Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge v2.10.1 release branch into main #1600

Merged
merged 10 commits into from
Dec 19, 2024
Merged

Merge v2.10.1 release branch into main #1600

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
b641c16
[2.10.1] Update CNI table
sunilarjun Dec 16, 2024
ccfe370
[2.10.1] versions table
sunilarjun Dec 16, 2024
0272c00
[2.10.1] webhook table entry
sunilarjun Dec 16, 2024
1d696ba
[2.10.1] CSP adapter entry
sunilarjun Dec 16, 2024
29ae56f
[2.10.1] deprecated features entry
sunilarjun Dec 16, 2024
d853433
Revert "Add new CVE status"
sunilarjun Dec 16, 2024
db10877
Merge pull request #1595 from sunilarjun/2.10.1-maintenance
sunilarjun Dec 17, 2024
d935632
Revert "Revert "Add new CVE status""
sunilarjun Dec 17, 2024
278e55b
[2.10.1] update webhook entry
sunilarjun Dec 17, 2024
b9a23c4
Updating deprecated features release date
sunilarjun Dec 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions docs/faq/deprecated-features.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ Rancher will publish deprecated features as part of the [release notes](https://

| Patch Version | Release Date |
|---------------|---------------|
| [2.10.1](https://github.com/rancher/rancher/releases/tag/v2.10.1) | Dec 18, 2024 |
| [2.10.0](https://github.com/rancher/rancher/releases/tag/v2.10.0) | Nov 18, 2024 |

## What can I expect when a feature is marked for deprecation?
Expand Down
1 change: 1 addition & 0 deletions ...egrations-in-rancher/cloud-marketplace/aws-cloud-marketplace/install-adapter.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ In order to deploy and run the adapter successfully, you need to ensure its vers

| Rancher Version | Adapter Version |
|-----------------|------------------|
| v2.10.1 | v105.0.0+up5.0.1 |
| v2.10.0 | v105.0.0+up5.0.1 |

### 1. Gain Access to the Local Cluster
Expand Down
1 change: 0 additions & 1 deletion docs/reference-guides/rancher-security/security-advisories-and-cves.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ Rancher is committed to informing the community of security issues in our produc

| ID | Description | Date | Resolution |
|----|-------------|------|------------|
[CVE-2024-52282](https://github.com/rancher/rancher/security/advisories/GHSA-9c5p-35gj-jqp4) | A medium severity vulnerability was discovered within Rancher Manager whereby applications installed via Rancher Manager Apps Catalog store their Helm values directly into the Apps Custom Resource Definition, resulting in any users with GET access to it to be able to read any sensitive information that are contained within the Apps’ values. Additionally, the same information leaks into auditing logs when the audit level is set to equal or above 2. **Rancher v2.7 is vulnerable and hasn't received the fix**. | 19 Nov 2024 | Rancher [v2.9.4](https://github.com/rancher/rancher/releases/tag/v2.9.4) and [v2.8.10](https://github.com/rancher/rancher/releases/tag/v2.8.10). |
[CVE-2024-22036](https://github.com/rancher/rancher/security/advisories/GHSA-h99m-6755-rgwc) | A critical severity vulnerability was discovered within Rancher where a cluster or node driver can be used to escape the `chroot` jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher container itself. For test and development environments, based on a –privileged Docker container, it is possible to escape the Docker container and gain execution access on the host system. | 24 Oct 2024 | Rancher [v2.9.3](https://github.com/rancher/rancher/releases/tag/v2.9.3), [v2.8.9](https://github.com/rancher/rancher/releases/tag/v2.8.9) and [v2.7.16](https://github.com/rancher/rancher/releases/tag/v2.7.16) |
[CVE-2023-32197](https://github.com/rancher/rancher/security/advisories/GHSA-7h8m-pvw3-5gh4) | A critical severity vulnerability was discovered whereby Rancher Manager deployments containing Windows nodes have weak Access Control Lists (ACL), allowing `BUILTIN\Users` or `NT AUTHORITY\Authenticated Users` to view or edit sensitive files which could lead to privilege escalation. This vulnerability is exclusive to deployments that contain Windows nodes. Linux-only environments are not affected by it. **Rancher v2.7 is vulnerable and hasn't received the fix**. | 24 Oct 2024 | Rancher [v2.9.3](https://github.com/rancher/rancher/releases/tag/v2.9.3) and [v2.8.9](https://github.com/rancher/rancher/releases/tag/v2.8.9) |
[CVE-2022-45157](https://github.com/rancher/rancher/security/advisories/GHSA-xj7w-r753-vj8v) | A critical severity vulnerability was discovered in the way that Rancher stores vSphere's CPI (Cloud Provider Interface) and CSI (Container Storage Interface) credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a plaintext object inside Rancher. This vulnerability is only applicable to users that deploy clusters in vSphere environments. **Rancher v2.7 is vulnerable and hasn't received the fix**. | 24 Oct 2024 | Rancher [v2.9.3](https://github.com/rancher/rancher/releases/tag/v2.9.3) and [v2.8.9](https://github.com/rancher/rancher/releases/tag/v2.8.9) |
Expand Down
1 change: 1 addition & 0 deletions docs/reference-guides/rancher-webhook.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ Each Rancher version is designed to be compatible with a single version of the w

