RHBA-2022:4657 - Bug Fix Advisory

Topic

An updated OpenShift Compliance Operator image that fixes various bugs is now available for the Red Hat OpenShift Enterprise 4
catalog.

Description

The OpenShift Compliance Operator v0.1.52 is now available. See the documentation for bug fix information:

https://docs.openshift.com/container-platform/4.10/security/compliance_operator/compliance-operator-release-notes.html

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:

https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html

Affected Products

• Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.9 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.7 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64

Fixes

• BZ - 2071854 - After applying KubeletConfig by Compliance operator - the Kubelet goes into NotReady
• BZ - 2072431 - ocp4-cis-modified-configure-network-policies can be verified and should not be manual
• BZ - 2075029 - Cluster Autoscaler is failing to scale down Nodes because of Compliance Operator
• BZ - 2082151 - DAC_OVERRIDE capability is required by Compliance Operator
• BZ - 2082431 - The remediation doesn?t work for rule ocp4-kubelet-configure-tls-cipher-suites

CVEs

• CVE-2018-25032
• CVE-2021-3634
• CVE-2021-3737
• CVE-2021-4115
• CVE-2021-4189
• CVE-2021-23177
• CVE-2021-31566
• CVE-2022-0778
• CVE-2022-1154
• CVE-2022-1271
• CVE-2022-24407

References

• null