NodeLocal DNS version 1.21.0 image vulnerabilities reported for CVE-2021-3711 and CVE-2021-3712

[rtheis]

NodeLocal DNS version 1.21.0 image vulnerabilities reported for CVE-2021-3711 and CVE-2021-3712.

The scan results show that 2 ISSUES were found for the image.

Vulnerable Packages Found
=========================

Vulnerability ID   Policy Status   Affected Packages   How to Resolve   
CVE-2021-3711      Active          libssl1.1           Upgrade libssl1.1 to >= 1.1.1d-0+deb10u7   
CVE-2021-3712      Active          libssl1.1           Upgrade libssl1.1 to >= 1.1.1d-0+deb10u7   

To see the details about the fixes for these packages, run the command again with the '--extended' flag.

OK

[prameshj]

Thanks!

cc @wespanther @justaugustus Looks like we need a new debian base/iptables?
Do we need a new issue like kubernetes/release#2189?

[Rustem05]

Dns

[Rustem05]

Intra

[prameshj]

cc @rahulkjoshi

[prameshj]

This should be fixed with the 1.21.1 image being promoted in kubernetes/k8s.io#2759

[prameshj]

/assign @rtheis

Please verify and close if needed.

[rtheis]

I've verified this is now fixed:

[rtheis]

Thank you.