Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHBA-2020:0676 - Bug Fix Advisory
Issued:
2020-03-10
Updated:
2020-03-10

RHBA-2020:0676 - Bug Fix Advisory

  • Overview

Synopsis

OpenShift Container Platform 4.3.5 bug fix update

Type/Severity

Bug Fix Advisory

Topic

Red Hat OpenShift Container Platform release 4.3.5 is now available with
updates to packages and images that fix several bugs.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container
Platform 4.3.5. See the following advisory for the RPM packages for this
release:

https://access.redhat.com/errata/RHBA-2020:0675

This update fixes the following bugs among others:

  • Serverless resources were listed with the API version v1beta1, which is deprecated. Those resources are now listed as v1. (BZ#1800615)
  • During k8 deployment, if images from the external image registry had tags, like `openshift/hello-world:1.0`, the tags were not being applied. This resulted in external images with tags not being imported during deployments. This bug fixes the tagging issue and users are now able to import external images with tags for deployments. (BZ#1804077)

Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html

You may download the oc tool and use it to inspect release image metadata
as follows:

$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.5-x86_64

The image digest is sha256:64320fbf95d968fc6b9863581a92d373bc75f563a13ae1c727af37450579f61a

All OpenShift Container Platform 4.3 users are advised to upgrade to these
updated packages and images.

Solution

Before applying this update, ensure all previously released errata relevant
to your system have been applied.

For OpenShift Container Platform 4.3 see the following documentation, which
will be updated shortly for release 4.3.5, for important instructions on
how to upgrade your cluster and fully apply this asynchronous errata
update:

https://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.

Affected Products

  • Red Hat OpenShift Container Platform 4.3 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.3 for RHEL 7 x86_64

