- Issued:
- 2023-01-18
- Updated:
- 2023-01-18
RHBA-2022:8762 - Bug Fix Advisory
Synopsis
OpenShift Security Profiles Operator release
Type/Severity
Bug Fix Advisory
Topic
The Security Profiles Operator is now available for the Red Hat OpenShift Enterprise 4 catalog.
Description
The Security Profiles Operator is now available for the Red Hat OpenShift Enterprise 4 catalog.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to:
https://docs.openshift.com/container-platform/4.12/updating/updating-cluster-cli.html
Affected Products
- Red Hat OpenShift Container Platform 4.12 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform 4.11 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform 4.9 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform 4.7 for RHEL 8 x86_64
- Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64
Fixes
- BZ - 2082099 - The seccompprofile could not reach ?installed? status due to length limitation when trying to create finalizer
- BZ - 2084145 - metrics for security profiles operator could not show on GUI due to "no endpoints"
- BZ - 2088200 - Security Profiles Operator should comply to restricted pod security level
- BZ - 2089329 - The number of selinux profiles not correct for log based selinux profiles recording
- BZ - 2095298 - Document that the log enricher based seccompprofiles and selinuxprofiles recording and metrics does not work for pod with privileged== true
- BZ - 2104777 - When installing security profile operator from console, the ds spod report error : failed calling webhook "binding.spo.io"
- OCPBUGS-2914 - Observed a panic in reconciler: runtime error: index out of range [1] with length 1
- OCPBUGS-3431 - Failed to install Security Profiles operator due to a panic on a fips enabled cluster
- OCPBUGS-3963 - Failed to install Security Profiles Operator to a namespace without openshift prefix
- OCPBUGS-3690 - The number of selinuxprofiles generated by profilerecording was not correct
- OCPBUGS-4070 - Could not get metrics for Security Profiles Operator from GUI
- OCPBUGS-4787 - SPO does not merge recorded policies per-container but per pod with mergeStrategy=containers
- OCPBUGS-4978 - SPO should say that the provider is Red Hat, not Kubernetes SIGs
- OCPBUGS-4976 - SPO does not have the checkbox to enable metrics during GUI install
CVEs
(none)
References
(none)
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.