| Rancher Version | Webhook Version | Availability in Prime | Availability in Community |
|-----------------|-----------------|-----------------------|---------------------------|
| v2.10.1 | v0.6.1 | ✓ | ✓ |
| v2.10.0 | v0.6.1 | ✗ | ✓ |

## Why Do We Need It?
Expand Down
12 changes: 6 additions & 6 deletions shared-files/_cni-popularity.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
<!-- releaseTask -->
The following table summarizes different GitHub metrics to give you an idea of each project's popularity and activity levels. This data was collected in October 2024.
The following table summarizes different GitHub metrics to give you an idea of each project's popularity and activity levels. This data was collected in December 2024.

| Provider | Project | Stars | Forks | Contributors |
| ---- | ---- | ---- | ---- | ---- |
| Canal | https://github.com/projectcalico/canal | 717 | 100 | 20 |
| Flannel | https://github.com/flannel-io/flannel | 8.8k | 2.9k | 235 |
| Calico | https://github.com/projectcalico/calico | 6.0k | 1.3k | 356 |
| Weave | https://github.com/weaveworks/weave/ | 6.6k | 670 | 84 |
| Cilium | https://github.com/cilium/cilium | 20.2k | 3k | 853 |
| Canal | https://github.com/projectcalico/canal | 718 | 100 | 20 |
| Flannel | https://github.com/flannel-io/flannel | 8.9k | 2.9k | 234 |
| Calico | https://github.com/projectcalico/calico | 6.1k | 1.4k | 360 |
| Weave | https://github.com/weaveworks/weave/ | 6.6k | 672 | 84 |
| Cilium | https://github.com/cilium/cilium | 20.5k | 3k | 868 |
27 changes: 24 additions & 3 deletions src/pages/versions.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,12 @@ Here you can find links to supporting documentation for the current released ver
<th>Community</th>
</tr>
<tr>
<td><b>v2.10.0</b></td>
<td><b>v2.10.1</b></td>
<td><a href="https://ranchermanager.docs.rancher.com/v2.10">Documentation</a></td>
<td><a href="https://github.com/rancher/rancher/releases/tag/v2.10.0">Release Notes</a></td>
<td><center>N/A</center></td>
<td><a href="https://github.com/rancher/rancher/releases/tag/v2.10.1">Release Notes</a></td>
<td><center>N/A</center></td>
<td><center>&#10003;</center></td>
<td><center>&#10003;</center></td>
</tr>
</table>

Expand Down Expand Up @@ -92,6 +92,27 @@ Here you can find links to supporting documentation for the current released ver