Fixes

  • BZ - 1711606 - Preemption ExecutionPath e2e test fails
  • BZ - 1780378 - Missing openapi CRD definitions for oc explain to work
  • BZ - 1780657 - Dashboard screen - The gray background doesn't inherently extend to the bottom of browser. [openshift-4.3]
  • BZ - 1782558 - 404 not found when selecting edit action for cluster-scoped operands
  • BZ - 1784317 - ImportImageErrorsExist keeps true while no import error in openshift-samples clusteroperator.
  • BZ - 1785302 - [4.3] Missing openapi CRD definitions for oc explain to work
  • BZ - 1785845 - CI: build error: After retrying 2 times, Pull image still failed due to error: unable to retrieve auth token: invalid username/password
  • BZ - 1786272 - Pods number for Daemon Set is 0 on project "Workloads" page
  • BZ - 1788179 - [4.3.z] Finish Automate rotation of Service CA
  • BZ - 1788246 - 404 Not Found when one opens install plan to approve [openshift-4.3]
  • BZ - 1789023 - Convert KubeAPILatencyHigh to use anomaly detection
  • BZ - 1789084 - node_exporter does not report virt_platform{type="none"}
  • BZ - 1789857 - [oc-cli]oc-config command does not work with `--kubeconfig`
  • BZ - 1790525 - OCP 4.3 Copying directory in DockerFile BuildConfig raise from 1 second to 10 minutes.
  • BZ - 1791200 - Lack of configured alertmanager routes should be surfaced as an alert
  • BZ - 1791278 - Kuryr is forcing DNS over TCP even if octavia supports TCP/UDP listeners on the same port
  • BZ - 1791346 - Error occurs while removing the second CD-ROM
  • BZ - 1791730 - [4.3] ipv6 backports for origin
  • BZ - 1791852 - Update License Year for 2020
  • BZ - 1792164 - After OCP upgrade, a pod vethXXX interface was not re-added to the bridge br0
  • BZ - 1792334 - oc adm must-gather does not gather endpoint resources
  • BZ - 1794024 - [4.3] update deps to get k8s.io/client-go informer fix
  • BZ - 1794191 - [Multi Arch] cri-o rejects clone calls on s390x
  • BZ - 1794495 - Applying "ctrcfg" causes cri-o to fail to start on node reboot
  • BZ - 1796461 - [Events page] "Custom Resource" events only show up in "All Resources" type view [openshift-4.3]
  • BZ - 1796584 - Image Registry Needs Support for AWS Bahrain Region me-south-1
  • BZ - 1796618 - Allow IPv6 CIDRs to be used in install-config
  • BZ - 1796913 - operator-lifecycle-manager-packageserver fails to update with OwnerConflict and RequirementsUnknown events
  • BZ - 1797026 - [CLI] oc adm catalog build neither support "-a, --registry-config=" flag, nor uses podman registry credentials file
  • BZ - 1797655 - In IPv6 bare metal deployment kubelet binds on a VIP instead of the local address
  • BZ - 1798170 - baremetal: Remove .template from path in dhcp-dhclient-conf.yaml
  • BZ - 1798195 - Login to grafana fails on IPv6 environments
  • BZ - 1798344 - [sriov] [backport-4.3]SR-IOV VFs are recreated when sriov-network-config-daemon pod restarts on host for MTU do not be set
  • BZ - 1798573 - Imagestreams cannot be imported on an IPv6 AWS cluster because registry.redhat.io is not IPv6 enabled
  • BZ - 1798639 - baremetal: IPv6 add dhcp-duid to NetworkManager config
  • BZ - 1798805 - bootkube fails on bare metal deployment with IPv6 control plane becase it cannot resolve etcd* records
  • BZ - 1798869 - [OSP13withKuryr]Cannot pull image from image registry for no image registry internal address in /etc/hosts
  • BZ - 1799393 - LB in error status continuosly created without deleting previous ones
  • BZ - 1799401 - Failure updating security group rules from network policy
  • BZ - 1800320 - Adding a default pull secret using the UI doesn't link it with the "default" service account [openshift-4.3]
  • BZ - 1800331 - cannot impersonate the user group on console [openshift-4.3.z]
  • BZ - 1800338 - need to backport changes for adding LB for IBMCloud
  • BZ - 1800615 - Serverless resources are listed as v1beta1, instead of v1
  • BZ - 1801343 - Host parsing from resolv.conf doesn't handle IPv6 with %zone info
  • BZ - 1801638 - On a DHCP6 lease renew, the node gets in NotReady state
  • BZ - 1801660 - Some schema data is missing on explore page
  • BZ - 1802934 - Cluster-logging-operator couldn't upgrade from 4.3.1 to 4.3.2 due to `olm.skipRange: ‘>=4.2.0 <4.3.0’` in the csv file.
  • BZ - 1803145 - fix olm.skip range in elasticsearch-operator for art
  • BZ - 1803187 - [IPI baremetal]: map "default" string in hardware profile to baremetal-operator default
  • BZ - 1803215 - Local persistent storage operator is unexpectedly removing storageclass annotations
  • BZ - 1803265 - local-storage-operator does not update daemonset when new node is added to the selector
  • BZ - 1803742 - Improve NodeControllerDegraded condition messages
  • BZ - 1803805 - Timeouts are too short for openshift-baremetal-installer and not adjustable.
  • BZ - 1803935 - Installed Operators list page show an empty status when status.phase is Installing
  • BZ - 1803955 - "Environment" is spelled incorrectly in the "Add Secret to Workload" modal
  • BZ - 1804077 - Using Docker images for Applications not possible in Openshift 4.3.0
  • BZ - 1804169 - the minKubeVersion should be v1.16.0
  • BZ - 1804278 - Workers node deployment on bare metal with IPv6 control plane is blocked because worker nodes CSRs are not automatically approved
  • BZ - 1804463 - oc image mirror doesn't mirror manifestlist for single image manifestlists
  • BZ - 1805175 - NFD operator not building on golang-1.12
  • BZ - 1805410 - ose-operator-registry:v4.3.1-202002032140 unavailable as the base image
  • BZ - 1805444 - [4.3] Multus should not cause machine to go not ready when a default SDN is updated
  • BZ - 1805726 - [4.3] machineNetwork in noProxy list is flushed by Network-Operator
  • BZ - 1805865 - Ensure kube-apiserver advertises the correct IP on bare metal clusters
  • BZ - 1806009 - [4.3] update cluster-network-operator for latest ovn-kubernetes
  • BZ - 1806020 - [baremetal] NetworkManager does not always set hostname
  • BZ - 1806376 - [feature][backport-4.3] support SR-IOV NIC partitioning in SR-IOV Operator
  • BZ - 1806634 - kube-apiserver should never use the bootstrap etcd member
  • BZ - 1806667 - [4.3] merge latest code to all branches of ovn-kubernetes
  • BZ - 1806706 - Can't display images in own namespace
  • BZ - 1808004 - On Baremetal platform CRI-O often binds its streaming port on unsuitable addresses
  • BZ - 1808284 - [sriov] [backport 4.3]The exist net-attach-def disappeared when created multi sriovnetwork with same netnamespace
  • BZ - 1808431 - [4.3] No global tolerations for NodeCA DaemonSet
  • BZ - 1809296 - operator panic during gcp install
  • BZ - 1809924 - Can't access jenkins webconsole with 403 Forbidden

CVEs

  • CVE-2020-1712

References

(none)

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter