Red Hat Product Errata RHBA-2022:8762 - Bug Fix Advisory
Issued:
2023-01-18
Updated:
2023-01-18

RHBA-2022:8762 - Bug Fix Advisory

Synopsis

OpenShift Security Profiles Operator release

Type/Severity

Bug Fix Advisory

Topic

The Security Profiles Operator is now available for the Red Hat OpenShift Enterprise 4 catalog.

Description

The Security Profiles Operator is now available for the Red Hat OpenShift Enterprise 4 catalog.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to:

https://docs.openshift.com/container-platform/4.12/updating/updating-cluster-cli.html

Affected Products

  • Red Hat OpenShift Container Platform 4.12 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.11 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.9 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.7 for RHEL 8 x86_64
  • Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64

Fixes

  • BZ - 2082099 - The seccompprofile could not reach ?installed? status due to length limitation when trying to create finalizer
  • BZ - 2084145 - metrics for security profiles operator could not show on GUI due to "no endpoints"
  • BZ - 2088200 - Security Profiles Operator should comply to restricted pod security level
  • BZ - 2089329 - The number of selinux profiles not correct for log based selinux profiles recording
  • BZ - 2095298 - Document that the log enricher based seccompprofiles and selinuxprofiles recording and metrics does not work for pod with privileged== true
  • BZ - 2104777 - When installing security profile operator from console, the ds spod report error : failed calling webhook "binding.spo.io"
  • OCPBUGS-2914 - Observed a panic in reconciler: runtime error: index out of range [1] with length 1
  • OCPBUGS-3431 - Failed to install Security Profiles operator due to a panic on a fips enabled cluster
  • OCPBUGS-3963 - Failed to install Security Profiles Operator to a namespace without openshift prefix
  • OCPBUGS-3690 - The number of selinuxprofiles generated by profilerecording was not correct
  • OCPBUGS-4070 - Could not get metrics for Security Profiles Operator from GUI
  • OCPBUGS-4787 - SPO does not merge recorded policies per-container but per pod with mergeStrategy=containers
  • OCPBUGS-4978 - SPO should say that the provider is Red Hat, not Kubernetes SIGs
  • OCPBUGS-4976 - SPO does not have the checkbox to enable metrics during GUI install

CVEs

(none)

References

(none)

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.