RHBA-2022:1026 - Bug Fix Advisory

Topic

Red Hat OpenShift Container Platform release 4.10.6 is now available with
updates to packages and images that fix several bugs.

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container
Platform 4.10.6. See the following advisory for the RPM packages for this
release:

https://access.redhat.com/errata/RHSA-2022:1025

Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html

You may download the oc tool and use it to inspect release image metadata
as follows:

(For x86_64 architecture)

$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.10.6-x86_64

The image digest is sha256:88b394e633e09dc23aa1f1a61ededd8e52478edf34b51a7dbbb21d9abde2511a

(For s390x architecture)

$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.10.6-s390x

The image digest is sha256:e7a89a60498ab66113b4f5d6e6927fc0f8efd848b0ee53d841df191d276fae3d

(For ppc64le architecture)

$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.10.6-ppc64le

The image digest is sha256:a8a8ad44c289162aa590562d4d8e948fd352d0444cacbef767be4a4f8217c509

(For aarch64 architecture)

$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.10.6-aarch64

The image digest is sha256:69de9914f2efe44a5ae2e948f964ca1aa6ac6096982c5388aa0acd6227370989

All OpenShift Container Platform 4.10 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html

Solution

For OpenShift Container Platform 4.10 see the following documentation,
which will be updated shortly for this release, for important instructions
on how to upgrade your cluster and fully apply this asynchronous errata
update:

https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html

Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html

Affected Products

• Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
• Red Hat OpenShift Container Platform for ARM 64 4.10 aarch64

Fixes

• BZ - 2050064 - MachineSet is not scaling up due to an OpenStack error trying to create multiple ports with the same MAC address
• BZ - 2052446 - Many Conformance tests are failing in OCP 4.10 with Kuryr
• BZ - 2052839 - Respect overrides changes during installation
• BZ - 2054199 - The ProjectHelmChartRepositrory schema has merged but has not been initialized in the cluster yet
• BZ - 2055653 - Add xmlstarlet to handle JENKINS_PASSWORD
• BZ - 2056512 - Sort is broken for the Status and Version columns on the Cluster Settings > ClusterOperators page
• BZ - 2058267 - Better to named the oc-mirror version info with more information like the `oc version --client`
• BZ - 2059210 - ingress operator should report Upgradeable False to remind user before upgrade to 4.10 when Non-SAN certs are used
• BZ - 2059255 - CSIWithOldVSphereHWVersion alert recurring despite upgrade to vmx-15
• BZ - 2059807 - Services other than knative service also shows as KSVC in add subscription/trigger modal
• BZ - 2059989 - not all resources created during import have common labels
• BZ - 2060090 - Bootstrap server dropdown menu in Create Event Source- KafkaSource form is empty even if it's created
• BZ - 2060213 - [vSphere CSI driver Operator] hw_version_total metric update wrong value after upgrade nodes hardware version from `vmx-13` to `vmx-15`
• BZ - 2060718 - prometheus: Add validations for relabel configs
• BZ - 2060756 - CMO produces invalid alertmanager statefulset if console cluster .status.consoleURL is unset
• BZ - 2060888 - `oc debug node` does not meet compliance requirement
• BZ - 2060954 - [OVN RHEL upgrade] could not find IP addresses: failed to lookup link br-ex: Link not found
• BZ - 2061616 - Pre compute Jenkins Plugins list
• BZ - 2061785 - Image registry uses ICSPs only when source exactly matches image
• BZ - 2061995 - Node reboot causes duplicate persistent volumes
• BZ - 2062053 - Add Jitendar to approvers/reviewers
• BZ - 2062452 - CMO doesn't react to changes in clusteroperator console
• BZ - 2063117 - ose-aws-efs-csi-driver has invalid dependency in go.mod
• BZ - 2063283 - Ingress Operator is not closing TCP connections.
• BZ - 2063834 - [4.10z] High cpu load on Juniper Qfx5120 Network switches after upgrade to Openshift 4.8.26
• BZ - 2064510 - Community tasks not shown in pipeline builder page
• BZ - 2064731 - IBMCloud destroy DNS regex not strict enough
• BZ - 2065561 - (release-4.10) Gather kube-controller-manager pod logs with garbage collector errors
• BZ - 2065620 - Bump to latest available 1.23.5 k8s
• BZ - 2065672 - Console white-screens while using debug terminal
• BZ - 2066262 - Fallback to CAPI annotations

CVEs

• CVE-2022-25173
• CVE-2022-25174
• CVE-2022-25175
• CVE-2022-25176
• CVE-2022-25177
• CVE-2022-25178
• CVE-2022-25179
• CVE-2022-25180
• CVE-2022-25181
• CVE-2022-25182
• CVE-2022-25183
• CVE-2022-25184

References

(none)