SUSE Support

Here When You Need Us

How (quickly) does Rancher respond to / resolve industry-reported vulnerabilities?

This document (000020476) is provided subject to the disclaimer at the end of this document.

Environment

The following information applies to the following SUSE products
  • Rancher
  • RKE
  • RKE2
  • K3s
  • Harvester
  • Longhorn
  • NeuVector

Resolution

For industry-reported vulnerabilities in Rancher, RKE, RKE2, K3s, Harvester, Longhorn, NeuVector and upstream vulnerabilities in Kubernetes, Docker, and containerd, SUSE Rancher strives to adhere to industry standards and best practices. Due to the nature of upstream dependencies inherent to open-source software, the final delivery of patch releases may vary in timeline. We will prioritize our efforts and coordinate with upstream organizations and third-party entities according to the following guidelines:
 

  • Critical: Immediate engagement to remediate the issue in code, and/or coordinate with upstream and/or third-party entities to deliver the remediation in the shortest timeline available. This includes creating an emergency release patch version when an existing one is not readily available.
  • High: Prioritized engagement to align the delivery of the remediation with our next available release cycle. Emergency releases should only be needed unless the timing is such that the next available security release cycle is not in a reasonable timeline.

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:000020476
  • Creation Date: 10-Nov-2021
  • Modified Date:29-Jul-2024
    • SUSE Rancher Harvester
    • SUSE Rancher
    • SUSE Rancher Longhorn
    • NeuVector

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

tick icon

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

tick icon

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

tick icon

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.