### Past Versions

Here you can find links to supporting documentation for previous versions of Rancher v2.10, and their availability for [Rancher Prime](/v2.10/getting-started/quick-start-guides/deploy-rancher-manager/prime) and the Community version of Rancher:

<table>
<tr>
<th>Version</th>
<th>Documentation</th>
<th>Release Notes</th>
<th>Support Matrix</th>
<th>Prime</th>
<th>Community</th>
</tr>
<tr>
<td><b>v2.10.0</b></td>
<td><a href="https://ranchermanager.docs.rancher.com/v2.10">Documentation</a></td>
<td><a href="https://github.com/rancher/rancher/releases/tag/v2.10.0">Release Notes</a></td>
<td><center>N/A</center></td>
<td><center>N/A</center></td>
<td><center>&#10003;</center></td>
</tr>
</table>

Here you can find links to supporting documentation for previous versions of Rancher v2.9, and their availability for [Rancher Prime](/v2.9/getting-started/quick-start-guides/deploy-rancher-manager/prime) and the Community version of Rancher:

<table>
Expand Down
1 change: 1 addition & 0 deletions versioned_docs/version-2.10/faq/deprecated-features.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ Rancher will publish deprecated features as part of the [release notes](https://

| Patch Version | Release Date |
|---------------|---------------|
| [2.10.1](https://github.com/rancher/rancher/releases/tag/v2.10.1) | Dec 18, 2024 |
| [2.10.0](https://github.com/rancher/rancher/releases/tag/v2.10.0) | Nov 18, 2024 |

## What can I expect when a feature is marked for deprecation?
Expand Down
1 change: 1 addition & 0 deletions ...egrations-in-rancher/cloud-marketplace/aws-cloud-marketplace/install-adapter.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ In order to deploy and run the adapter successfully, you need to ensure its vers

| Rancher Version | Adapter Version |
|-----------------|------------------|
| v2.10.1 | v105.0.0+up5.0.1 |
| v2.10.0 | v105.0.0+up5.0.1 |

### 1. Gain Access to the Local Cluster
Expand Down
1 change: 1 addition & 0 deletions versioned_docs/version-2.10/reference-guides/rancher-webhook.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ Each Rancher version is designed to be compatible with a single version of the w

| Rancher Version | Webhook Version | Availability in Prime | Availability in Community |
|-----------------|-----------------|-----------------------|---------------------------|
| v2.10.1 | v0.6.1 | &check; | &check; |
| v2.10.0 | v0.6.1 | &cross; | &check; |

## Why Do We Need It?
Expand Down
1 change: 0 additions & 1 deletion ...s/version-2.7/reference-guides/rancher-security/security-advisories-and-cves.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ Rancher is committed to informing the community of security issues in our produc

