RHBA-2023:3921 - Bug Fix Advisory

Topic

This is the multiarch release of the AMQ Broker 7.11.1 aligned Operator and associated container images on Red Hat Enterprise Linux 8 for the OpenShift Container Platform.

Description

Red Hat Middleware for OpenShift provides images for many of the Red Hat Middleware products for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments.

For information on supported configurations, see Red Hat AMQ Broker 7 Supported Configurations at https://access.redhat.com/articles/2791941

Solution

To update to the latest image please refer to the AMQ container images in the Red Hat Container catalog.

Affected Products

• Red Hat OpenShift Container Platform 4.12 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.11 for RHEL 8 x86_64
• Red Hat JBoss Middleware 1 x86_64

Fixes

• ENTMQBR-7913 - Enabling the console with SSL the operator fails to retrieve the status
• ENTMQBR-8074 - Status.upgrades (default false) information not visible in the CR json/yaml
• ENTMQBR-8012 - comments with preceding white space, in secret java properties file content, fail to sync in error
• ENTMQBR-7963 - multiple ordinals in broker properties can result in unordered vol mount data and unnecessary statefulset generations
• ENTMQBR-7915 - ordinal in broker properties will trample on other secrets in extra mounts
• ENTMQBR-7829 - [Operator] PodDisruptionBudget is not part of the deployed resources list
• ENTMQBR-7830 - [Operator, logging] Validation failure is missing from operator logs
• ENTMQBR-7899 - Broken image fails to start when OpenSSL provide is specified
• ENTMQBR-7923 - be able to configure (potentially conflicting) version and custom init image on AMQ Broker operator

CVEs

• CVE-2022-2795
• CVE-2022-36227
• CVE-2023-24329
• CVE-2023-27535

References

• https://access.redhat.com/documentation/en-us/red_hat_amq_broker