Issued:: 2026-01-22
Updated:: 2026-01-22

RHSA-2026:1049 - Security Advisory

Overview
Updated Images

Synopsis

Red Hat OpenShift Pipelines Release 1.21.0

Type/Severity

Security Advisory: Important

Topic

The 1.21.0 GA release of Red Hat OpenShift Pipelines Operator..
For more details see [product documentation](https://docs.redhat.com/en/documentation/red_hat_openshift_pipelines).

Description

The 1.21.0 release of Red Hat OpenShift Pipelines Operator.

Solution

Red Hat OpenShift Pipelines is a cloud-native, continuous integration and
continuous delivery (CI/CD) solution based on Kubernetes resources.
It uses Tekton building blocks to automate deployments across multiple
platforms by abstracting away the underlying implementation details.
Tekton introduces a number of standard custom resource definitions (CRDs)
for defining CI/CD pipelines that are portable across Kubernetes distributions.

Fixes

SRVKP-6166 - Reduce the role for pipeline service account when we set customRBACresource to true.
SRVKP-8057 - Automatically create route for results API end point
SRVKP-8891 - tekton-operator-proxy-webhook certificate having issues auto rotating in HCP cluster
SRVKP-8922 - The Results configuration is not being propagated from TektonConfig to Results.
SRVKP-9126 - Optimize OpenShift Pipelines Operator Logging
SRVKP-9425 - Can no longer set maxRetention for results

CVEs

CVE-2025-66506

References

amd64

registry.redhat.io/openshift-pipelines/pipelines-operator-bundle@sha256:a5672822c8a59e50317d79a697d7e93c9fca27df13dcbd999c3c7a18475243a2

registry.redhat.io/openshift-pipelines/pipelines-rhel9-operator@sha256:055d60f1ce44fdab089475c7fcbadb2764fdb453c05bba7ec918af82e4a2c7c1

registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel9@sha256:65dda4d1773b5cbb5b192aea81186aacb8e200d5c033527fcc9b236125382df3

registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel9@sha256:b574aec30943382079ea6c60df7aacce77fe3caacf366a08fe2c37769061a1bd

arm64

registry.redhat.io/openshift-pipelines/pipelines-rhel9-operator@sha256:bf1e73f5e9c64d63fa6c283617834f59d11c642ad92bf6ac08ebb0d4b0d2e089

registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel9@sha256:15d40f853744265a1f4f64e29d1da73056d87033faa393f17e2da75d19265008

registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel9@sha256:511e668c1ffc13395f57cd53983b4ba6d76a7e4004d8a845bb940d86d775ada6

ppc64le

registry.redhat.io/openshift-pipelines/pipelines-rhel9-operator@sha256:258f160b7fcb75aea2ebf51b9163c58eaad1dc0fbd9285a411564a5f93e8a190

registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel9@sha256:25aeacd4b3dc9fdc04f3d88b128658c8574798d125efff9496f7a936d85ceb04

registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel9@sha256:190f972cbf4951f32ccc666075c0c64751a98b4ac95f7b5762b39605084f4938

s390x

registry.redhat.io/openshift-pipelines/pipelines-rhel9-operator@sha256:87ee30c0e63990331d779ff146fc811bd385f352c7c1d5b57d6d06fac2867f7b

registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel9@sha256:e3475b5cd64b0a9e597f31fe7b6a7847b2bf924ce4feb123ebbf8e3424938f67

registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel9@sha256:81280d1b2568f74e265a8ab579581b44843e6841be4aa55562df84298cceda99

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation