- Issued:
- 2025-06-17
- Updated:
- 2025-06-17
RHSA-2025:9167 - Security Advisory
Synopsis
Red Hat build of OpenTelemetry 3.6.0 release
Type/Severity
Security Advisory: Important
Topic
Red Hat build of OpenTelemetry 3.6.0 has been released
Description
Breaking changes:
- Nothing
Deprecations:
- Nothing
Technology Preview features:
- Cumulative-to-Delta Processor
Enhancements:
- The following Technology Preview features reach General Availability:
- Kafka Exporter
- Attributes Processor
- Resource Processor
- Prometheus Receiver
- With this update, the OpenTelemetry Collector can read TLS certificates in the `tss2` format according to the TPM Software Stack specification (TSS) 2.0 of the Trusted Platform Module (TPM) 2.0 Library by the Trusted Computing Group (TCG).
- With this update, the Red Hat build of OpenTelemetry Operator automatically upgrades all OpenTelemetryCollector custom resources during its startup. The Operator reconciles all managed instances during its startup. If there is an error, the Operator retries the upgrade at exponential backoff. If an upgrade fails, the Operator will retry the upgrade again when it restarts.
Bug fixes:
- Nothing
Known issues:
There is currently a known issue with the following exporters:
- AWS CloudWatch Logs Exporter
- AWS EMF Exporter
- AWS X-Ray Exporter
This known issue affects deployments that use the optional endpoint field of the exporter configuration in the Collector custom resource. Not specifying the protocol, such as https://, as part of the endpoint value results in the unsupported protocol scheme error. Workaround: Include the protocol, such as https://, as part of the endpoint value.
Solution
For details on how to apply this update, refer to:
https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators
Fixes
- TRACING-5121 - Support OpenTelemetry delta temporality metrics - Dynatrace AI effort
- TRACING-5034 - Improve error message when creating/upgrading collector instance and using API version opentelemetry.io/v1beta1
- TRACING-5362 - Add tailbased sampling processor
amd64
| registry.redhat.io/rhosdt/opentelemetry-operator-bundle@sha256:f08e30a5035f1c1bb79d62bc3db9ab19b9b8652c32b8c365e92ceab8abd01090 |
| registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:5e0a98e281698282f6dba8942fbc992cdeb0da30c0f465f39b5c28e86bd7b39a |
| registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:c105cc315f0cac6c42fb3434f6e3c87e58e0dfb25f36ea6fb19016acbf888b86 |
| registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:2cf4f832dc46517c844b147c118dbc78fd2c17cda5726fe8c27757c601abaa2a |
arm64
| registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:3a4f2fdde35600a6e0a7f947ee2b0f8a75701198b129a39aecce2d1f047181b7 |
| registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:0230ba6094579249356713d21de1f454b7c23a16426661328b978869db9c2e53 |
| registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:c02bbc2dc27a51bf98da4b0d1d3974ed0428d498eb78bddb9f8d3392e8faa1ea |
ppc64le
| registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:ed84b0251ae531c31b2c5930f8ba59a64aeda8d96df04accefbeab0899640dee |
| registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:ec808ab1424252f10adb295e8f886ded407aee865017c94ce34723e399b4c335 |
| registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:41d362f767f672bf714049e554014c2cb050b2813388a5ceb6c17f31254b2b71 |
s390x
| registry.redhat.io/rhosdt/opentelemetry-collector-rhel8@sha256:b4ffed36d8f0d575ca959b76e4a22f4197349e277af1586058c18c013feabe28 |
| registry.redhat.io/rhosdt/opentelemetry-rhel8-operator@sha256:f765a4a9eb745a42721e03609ff3de66fb88cb217b3bf4977a56668e175e4484 |
| registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8@sha256:c397ea8f4c20470a1af7003f93c3c1da9d8b0d4da7313e0f4ad91c4dfa8a9d12 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
