Red Hat Product Errata RHBA-2017:0268 - Bug Fix Advisory
Issued:
2017-02-09
Updated:
2017-02-09

RHBA-2017:0268 - Bug Fix Advisory

Synopsis

Red Hat OpenShift Container Platform 3.4.1.5 bug fix update

Type/Severity

Bug Fix Advisory

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat OpenShift Container Platform release 3.4.1.5 is now available with
updates to packages and images that fix several bugs

Description

Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform release 3.4.1.5. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHBA-2017:0267

This update fixes the following bugs:

  • Users who had upgraded to OCP v3.4.0.39 may have had certain data stored in incorrect locations. This bug fix installs a migration script on your masters at /usr/share/openshift/migration/fix-3.4-paths.sh, which can be used to migrate bad data to the correct location. See https://access.redhat.com/solutions/2887651 for more information. (BZ#1416614)
  • Previously, there was no ability to delegate the user permissions to access kibana and kibana-ops. Granting the cluster-reader role gave users access to kibana, but not kibana-ops. The full cluster-admin rights granted more access than what was needed. This bug fix allows you to delegate the permissions to access kibana and kibana-ops. (BZ#1382670)
  • When users with system:image-pruner privileges ran the `oadm top images` command to list the images information, an error of "error: panic: runtime error: index out of range" was generated. This bug fix corrects the issue. (BZ#1415440)

All OpenShift Container Platform 3.4 users are advised to upgrade to these updated packages.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

See the OpenShift Container Platform 3.4 documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.

Affected Products

  • Red Hat OpenShift Container Platform 3.4 x86_64

Fixes

  • BZ - 1382670 - [RFE] Allow Cluster Reader to have access to the .all alias and .operations index
  • BZ - 1415440 - Can't top image info by command 'oadm top images'

CVEs

(none)

References

(none)

Red Hat OpenShift Container Platform 3.4

SRPM
atomic-openshift-3.4.1.5-1.git.0.690b5d4.el7.src.rpm SHA-256: 41713e1278c565dc90d2a925c9881877ba8a97a43ab6b85da5f6a9f014ed60a9
x86_64
atomic-openshift-3.4.1.5-1.git.0.690b5d4.el7.x86_64.rpm SHA-256: 850bd48c434103f7c90c2bccf618e55222562fe1dfde39f76d53e56b2d75c2ae
atomic-openshift-clients-3.4.1.5-1.git.0.690b5d4.el7.x86_64.rpm SHA-256: 43c0ea45e3aab2cfe9e17d8cc91825bafb8f57b8fbd5bd409dec4e1f37026e52
atomic-openshift-clients-redistributable-3.4.1.5-1.git.0.690b5d4.el7.x86_64.rpm SHA-256: 738606666e8a28258635c212108d579d4c70ddeb243e146d5927abdde21580c7
atomic-openshift-docker-excluder-3.4.1.5-1.git.0.690b5d4.el7.noarch.rpm SHA-256: 3291f290af341b940526d36a5f1d2fae6b2fe69210b1a24fec325f927355b13f
atomic-openshift-dockerregistry-3.4.1.5-1.git.0.690b5d4.el7.x86_64.rpm SHA-256: 8faef0f88015e922e21ab95a8a68023d2c1c36877658f368b63be57654e38f20
atomic-openshift-excluder-3.4.1.5-1.git.0.690b5d4.el7.noarch.rpm SHA-256: 5e4ec321fb2db900b7c70ebac28d65fecd405ca088d7c1755e1106300ab18765
atomic-openshift-master-3.4.1.5-1.git.0.690b5d4.el7.x86_64.rpm SHA-256: 546a704c2202f8f31a7ccaee05d159aa145eb723a510a17c8c2b791cfe8bb740
atomic-openshift-node-3.4.1.5-1.git.0.690b5d4.el7.x86_64.rpm SHA-256: 4428b0525f20d10289b40451a45a51fe2e32bb6bd91273b60cdba28cbcdf75f0
atomic-openshift-pod-3.4.1.5-1.git.0.690b5d4.el7.x86_64.rpm SHA-256: 24a06779f5978973e06b6e7e06049e3cb3b37d9f669d5793cfa499b261a6f97c
atomic-openshift-sdn-ovs-3.4.1.5-1.git.0.690b5d4.el7.x86_64.rpm SHA-256: 8b5be2d03fbbd95c84325a6af1b6ee56c1dc16e713b44ce73db2dc8b8f6df072
atomic-openshift-tests-3.4.1.5-1.git.0.690b5d4.el7.x86_64.rpm SHA-256: a8a8ccb1d456f7ad5ec89f78cb96df18107a47524a09fbf970fe45a5a1ceda12
tuned-profiles-atomic-openshift-node-3.4.1.5-1.git.0.690b5d4.el7.x86_64.rpm SHA-256: d15a77da972ce1466f4dbb6bd31149c373de041035014f4cf463df078ace7bd3

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.