RHBA-2023:4089 - Bug Fix Advisory

Topic

Custom Metrics Autoscaler Operator for Red Hat OpenShift bug fixes

Description

The Custom Metrics Autoscaler Operator for Red Hat OpenShift is an optional operator based upon the Kubernetes Event Driven Autoscaler (KEDA), which allows workloads to be scaled by using additional metrics sources (other than pod metrics).

This release fixes several bugs and should improve the user experience in certain situations.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Custom Metric Autoscaler 2 x86_64

Fixes

• OCPBUGS-15264 - keda-operator is missing files in /usr/share/zoneinfo from tzdata causing cron triggers with timezone set to fail
• OCPBUGS-15038 - OwnerRefInvalidNamespace rolebinding/keda-auth-reader in kube-system
• OCPBUGS-15293 - 'ownerReferences' section is added to the openshift-keda namespace when KedaController is deployed
• OCPBUGS-15274 - CMA prometheus trigger fails with error "error parsing prometheus metadata: pod identity cannot be enabled with other auth types"

CVEs

• CVE-2020-24736
• CVE-2023-1667
• CVE-2023-2283
• CVE-2023-26604

References

(none)