Red Hat Product Errata RHBA-2020:5601 - Bug Fix Advisory
Issued:
2020-12-17
Updated:
2020-12-17

RHBA-2020:5601 - Bug Fix Advisory

Synopsis

OpenShift Container Storage 3.11.z Container Images Bug Fix Update

Type/Severity

Bug Fix Advisory

Topic

Updated container images that fix various bugs are now available for Red Hat OpenShift Container Storage 3.11 Update 6 in the Red Hat Container Registry.

Description

The OpenShift Container Storage solution provides persistent storage service for OpenShift Containers and OpenShift Infrastructure services.

This advisory fixes the following bugs:

  • Previously, Heketi could not collect debug information on bricks that could not be unmounted, because of the missing lsof command in the container. With this update, the lsof package is included in the rhgs-server container image. Heketi can now collect the list of applications that prevent a brick from unmounting. (BZ#1814287)
  • Previously, the ssh server in the rhgs-server container image supported SHA1 kex algorithms. These are considered weak algorithms and must be disabled. The default configuration in the sshd config no longer includes SHA1 based kex algorithms. For more information, refer to https://access.redhat.com/solutions/4278651. (BZ#1821615)

All users of OpenShift Container Storage 3.11 container images are advised to pull these updated images from the Red Hat Container Registry.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Gluster Storage Server for On-premise 3 for RHEL 7 x86_64

Fixes

  • BZ - 1787998 - [Tracker #1721355] Heal info gets stuck, Because of which device remove is getting failed from heketi side.
  • BZ - 1814287 - Include lsof in server container images
  • BZ - 1821615 - [GSS] SSH Server has sha1 weak kex enabled in glusterfs container
  • BZ - 1829396 - respin rhgs-gluster-block-prov container for OCS 3.11.6
  • BZ - 1892684 - Respin the rhgs-server-container container to include latest glusterfs rpm for RHGS 3.5.3 update 3

References

(none)

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.