RHSA-2026:17456 - Security Advisory

标题

zero trust workload identity manager for Red Hat OpenShift 1.0.1

描述

The Zero Trust Workload Identity Manager (ZTWIM) is a day-2 operator. The operator manages lifecycle of operand components from SPIRE project. The goal of ZTWIM is to provide secure, verifiable workload identities for workloads in multi-cloud environments. The operand components automate identity issuance, rotation, and verification, enhancing the zero-trust security model while eliminating static credentials. The current release of zero trust workload identity manager for Red Hat OpenShift is for Technology Preview.

解决方案

Before installing the operator, make sure all previously released errata relevant to your system have been applied.

The steps to apply the upgraded images will differ depending on the installation plan approval policy that will be used
while installing thezero trust workload identity manager for Red Hat OpenShift.

• If the approval policy is set to `Automatic`, then the Operator will be upgraded automatically when there is a

new version of the Operator. No further action is required to upgrade. This is the default setting.

• If you changed the approval policy to `Manual`, then you must manually approve the upgrade to the Operator.

修复

CVE

• CVE-2026-21441

参考

• https://access.redhat.com/security/updates/classification/
• https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/security_and_compliance/zero-trust-workload-identity-manager