From fe2dc151a609f3ce4e47207d8b0a5047a0ef7687 Mon Sep 17 00:00:00 2001 From: niusmallnan Date: Fri, 31 May 2019 14:27:07 +0800 Subject: [PATCH] Update for RancherOS v1.5.2 --- content/os/v1.x/en/about/security/_index.md | 2 + .../v1.x/en/installation/amazon-ecs/_index.md | 38 +++++++++---------- .../workstation/boot-from-iso/_index.md | 2 +- 3 files changed, 22 insertions(+), 20 deletions(-) diff --git a/content/os/v1.x/en/about/security/_index.md b/content/os/v1.x/en/about/security/_index.md index 5ff2e307ffe..c9b2320b0ae 100644 --- a/content/os/v1.x/en/about/security/_index.md +++ b/content/os/v1.x/en/about/security/_index.md @@ -36,3 +36,5 @@ weight: 303 | [L1 Terminal Fault](https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html) | L1 Terminal Fault is a hardware vulnerability which allows unprivileged speculative access to data which is available in the Level 1 Data Cache when the page table entry controlling the virtual address, which is used for the access, has the Present bit cleared or other reserved bits set. | 19 Sep 2018 | [RancherOS v1.4.1](https://github.com/rancher/os/releases/tag/v1.4.1) using Linux v4.14.67 | | [CVE-2018-3639](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639) | Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | 19 Sep 2018 | [RancherOS v1.4.1](https://github.com/rancher/os/releases/tag/v1.4.1) using Linux v4.14.67 | | [CVE-2018-17182](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17182) | The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations. | 18 Oct 2018 | [RancherOS v1.4.2](https://github.com/rancher/os/releases/tag/v1.4.2) using Linux v4.14.73 | +| [CVE-2019-5736](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736) | runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe. | 12 Feb 2019 | [RancherOS v1.5.1](https://github.com/rancher/os/releases/tag/v1.5.1) | +| [Microarchitectural Data Sampling (MDS)](https://www.kernel.org/doc/html/latest/x86/mds.html) | Microarchitectural Data Sampling (MDS) is a family of side channel attacks on internal buffers in Intel CPUs. The variants are: CVE-2018-12126, CVE-2018-12130, CVE-2018-12127, CVE-2019-11091 | 31 May 2019 | [RancherOS v1.5.2](https://github.com/rancher/os/releases/tag/v1.5.2) using Linux v4.14.122 | diff --git a/content/os/v1.x/en/installation/amazon-ecs/_index.md b/content/os/v1.x/en/installation/amazon-ecs/_index.md index 140686886ab..3019855fcf4 100644 --- a/content/os/v1.x/en/installation/amazon-ecs/_index.md +++ b/content/os/v1.x/en/installation/amazon-ecs/_index.md @@ -58,25 +58,25 @@ rancher: ### Amazon ECS enabled AMIs -Latest Release: [v1.5.1](https://github.com/rancher/os/releases/tag/v1.5.1) +Latest Release: [v1.5.2](https://github.com/rancher/os/releases/tag/v1.5.2) Region | Type | AMI ---|--- | --- -eu-north-1 | HVM - ECS enabled | [ami-064549188a66e7ea6](https://eu-north-1.console.aws.amazon.com/ec2/home?region=eu-north-1#launchInstanceWizard:ami=ami-064549188a66e7ea6) -ap-south-1 | HVM - ECS enabled | [ami-08595b2533a6195d2](https://ap-south-1.console.aws.amazon.com/ec2/home?region=ap-south-1#launchInstanceWizard:ami=ami-08595b2533a6195d2) -eu-west-3 | HVM - ECS enabled | [ami-0e3cd3d86a637b352](https://eu-west-3.console.aws.amazon.com/ec2/home?region=eu-west-3#launchInstanceWizard:ami=ami-0e3cd3d86a637b352) -eu-west-2 | HVM - ECS enabled | [ami-0f6ad4f7e408e1069](https://eu-west-2.console.aws.amazon.com/ec2/home?region=eu-west-2#launchInstanceWizard:ami=ami-0f6ad4f7e408e1069) -eu-west-1 | HVM - ECS