| ID | Description | Date | Resolution |
|----|-------------|------|------------|
[CVE-2024-52282](https://github.com/rancher/rancher/security/advisories/GHSA-9c5p-35gj-jqp4) | A medium severity vulnerability was discovered within Rancher Manager whereby applications installed via Rancher Manager Apps Catalog store their Helm values directly into the Apps Custom Resource Definition, resulting in any users with GET access to it to be able to read any sensitive information that are contained within the Apps’ values. Additionally, the same information leaks into auditing logs when the audit level is set to equal or above 2. **Rancher v2.7 is vulnerable and hasn't received the fix**. | 19 Nov 2024 | Rancher [v2.9.4](https://github.com/rancher/rancher/releases/tag/v2.9.4) and [v2.8.10](https://github.com/rancher/rancher/releases/tag/v2.8.10). |
[CVE-2024-22036](https://github.com/rancher/rancher/security/advisories/GHSA-h99m-6755-rgwc) | A critical severity vulnerability was discovered within Rancher where a cluster or node driver can be used to escape the `chroot` jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher container itself. For test and development environments, based on a –privileged Docker container, it is possible to escape the Docker container and gain execution access on the host system. | 24 Oct 2024 | Rancher [v2.9.3](https://github.com/rancher/rancher/releases/tag/v2.9.3), [v2.8.9](https://github.com/rancher/rancher/releases/tag/v2.8.9) and [v2.7.16](https://github.com/rancher/rancher/releases/tag/v2.7.16) |
[CVE-2023-32197](https://github.com/rancher/rancher/security/advisories/GHSA-7h8m-pvw3-5gh4) | A critical severity vulnerability was discovered whereby Rancher Manager deployments containing Windows nodes have weak Access Control Lists (ACL), allowing `BUILTIN\Users` or `NT AUTHORITY\Authenticated Users` to view or edit sensitive files which could lead to privilege escalation. This vulnerability is exclusive to deployments that contain Windows nodes. Linux-only environments are not affected by it. **Rancher v2.7 is vulnerable and hasn't received the fix**. | 24 Oct 2024 | Rancher [v2.9.3](https://github.com/rancher/rancher/releases/tag/v2.9.3) and [v2.8.9](https://github.com/rancher/rancher/releases/tag/v2.8.9) |
[CVE-2022-45157](https://github.com/rancher/rancher/security/advisories/GHSA-xj7w-r753-vj8v) | A critical severity vulnerability was discovered in the way that Rancher stores vSphere's CPI (Cloud Provider Interface) and CSI (Container Storage Interface) credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a plaintext object inside Rancher. This vulnerability is only applicable to users that deploy clusters in vSphere environments. **Rancher v2.7 is vulnerable and hasn't received the fix**. | 24 Oct 2024 | Rancher [v2.9.3](https://github.com/rancher/rancher/releases/tag/v2.9.3) and [v2.8.9](https://github.com/rancher/rancher/releases/tag/v2.8.9) |
Expand Down
1 change: 0 additions & 1 deletion ...s/version-2.8/reference-guides/rancher-security/security-advisories-and-cves.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ Rancher is committed to informing the community of security issues in our produc

| ID | Description | Date | Resolution |
|----|-------------|------|------------|
[CVE-2024-52282](https://github.com/rancher/rancher/security/advisories/GHSA-9c5p-35gj-jqp4) | A medium severity vulnerability was discovered within Rancher Manager whereby applications installed via Rancher Manager Apps Catalog store their Helm values directly into the Apps Custom Resource Definition, resulting in any users with GET access to it to be able to read any sensitive information that are contained within the Apps’ values. Additionally, the same information leaks into auditing logs when the audit level is set to equal or above 2. **Rancher v2.7 is vulnerable and hasn't received the fix**. | 19 Nov 2024 | Rancher [v2.9.4](https://github.com/rancher/rancher/releases/tag/v2.9.4) and [v2.8.10](https://github.com/rancher/rancher/releases/tag/v2.8.10). |
[CVE-2024-22036](https://github.com/rancher/rancher/security/advisories/GHSA-h99m-6755-rgwc) | A critical severity vulnerability was discovered within Rancher where a cluster or node driver can be used to escape the `chroot` jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher container itself. For test and development environments, based on a –privileged Docker container, it is possible to escape the Docker container and gain execution access on the host system. | 24 Oct 2024 | Rancher [v2.9.3](https://github.com/rancher/rancher/releases/tag/v2.9.3), [v2.8.9](https://github.com/rancher/rancher/releases/tag/v2.8.9) and [v2.7.16](https://github.com/rancher/rancher/releases/tag/v2.7.16) |
[CVE-2023-32197](https://github.com/rancher/rancher/security/advisories/GHSA-7h8m-pvw3-5gh4) | A critical severity vulnerability was discovered whereby Rancher Manager deployments containing Windows nodes have weak Access Control Lists (ACL), allowing `BUILTIN\Users` or `NT AUTHORITY\Authenticated Users` to view or edit sensitive files which could lead to privilege escalation. This vulnerability is exclusive to deployments that contain Windows nodes. Linux-only environments are not affected by it. **Rancher v2.7 is vulnerable and hasn't received the fix**. | 24 Oct 2024 | Rancher [v2.9.3](https://github.com/rancher/rancher/releases/tag/v2.9.3) and [v2.8.9](https://github.com/rancher/rancher/releases/tag/v2.8.9) |
[CVE-2022-45157](https://github.com/rancher/rancher/security/advisories/GHSA-xj7w-r753-vj8v) | A critical severity vulnerability was discovered in the way that Rancher stores vSphere's CPI (Cloud Provider Interface) and CSI (Container Storage Interface) credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a plaintext object inside Rancher. This vulnerability is only applicable to users that deploy clusters in vSphere environments. **Rancher v2.7 is vulnerable and hasn't received the fix**. | 24 Oct 2024 | Rancher [v2.9.3](https://github.com/rancher/rancher/releases/tag/v2.9.3) and [v2.8.9](https://github.com/rancher/rancher/releases/tag/v2.8.9) |
Expand Down
1 change: 0 additions & 1 deletion ...s/version-2.9/reference-guides/rancher-security/security-advisories-and-cves.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ Rancher is committed to informing the community of security issues in our produc

