RHBA-2023:5958 - Bug Fix Advisory

Topic

An updated OpenShift Security Profiles Operator image that fixes various bugs is now available for the Red Hat OpenShift Enterprise 4 catalog.

Description

The OpenShift Security Profiles Operator v0.8.2 is now available. See the documentation for bug fix information:

https://docs.openshift.com/container-platform/4.14/security/security_profiles_operator/spo-release-notes.html

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to:

https://docs.openshift.com/container-platform/4.14/updating/updating_a_cluster/updating-cluster-cli.html

Affected Products

• Red Hat OpenShift Container Platform 4.13 for RHEL 9 x86_64
• Red Hat OpenShift Container Platform 4.12 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.11 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.10 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.9 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.7 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.6 for RHEL 8 x86_64

Fixes

• OCPBUGS-17164 - SelinuxProfiles do not inherit the custom SelinuxProfiles from the same namespace
• OCPBUGS-19744 - SPO RawSelinuxProfile failed to create
• OCPBUGS-22182 - Seccompprofile log-enricher-trace will stuck at ?pending? status after setting enableLogEnricher to true
• OCPBUGS-22406 - Security Profiles Operator generating high cardinality metrics

CVEs

• CVE-2021-43618
• CVE-2023-2602
• CVE-2023-2603
• CVE-2023-3446
• CVE-2023-3817
• CVE-2023-4641
• CVE-2023-5678
• CVE-2023-5981
• CVE-2023-29491
• CVE-2023-29499
• CVE-2023-32611
• CVE-2023-32665
• CVE-2023-36054
• CVE-2023-38545
• CVE-2023-38546
• CVE-2023-39615
• CVE-2023-39975
• CVE-2023-44487

References

(none)