- Issued:
- 2024-08-15
- Updated:
- 2024-08-15
RHBA-2024:5474 - Bug Fix Advisory
Synopsis
ACS 4.5 bug fix update
Type/Severity
Bug Fix Advisory
Topic
Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes changes and bug fixes.
Description
RHACS 4.5.1 provides these changes and bug fixes:
Changes:
- The network graph and the network policy generator in the RHACS portal were updated to clarify that AdminNetworkPolicy and BaselineAdminNetworkPolicy resources are not taken into consideration in the network graph or during network policy generation.
- RHACS components were updated to versions that include a fix for CVE-2024-41110: Vulnerability in authorization plugins in Docker Engine (AuthZ).
Bug fixes:
- When upgrading to RHACS 4.5.0, in some situations, the upgrade failed with a central-db error for the uni_compliance_integrations_clusterid constraint. This problem has been fixed.
- After upgrading to RHACS 4.5.0, for nodes with more than 64 cores, Collector displayed an error about the ring buffer size not being allowed. This problem has been fixed.
- The network graph was broken for users with clusters running Google Kubernetes Engine (GKE) version 1.29 and later due to a change from Google to use the managed public IP address range 34.118.224.0/20 for default networking services. The network graph marked this IP address range as external. This problem has been fixed.
Solution
To take advantage of these changes and bug fixes, upgrade to RHACS 4.5.1.
Affected Products
- Red Hat Advanced Cluster Security for Kubernetes 4 x86_64
- Red Hat Advanced Cluster Security for Kubernetes for IBM Z and LinuxONE 4 s390x
- Red Hat Advanced Cluster Security for Kubernetes for IBM Power, little endian 4 ppc64le
Fixes
- ROX-24747 - Add banner to top of network graph to indicate ANP/BANP incompatibility
- ROX-24951 - [UI] Link scanner error description to docs
- ROX-25218 - Service IPs are marked as external in GKE versions >= 1.29
- ROX-25435 - Upgrade to 4.5.x shows ALTER TABLE "compliance_integrations" DROP CONSTRAINT
- ROX-25477 - the specified per-CPU ring buffer dimension (3145728) is not allowed!
CVEs
(none)
ppc64le
advanced-cluster-security/rhacs-central-db-rhel8@sha256:6aecdcadb5e77da07b17030f96d5f613920e0ab7074d5d8e25c7841f5ca23841 |
advanced-cluster-security/rhacs-collector-rhel8@sha256:4620677d7c6f82df11e71307602c173a8bcf8d916947468d84bd7155351a6771 |
advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c336be11f1af335bc10631d903b8950e9aaa7dd5198de4e6b8485ae1fae15855 |
advanced-cluster-security/rhacs-main-rhel8@sha256:c2c5c1349999d29c3949ec102c10c249474400fe215e40d7951883e73ca55fa3 |
advanced-cluster-security/rhacs-operator-bundle@sha256:7c335a4ee50e270e4a58b762e99ca46e09b11d2801c0f44ff769bfe77500bf4d |
advanced-cluster-security/rhacs-rhel8-operator@sha256:e467d7012638df62676cef765cc54c8670e74bebd9c5df9534904ded2d6939db |
advanced-cluster-security/rhacs-roxctl-rhel8@sha256:30a37bde43e44b8a341b13f7271b2f37dd8f8125c56d56128d61b41136dbe62c |
advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:2e5520ca87d8f3cff3c57a2635a2474c5d996b1599b70a2c623b0e0d685d1826 |
advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:79e49ffa1b42c4d34e85922fbd99f71afdf2ddc409646498d591b723c1967911 |
advanced-cluster-security/rhacs-scanner-rhel8@sha256:6d19fff6f3ab0a01d564abb3d36becff34e73ad2ea899ab4cdf52d2cb3090d6a |
advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a9115ece023503238c7a9a934f78968b1a3583e8d1bd19648e74e2f4f1c92c64 |
advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:349b6c6a382cd80e00bb13932590f682d92184475785f4bf51c2c86892b0a7a3 |
advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:dc8897df50c9996f7832ae54916d7f1b4ab43bdd15f4ed6b83a23174faae0a0e |
s390x
advanced-cluster-security/rhacs-central-db-rhel8@sha256:54dbfb079d0dea3232ede1dbc19b19f42398fd5d35f26a51d7b29047b07f6382 |
advanced-cluster-security/rhacs-collector-rhel8@sha256:ef0549b7148297eaec7f1c891abaa84c0b1736165d23010f6182c14e494f6036 |
advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:0d1316c2b411740abd3b777edac8896673a1d399df1dbbde4192ecc78571c1e1 |
advanced-cluster-security/rhacs-main-rhel8@sha256:b552ef43fe5cfa5b61b7410f4fa1a7bd307a6ce3230db1fdd89926ce606a82b6 |
advanced-cluster-security/rhacs-operator-bundle@sha256:a918c0fa1ca1015fa78d50bccaa3d37f00bbe77f42a9512d094344ff2fb4c366 |
advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4eb057a4272bca1576f6c7cc88d61754815628ed138f1a40eca940ac43a6e5 |
advanced-cluster-security/rhacs-roxctl-rhel8@sha256:27c33b3563b5faccc086ef32b7d221184cea30818e066e503ff59fbf2b5c65ec |
advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:03e9d5aa4d2939a52fa6924f46f758b8f2aab7c8e6de2fbbb4258078383918d9 |
advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0967a17b51da753365308eb7b06ca975f088c83da56979a5de6544d4d3b6212b |
advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed5e48485a7c0cdf715b2228cf7db3e533e31f80c2115c1eb91a3505b207a5a8 |
advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd34767ac2bb1bdb0c54b8a06a423e51298f2362c5349ed20fb3311192ca1977 |
advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ac47be48f22df4fd0c8d251988a36e4dde21ed2acfbfccbfdded68b3a5aae385 |
advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0f44edcfd834d765e4e6cae840824f743d6f62d424be873d023f1addd11ebce7 |
x86_64
advanced-cluster-security/rhacs-central-db-rhel8@sha256:7f252873e4c89b96144a6c499cd6145790d218c010037ef30b75bbcbb24e1570 |
advanced-cluster-security/rhacs-collector-rhel8@sha256:e651689272febaef4d29c91271e2aa8970560739503d5545b23173a751675e12 |
advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2012152af740f1ebfff4e12381845c9a472db3c4e7b9f55763cc1495849f979d |
advanced-cluster-security/rhacs-main-rhel8@sha256:1193c4af80c0df1c343a4e4bffd801094788083f24be2055b3a4b68716741748 |
advanced-cluster-security/rhacs-operator-bundle@sha256:25680f4d265895dac28686e234f026c10c015b3f94434e00f5c8b680e1c7e834 |
advanced-cluster-security/rhacs-rhel8-operator@sha256:6247d094c8ec48154f402b32209cf08471e6e13de33f066bd1d8572e0f352657 |
advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6b91c18d60170498a5414377e9e872a38b5f575077a7adfa63f36d952648b7c1 |
advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:121224f7dd07be65dd1cc7c80aa92ca388a605e558b9e80a24ba8c57cce30c1c |
advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4d8b1737c93af8c568f0c040d27376f94ebab8e05e822c3e1b9824e836db335d |
advanced-cluster-security/rhacs-scanner-rhel8@sha256:e7e157cf09a442dafbe85d90e30fcab9288d3b35c367b0e4d2b7c224cc05d75a |
advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:013946d531b4fc1afd397940e2e1ae43ca6e03ef90aab2e28ebbe25bede24f40 |
advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:a0d9eb4f0b4d23624497f0b23ba20d65dcaced9deb7c89dc1c86cd6dd760106e |
advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1829b9e903e58c08433083bd741b6ea49468fd42e985a393e7076b7a9dd10f24 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.