This topic lists the security fixes in Tanzu Application Platform v1.10 releases.
In this topic:
This release has the following security fixes, listed by package.
This release has the following security fixes, listed by package.
Package Name | Vulnerabilities Resolved |
---|---|
accelerator.apps.tanzu.vmware.com |
Expand to see the list |
amr-observer.apps.tanzu.vmware.com |
Expand to see the list |
apiserver.appliveview.tanzu.vmware.com |
Expand to see the list |
aws.services.tanzu.vmware.com |
Expand to see the list |
cartographer.conventions.apps.tanzu.vmware.com |
Expand to see the list |
cartographer.tanzu.vmware.com | |
cert-manager.tanzu.vmware.com |
Expand to see the list |
cnrs.tanzu.vmware.com | |
connector.appliveview.tanzu.vmware.com |
Expand to see the list |
contour.tanzu.vmware.com |
Expand to see the list |
controller.source.apps.tanzu.vmware.com |
Expand to see the list |
crossplane.tanzu.vmware.com | |
fluxcd-source-controller.tanzu.vmware.com |
Expand to see the list
|
java-lite.buildpacks.tanzu.vmware.com |
Expand to see the list |
metadata-store.apps.tanzu.vmware.com | |
nodejs-lite.buildpacks.tanzu.vmware.com |
Expand to see the list |
ruby-lite.buildpacks.tanzu.vmware.com |
Expand to see the list |
service-registry.spring.apps.tanzu.vmware.com | |
services-toolkit.tanzu.vmware.com |
Expand to see the list |
spring-cloud-gateway.tanzu.vmware.com | |
sso.apps.tanzu.vmware.com |
Expand to see the list |
tap-gui.tanzu.vmware.com |
Expand to see the list |
trivy.app-scanning.component.apps.tanzu.vmware.com |
Expand to see the list |
web-servers-lite.buildpacks.tanzu.vmware.com |
Expand to see the list |
Kernel level vulnerabilities are regularly identified and patched by Canonical. Tanzu Application Platform releases with available images, which might contain known vulnerabilities. When Canonical makes patched images available, Tanzu Application Platform incorporates these fixed images into future releases.
The kernel runs on your container host VM, not the Tanzu Application Platform container image. Even with a patched Tanzu Application Platform image, the vulnerability is not mitigated until you deploy your containers on a host with a patched OS. An unpatched host OS might be exploitable if the base image is deployed.