enabled | [ami-0d8dae1cc019e6cef](https://eu-west-1.console.aws.amazon.com/ec2/home?region=eu-west-1#launchInstanceWizard:ami=ami-0d8dae1cc019e6cef) -ap-northeast-2 | HVM - ECS enabled | [ami-0c1f5bad8bbc0b6b2](https://ap-northeast-2.console.aws.amazon.com/ec2/home?region=ap-northeast-2#launchInstanceWizard:ami=ami-0c1f5bad8bbc0b6b2) -ap-northeast-1 | HVM - ECS enabled | [ami-0e47cb2a4e9efb985](https://ap-northeast-1.console.aws.amazon.com/ec2/home?region=ap-northeast-1#launchInstanceWizard:ami=ami-0e47cb2a4e9efb985) -sa-east-1 | HVM - ECS enabled | [ami-0e7f3fa6d7434b64c](https://sa-east-1.console.aws.amazon.com/ec2/home?region=sa-east-1#launchInstanceWizard:ami=ami-0e7f3fa6d7434b64c) -ca-central-1 | HVM - ECS enabled | [ami-0b004e903b48ed9a0](https://ca-central-1.console.aws.amazon.com/ec2/home?region=ca-central-1#launchInstanceWizard:ami=ami-0b004e903b48ed9a0) -ap-southeast-1 | HVM - ECS enabled | [ami-05235fc0bc8051a45](https://ap-southeast-1.console.aws.amazon.com/ec2/home?region=ap-southeast-1#launchInstanceWizard:ami=ami-05235fc0bc8051a45) -ap-southeast-2 | HVM - ECS enabled | [ami-057db347305e01f91](https://ap-southeast-2.console.aws.amazon.com/ec2/home?region=ap-southeast-2#launchInstanceWizard:ami=ami-057db347305e01f91) -eu-central-1 | HVM - ECS enabled | [ami-01bd38e3433481d8b](https://eu-central-1.console.aws.amazon.com/ec2/home?region=eu-central-1#launchInstanceWizard:ami=ami-01bd38e3433481d8b) -us-east-1 | HVM - ECS enabled | [ami-029bd9bf2b4521072](https://us-east-1.console.aws.amazon.com/ec2/home?region=us-east-1#launchInstanceWizard:ami=ami-029bd9bf2b4521072) -us-east-2 | HVM - ECS enabled | [ami-06cc66eb6efe0dc0d](https://us-east-2.console.aws.amazon.com/ec2/home?region=us-east-2#launchInstanceWizard:ami=ami-06cc66eb6efe0dc0d) -us-west-1 | HVM - ECS enabled | [ami-050723009f13ccdd5](https://us-west-1.console.aws.amazon.com/ec2/home?region=us-west-1#launchInstanceWizard:ami=ami-050723009f13ccdd5) -us-west-2 | HVM - ECS enabled | [ami-0e85f0edaeed888f1](https://us-west-2.console.aws.amazon.com/ec2/home?region=us-west-2#launchInstanceWizard:ami=ami-0e85f0edaeed888f1) -cn-north-1 | HVM - ECS enabled | [ami-0c0fca27431002bc6](https://cn-north-1.console.amazonaws.cn/ec2/home?region=cn-north-1#launchInstanceWizard:ami=ami-0c0fca27431002bc6) -cn-northwest-1 | HVM - ECS enabled | [ami-067c78822a0314717](https://cn-northwest-1.console.amazonaws.cn/ec2/home?region=cn-northwest-1#launchInstanceWizard:ami=ami-067c78822a0314717) +eu-north-1 | HVM - ECS enabled | [ami-0888272f6e3d16d05](https://eu-north-1.console.aws.amazon.com/ec2/home?region=eu-north-1#launchInstanceWizard:ami=ami-0888272f6e3d16d05) +ap-south-1 | HVM - ECS enabled | [ami-0f433c1f17388f74a](https://ap-south-1.console.aws.amazon.com/ec2/home?region=ap-south-1#launchInstanceWizard:ami=ami-0f433c1f17388f74a) +eu-west-3 | HVM - ECS enabled | [ami-0bde97d3226fb3780](https://eu-west-3.console.aws.amazon.com/ec2/home?region=eu-west-3#launchInstanceWizard:ami=ami-0bde97d3226fb3780) +eu-west-2 | HVM - ECS enabled | [ami-0871c68685772846c](https://eu-west-2.console.aws.amazon.com/ec2/home?region=eu-west-2#launchInstanceWizard:ami=ami-0871c68685772846c) +eu-west-1 | HVM - ECS enabled | [ami-0007e2490a3edba1d](https://eu-west-1.console.aws.amazon.com/ec2/home?region=eu-west-1#launchInstanceWizard:ami=ami-0007e2490a3edba1d) +ap-northeast-2 | HVM - ECS enabled | [ami-001432bab43108869](https://ap-northeast-2.console.aws.amazon.com/ec2/home?region=ap-northeast-2#launchInstanceWizard:ami=ami-001432bab43108869) +ap-northeast-1 | HVM - ECS enabled | [ami-0ca27790cc998f326](https://ap-northeast-1.console.aws.amazon.com/ec2/home?region=ap-northeast-1#launchInstanceWizard:ami=ami-0ca27790cc998f326) +sa-east-1 | HVM - ECS enabled | [ami-0dee69c3e943090d2](https://sa-east-1.console.aws.amazon.com/ec2/home?region=sa-east-1#launchInstanceWizard:ami=ami-0dee69c3e943090d2) +ca-central-1 | HVM - ECS enabled | [ami-08a3c4348c32901c8](https://ca-central-1.console.aws.amazon.com/ec2/home?region=ca-central-1#launchInstanceWizard:ami=ami-08a3c4348c32901c8) +ap-southeast-1 | HVM - ECS enabled | [ami-0e144ba210c6aca27](https://ap-southeast-1.console.aws.amazon.com/ec2/home?region=ap-southeast-1#launchInstanceWizard:ami=ami-0e144ba210c6aca27) +ap-southeast-2 | HVM - ECS enabled | [ami-014ef29b79c6c869a](https://ap-southeast-2.console.aws.amazon.com/ec2/home?region=ap-southeast-2#launchInstanceWizard:ami=ami-014ef29b79c6c869a) +eu-central-1 | HVM - ECS enabled | [ami-0cd059553ae2db346](https://eu-central-1.console.aws.amazon.com/ec2/home?region=eu-central-1#launchInstanceWizard:ami=ami-0cd059553ae2db346) +us-east-1 | HVM - ECS enabled | [ami-0dd393657bf06c830](https://us-east-1.console.aws.amazon.com/ec2/home?region=us-east-1#launchInstanceWizard:ami=ami-0dd393657bf06c830) +us-east-2 | HVM - ECS enabled | [ami-02ba4957a8e3c2f14](https://us-east-2.console.aws.amazon.com/ec2/home?region=us-east-2#launchInstanceWizard:ami=ami-02ba4957a8e3c2f14) +us-west-1 | HVM - ECS enabled | [ami-025ab38f4d044be62](https://us-west-1.console.aws.amazon.com/ec2/home?region=us-west-1#launchInstanceWizard:ami=ami-025ab38f4d044be62) +us-west-2 | HVM - ECS enabled | [ami-02ff2946d2cf94ef5](https://us-west-2.console.aws.amazon.com/ec2/home?region=us-west-2#launchInstanceWizard:ami=ami-02ff2946d2cf94ef5) +cn-north-1 | HVM - ECS enabled | [ami-07b80b3fba93cf7c3](https://cn-north-1.console.amazonaws.cn/ec2/home?region=cn-north-1#launchInstanceWizard:ami=ami-07b80b3fba93cf7c3) +cn-northwest-1 | HVM - ECS enabled | [ami-052db9ef3b5ed0e41](https://cn-northwest-1.console.amazonaws.cn/ec2/home?region=cn-northwest-1#launchInstanceWizard:ami=ami-052db9ef3b5ed0e41) diff --git a/content/os/v1.x/en/installation/running-rancheros/workstation/boot-from-iso/_index.md b/content/os/v1.x/en/installation/running-rancheros/workstation/boot-from-iso/_index.md index 5df0f0d6fb6..4d8c73ff2e8 100644 --- a/content/os/v1.x/en/installation/running-rancheros/workstation/boot-from-iso/_index.md +++ b/content/os/v1.x/en/installation/running-rancheros/workstation/boot-from-iso/_index.md @@ -5,7 +5,7 @@ weight: 102 The RancherOS ISO file can be used to create a fresh RancherOS install on KVM, VMware, VirtualBox, or bare metal servers. You can download the `rancheros.iso` file from our [releases page](https://github.com/rancher/os/releases/). -You must boot with at least **1280MB** of memory. If you boot with the ISO, you will automatically be logged in as the `rancher` user. Only the ISO is set to use autologin by default. If you run from a cloud or install to disk, SSH keys or a password of your choice is expected to be used. +You must boot with enough memory which you can refer to [here]({{< baseurl >}}/os/v1.x/en/overview/#hardware-requirements). If you boot with the ISO, you will automatically be logged in as the `rancher` user. Only the ISO is set to use autologin by default. If you run from a cloud or install to disk, SSH keys or a password of your choice is expected to be used. ### Install to Disk