RHBA-2020:0014 - Bug Fix Advisory

Topic

Red Hat OpenShift Container Platform release 4.2.13 is now available with
updates to packages and images that fix several bugs.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container
Platform 4.2.13. See the following advisory for the RPM packages for this
release:

https://access.redhat.com/errata/RHBA-2020:0013

Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.2/release_notes/ocp-4-2-release-notes.html

You may download the oc tool and use it to inspect release image metadata
as follows:

$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.2.13

The image digest is sha256:782b41750f3284f3c8ee2c1f8cb896896da074e362cf8a472846356d1617752d

All OpenShift Container Platform 4.2 users are advised to upgrade to these
updated packages and images.

Solution

For OpenShift Container Platform 4.2 see the following documentation, which
will be updated shortly for release 4.2.13, for important instructions on
how to upgrade your cluster and fully apply this asynchronous errata
update:

https://docs.openshift.com/container-platform/4.2/release_notes/ocp-4-2-release-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.2/updating/updating-cluster-cli.html.

Affected Products

• Red Hat OpenShift Container Platform 4.2 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.2 for RHEL 7 x86_64
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.2 for RHEL 8 s390x
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.2 for RHEL 7 s390x

Fixes

• BZ - 1771358 - Unable to provision the cinder volume in OCP 4.2 on OSP 13
• BZ - 1772463 - 4.x oc client is not compatible with OCP 3.11 for some resources
• BZ - 1772768 - Avoid creating pod on windows worker for openshift-marketplace
• BZ - 1773665 - Add metric cpuinfo to node_exporter to gather cpu topology/hyperthreading information in telemetry
• BZ - 1775123 - OSP Keepalived static pod crashlooping
• BZ - 1775217 - Explore type access review tab incorrectly says "at the cluster scope"
• BZ - 1775250 - Metrics endpoints of catalog-operator and olm-operator are potentially broken by service CA rotation
• BZ - 1775836 - CVO not using proxy settings
• BZ - 1776936 - Non-unique Machine names in cluster-api-actuator-pkg E2E tests
• BZ - 1778235 - 4.2 backport: network operator crashes when infra.status.platformStatus is missing
• BZ - 1779743 - Cluster-autoscaler stuck on update, doesn't report status
• BZ - 1780213 - openshift-dns fails to start due to NetworkPluginNotReady message:Network plugin returns error: Missing CNI default network
• BZ - 1781055 - WithDashboardResources HOC has incorrect comparison for alerts results
• BZ - 1781160 - AWS: csr failed to approve if node has multiple ip addresses
• BZ - 1781281 - Kubelet metrics returned HTTP status 500 Internal Server Error
• BZ - 1781302 - [4.2.z] During a 4.2 to 4.3 upgrade skew test, build e2e tests continuously fail
• BZ - 1782588 - GCP destroy is leaking Project IAM bindings.
• BZ - 1782994 - Unable to boot RHCOS instances on remote libvirtd on s390x
• BZ - 1782999 - `crictl stats` doesn't show anything
• BZ - 1783013 - Unable to boot RHCOS instances using libvirtd on s390x
• BZ - 1784881 - [e2e-cmd] oc get is ruby-25-centos7 time out
• BZ - 1785268 - wrong yaml dep level in release-4.2 branch
• BZ - 1785533 - CVO extract job runs in the best-effort QoS, should be in burstable

CVEs

• CVE-2019-1348
• CVE-2019-1349
• CVE-2019-1352
• CVE-2019-1387
• CVE-2019-10086
• CVE-2019-11729
• CVE-2019-11745
• CVE-2019-17531
• CVE-2019-18397

References

(none)