RHBA-2022:0014 - Bug Fix Advisory

Topic

An updated OpenShift Compliance Operator image that fixes various bugs and
adds enhancements is now available for the Red Hat OpenShift Enterprise 4
catalog.

Description

The OpenShift Compliance Operator v0.1.47 image update is available with the
following changes:

Enhancements

• Add "infrastructure" to resources we always fetch
• Implement version applicability for remediations
• Add permissions to get and list machinesets
• Add support for rendering variable in rule objects

Bug Fixes:

• Remove permissions for the aggregator to list nodes
• Fix Kubernetes version dependency parsing bug

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.7 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64

Fixes

• BZ - 1965511 - Error: parsed key is not in key set: 'RuleFolder'
• BZ - 2032420 - The remediation settings apply through kubeletconfig are not persistent on subsequent scan
• BZ - 2033009 - The sshd-related remediations are not rendered

CVEs

• CVE-2018-20673
• CVE-2019-5827
• CVE-2019-13750
• CVE-2019-13751
• CVE-2019-17594
• CVE-2019-17595
• CVE-2019-18218
• CVE-2019-19603
• CVE-2019-20838
• CVE-2020-12762
• CVE-2020-13435
• CVE-2020-14155
• CVE-2020-16135
• CVE-2020-24370
• CVE-2021-3200
• CVE-2021-3426
• CVE-2021-3445
• CVE-2021-3572
• CVE-2021-3580
• CVE-2021-3778
• CVE-2021-3796
• CVE-2021-3800
• CVE-2021-20231
• CVE-2021-20232
• CVE-2021-20266
• CVE-2021-22876
• CVE-2021-22898
• CVE-2021-22925
• CVE-2021-23840
• CVE-2021-23841
• CVE-2021-27645
• CVE-2021-28153
• CVE-2021-33560
• CVE-2021-33574
• CVE-2021-35942
• CVE-2021-36084
• CVE-2021-36085
• CVE-2021-36086
• CVE-2021-36087
• CVE-2021-42574

References

• null