Traefik to v2.11.9 to address CVE-2024-45410 #11134

Closed
orenhecht opened this issue Oct 21, 2024 · 1 comment
Closed

Upgrade Traefik to v2.11.9 to address CVE-2024-45410 #11134

orenhecht opened this issue Oct 21, 2024 · 1 comment

Comments

@orenhecht
Copy link

orenhecht commented Oct 21, 2024
edited
Loading

The latest K3s release uses Traefik v2.11.8 which is affected by the high severity CVE-2024-45410 (Github labels it as Critical). While it was commented #10526 it can be easily missed and it doesn't have to be fixed by upgrading Traefik to v3.x, it can simply be fixed by doing a minor upgrade of Traefik to v2.11.9.

Thanks
@brandond
Copy link
Member

@github-project-automation github-project-automation bot moved this from New to Done Issue in K3s Development Oct 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
K3s Development
Status: Done Issue
Milestone
No milestone
Development

No branches or pull requests
2 participants
@brandond @orenhecht