RHBA-2022:0142 - Bug Fix Advisory

Topic

An updated openshift-file-integrity-operator image that fixes various bugs and/or enhancements is now available for the Red Hat OpenShift Enterprise 4 catalog.

Description

The file-integrity-operator image update is available with the following changes:

• Previously, a system with a File Integrity Operator installed might interrupt the OpenShift Container Platform update, due to the `/etc/kubernetes/aide.reinit` file. This occurred if the `/etc/kubernetes/aide.reinit` file was present, but later removed prior to the `ostree` validation. With this update, `/etc/kubernetes/aide.reinit` is moved to the `/run` directory so that it does not conflict with the OpenShift Container Platform update. For more information, see https://bugzilla.redhat.com/show_bug.cgi?id=2033311.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.7 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64

Fixes

• BZ - 2033311 - FIO should not create aide.reinit under /etc/

CVEs

• CVE-2019-5827
• CVE-2019-13750
• CVE-2019-13751
• CVE-2019-17594
• CVE-2019-17595
• CVE-2019-18218
• CVE-2019-19603
• CVE-2019-20838
• CVE-2020-12762
• CVE-2020-13435
• CVE-2020-14155
• CVE-2020-16135
• CVE-2020-24370
• CVE-2021-3200
• CVE-2021-3426
• CVE-2021-3445
• CVE-2021-3572
• CVE-2021-3580
• CVE-2021-3712
• CVE-2021-3778
• CVE-2021-3796
• CVE-2021-3800
• CVE-2021-20231
• CVE-2021-20232
• CVE-2021-20266
• CVE-2021-22876
• CVE-2021-22898
• CVE-2021-22925
• CVE-2021-27645
• CVE-2021-28153
• CVE-2021-33560
• CVE-2021-33574
• CVE-2021-35942
• CVE-2021-36084
• CVE-2021-36085
• CVE-2021-36086
• CVE-2021-36087
• CVE-2021-42574

References

• null