- Issued:
- 2024-06-19
- Updated:
- 2024-06-19
RHBA-2024:3964 - Bug Fix Advisory
Synopsis
OpenShift sandboxed containers 1.6.0 update
Type/Severity
Bug Fix Advisory
Topic
Red Hat OpenShift sandboxed containers 1.6.0 is now available.
Description
OpenShift sandboxed containers support for OpenShift Container Platform
provides users with built-in support for running Kata containers as an
additional, optional runtime.
This advisory contains an update for OpenShift sandboxed containers with
bug fixes and container upgrades.
Space precludes documenting all of the updates to OpenShift sandboxed
containers in this advisory. See the Release Notes documentation,
which will be updated shortly for this release, for details about these
changes:
https://access.redhat.com/documentation/en-us/openshift_sandboxed_containers/1.6/html/release_notes/
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat OpenShift Container Platform 4.14 for RHEL 9 x86_64
Fixes
- KATA-2894 - CVP failure: skipRanges are not as expect
- KATA-2947 - Work towards merging feature gate implementation to OSC devel
- KATA-2958 - osc-podvm-image-creation fails is image gallery is not unique
- KATA-2962 - deleting kataconfig on Azure should delete podvm image
- KATA-2693 - update golang builder image to include fix for rapid reset bug 1.6
- KATA-2982 - OSC 1.6.0 with peer pod with GPU enabled AMI doesn't see Nvidia drivers
- KATA-3108 - 1.6.0 podvm builder container has many CVEs
- KATA-3112 - PodVM image build failure causing controller-manager to crashloop on libvirt provider
- KATA-2633 - customer should be notified about AMI creation job installation stage
- KATA-2790 - Controller Manager is OOM killed on Single Node Cluster
- KATA-2964 - unable to update AZURE_INSTANCE_SIZES without restarting peerpod controller and webhook
CVEs
- CVE-2022-48554
- CVE-2023-2975
- CVE-2023-3446
- CVE-2023-3817
- CVE-2023-5678
- CVE-2023-6004
- CVE-2023-6129
- CVE-2023-6237
- CVE-2023-6597
- CVE-2023-6918
- CVE-2023-7008
- CVE-2024-0450
- CVE-2024-0727
- CVE-2024-1441
- CVE-2024-2494
- CVE-2024-2961
- CVE-2024-22365
- CVE-2024-25062
- CVE-2024-26458
- CVE-2024-26461
- CVE-2024-28182
- CVE-2024-28834
- CVE-2024-28835
- CVE-2024-33599
- CVE-2024-33600
- CVE-2024-33601
- CVE-2024-33602
References
(none)
s390x
openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:90b9738eaa60d2adf7d3b2b92a358e9e34e86cd7078bf679ffa301bf849fa9d6 |
openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:de009a0199c0671c0906c27081c99fe1cdde673330c9ccdafea7fddfe84e080d |
openshift-sandboxed-containers/osc-monitor-rhel9@sha256:b90f1c8e5dcb0e16ed87d897d59f1d1ed9d0b082c691de8e3d2fe8d6d3307cb0 |
openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:e13325c797d8840b7840e61ccfa6fc03d9f281ca4f9a223fdc46e8325101ede3 |
openshift-sandboxed-containers/osc-operator-bundle@sha256:10c345b1a32aa5fb740e01390338dd7bc06e3e14e1f47fd10663ede10299c83c |
openshift-sandboxed-containers/osc-podvm-builder-rhel9@sha256:ae727164c1a0ff518d6e52fe2c1e0ff83e91bc7f9fb1e60d7f9e66357666e475 |
openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:5f020f78af80079c41ae66cc0aa0750a2ffb5182c2d66d4ecaa58ce16d7b1bf7 |
openshift-sandboxed-containers/osc-rhel9-operator@sha256:109402ec898f45eedeceadf67ddeb2d343608c443cbce635eb036e531bd03784 |
x86_64
openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9@sha256:9d479b982c968e73cde1f0a4a719d13fb1d2817044f01fdf7058e53132b1a892 |
openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9@sha256:def59e19788e760cfe977abba9f613ca68721a949c489cc5727b2f964ccac211 |
openshift-sandboxed-containers/osc-monitor-rhel9@sha256:fe4bee9fdfd22802cfad462f72f4d722a43311ee7488046f15359e852c8892ee |
openshift-sandboxed-containers/osc-must-gather-rhel9@sha256:02ce27882d24657d8b20956aae2741c42360f28a49860db8893b22d75385f879 |
openshift-sandboxed-containers/osc-operator-bundle@sha256:73c56ddfb2e16e4db400584b24b227b25655e2215fd2538292cbea2adc19c5fe |
openshift-sandboxed-containers/osc-podvm-builder-rhel9@sha256:c1caae0002ae4edc4174a195b7b921de3d4990d1d01a2dbb00474759e49d60c3 |
openshift-sandboxed-containers/osc-podvm-payload-rhel9@sha256:5620be3940ed4e8706a906d38f1367854046e45a43043fcc2976a0335e266334 |
openshift-sandboxed-containers/osc-rhel9-operator@sha256:d19a14cf5f81caa37dba62103326a226c7cc7deb112e39f4620f2ec48f1a9faf |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.