| ID | Description | Date | Resolution |
|----|-------------|------|------------|
[CVE-2024-52282](https://github.com/rancher/rancher/security/advisories/GHSA-9c5p-35gj-jqp4) | A medium severity vulnerability was discovered within Rancher Manager whereby applications installed via Rancher Manager Apps Catalog store their Helm values directly into the Apps Custom Resource Definition, resulting in any users with GET access to it to be able to read any sensitive information that are contained within the Apps’ values. Additionally, the same information leaks into auditing logs when the audit level is set to equal or above 2. **Rancher v2.7 is vulnerable and hasn't received the fix**. | 19 Nov 2024 | Rancher [v2.9.4](https://github.com/rancher/rancher/releases/tag/v2.9.4) and [v2.8.10](https://github.com/rancher/rancher/releases/tag/v2.8.10). |
[CVE-2024-22036](https://github.com/rancher/rancher/security/advisories/GHSA-h99m-6755-rgwc) | A critical severity vulnerability was discovered within Rancher where a cluster or node driver can be used to escape the `chroot` jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher container itself. For test and development environments, based on a –privileged Docker container, it is possible to escape the Docker container and gain execution access on the host system. | 24 Oct 2024 | Rancher [v2.9.3](https://github.com/rancher/rancher/releases/tag/v2.9.3), [v2.8.9](https://github.com/rancher/rancher/releases/tag/v2.8.9) and [v2.7.16](https://github.com/rancher/rancher/releases/tag/v2.7.16) |
[CVE-2023-32197](https://github.com/rancher/rancher/security/advisories/GHSA-7h8m-pvw3-5gh4) | A critical severity vulnerability was discovered whereby Rancher Manager deployments containing Windows nodes have weak Access Control Lists (ACL), allowing `BUILTIN\Users` or `NT AUTHORITY\Authenticated Users` to view or edit sensitive files which could lead to privilege escalation. This vulnerability is exclusive to deployments that contain Windows nodes. Linux-only environments are not affected by it. **Rancher v2.7 is vulnerable and hasn't received the fix**. | 24 Oct 2024 | Rancher [v2.9.3](https://github.com/rancher/rancher/releases/tag/v2.9.3) and [v2.8.9](https://github.com/rancher/rancher/releases/tag/v2.8.9) |
[CVE-2022-45157](https://github.com/rancher/rancher/security/advisories/GHSA-xj7w-r753-vj8v) | A critical severity vulnerability was discovered in the way that Rancher stores vSphere's CPI (Cloud Provider Interface) and CSI (Container Storage Interface) credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a plaintext object inside Rancher. This vulnerability is only applicable to users that deploy clusters in vSphere environments. **Rancher v2.7 is vulnerable and hasn't received the fix**. | 24 Oct 2024 | Rancher [v2.9.3](https://github.com/rancher/rancher/releases/tag/v2.9.3) and [v2.8.9](https://github.com/rancher/rancher/releases/tag/v2.8.9) |
Expand Down
Loading