RHBA-2023:6863 - Bug Fix Advisory

Topic

Updated container images that fix multiple bugs are now available
for LVMS 4.14.z.

Description

Logical volume manager storage (LVMS) uses the TopoLVM CSI driver to
dynamically provision local storage on single node OpenShift clusters.

Logical volume manager storage creates thin-provisioned volumes using the
Logical Volume Manager and provides dynamic provisioning of block storage
on a single node OpenShift cluster with limited resources.

Users of LVMS are advised to upgrade to the latest version of the LVMS in
OpenShift Container Platform, which fixes these bugs and adds these
enhancements.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat OpenShift Container Platform 4.14 for RHEL 9 x86_64
• Red Hat OpenShift Container Platform for Power 4.14 for RHEL 9 ppc64le
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.14 for RHEL 9 s390x
• Red Hat OpenShift Container Platform for ARM 64 4.14 for RHEL 9 aarch64

Fixes

• OCPBUGS-17180 - Build is missing "valid subscription" data - LVM Storage [4.14]
• OCPVE-326 - Update sidecar images after 4.14 release

CVEs

• CVE-2023-2602
• CVE-2023-2603
• CVE-2023-4527
• CVE-2023-4806
• CVE-2023-4813
• CVE-2023-4911
• CVE-2023-30630
• CVE-2023-38545
• CVE-2023-38546
• CVE-2023-39325
• CVE-2023-40217
• CVE-2023-44487

References

(none)