Red Hat Product Errata RHBA-2022:1148 - Bug Fix Advisory
Issued:
2022-04-18
Updated:
2022-04-18

RHBA-2022:1148 - Bug Fix Advisory

Synopsis

OpenShift Compliance Operator bug fix and enhancement update

Type/Severity

Bug Fix Advisory

Topic

An updated OpenShift Compliance Operator image that fixes various bugs and
adds enhancements is now available for the Red Hat OpenShift Enterprise 4
catalog.

Description

The OpenShift Compliance Operator v0.1.49 is now available. See the documentation for bug fix and enhancement information:

https://docs.openshift.com/container-platform/4.10/security/compliance_operator/compliance-operator-release-notes.html

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:

https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html

Affected Products

  • Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.9 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.7 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform for Power 4.10 for RHEL 8 ppc64le
  • Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.10 for RHEL 8 s390x
  • Red Hat OpenShift Container Platform for ARM 64 4.10 aarch64

Fixes

  • BZ - 1994609 - The sdn related rules should show status ?NOT-APPLICABLE? instead of ?PASS? or ?FAIL? on OVN cluster
  • BZ - 2002695 - Instructions are incorrect of rule ocp4-moderate-routes-protected-by-tls
  • BZ - 2038909 - ocp4-cis-configure-network-policies-namespaces compliancecheck fails on cluster with >500 namespaces
  • BZ - 2049141 - The ClientAliveInterval value 600 is hard coded for rule's default value is 300. CCR is failing
  • BZ - 2053602 - The rule ocp4-cluster-version-operator-verify-integrity failing while checking CVO history.
  • BZ - 2058631 - Compliance rule: ocp4-api-server-no-adm-ctrl-plugins-disabled, is failing.
  • BZ - 2059611 - Using compliance operator with windows worker nodes in the cluster is causing Scans getting never finished

CVEs

(none)

References

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.