RHBA-2021:3747 - Bug Fix Advisory

Topic

Openshift Logging Bug Fix Release (5.2.2)

Description

• LOG-1738 - Before this update, the `ClusterLogging` custom resource (CR) applied the value of the `totalLimitSize` field to the Fluentd `total_limit_size` field, even if the required buffer space was not available. With this update, the CR applies the lesser of the two `totalLimitSize` or 'default' values to the Fluentd `total_limit_size` field.
• LOG-1739 - The current release fixes the configuration that caused the collector to flush its buffered messages before shutdown. This was a regression introduced in a prior release that could delay the termination and restart of collector pods.
• LOG-1780 - Due to an issue in the bundle manifests, the bundle was not eligible to install the operator through Operator Lifecycle Manager (OLM) on OpenShift 4.9. The current release fixes the bundle manifests to enable installs and upgrades in 4.9 again.

Solution

For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:

https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html

For Red Hat OpenShift Logging 5.2, see the following instructions to apply this update:

https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html

Affected Products

• Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64

Fixes

• LOG-1738 - fluentd total_limit_size sets value beyond available space
• LOG-1739 - [release-5.2] Regression introducing flush_at_shutdown
• LOG-1780 - Elasticsearch operator is incompatible with OpenShift minor versions greater than 4.8

CVEs

• CVE-2020-25648
• CVE-2021-22922
• CVE-2021-22923
• CVE-2021-22924
• CVE-2021-36222
• CVE-2021-37576
• CVE-2021-37750
• CVE-2021-38201

References

• null