- Issued:
- 2020-02-26
- Updated:
- 2020-02-26
RHBA-2020:0622 - OCS 3.11.z Container Images Bug Fix Update
Synopsis
OCS 3.11.z Container Images Bug Fix Update
Type/Severity
Bug Fix Advisory None
Topic
Updated container images for rhgs-server-container, rhgs-volmanager-container, rhgs-gluster-block-prov-container, and rhgs-s3-server-container are now available in the Red Hat Container Registry for Red Hat OpenShift Container Storage 3.11 Update 5.
Description
The OpenShift Container Storage solution provides persistent storage service for OpenShift Containers and OpenShift Infrastructure services.
This advisory fixes the following bugs:
-
With this update, rhgs-gluster-block-prov-container image re-spins to include SQLite package update with fixes to CVEs at Red Hat Enterprise Linux 7. (BZ#1796307)
-
With this update, rhgs-s3-server-container image re-spins to include sqlite package update with fixes to CVEs at Red Hat Enterprise Linux 7. (BZ#1802437)
-
Race conditions between two LVM stacks (one on the host, and one inside the container) fight between each other and cause conflicting results. Activation of devices may not always succeed, or device-nodes/symlinks of activated devices could be incorrectly removed. With this update, a wrapper script to run LVM commands from inside the container on the host is executed. As a result, only a single LVM stack is used which is the one on the host. This prevents conflicts from occurring between two stacks. (BZ#1655930)
-
Previously, the SSH service embedded in the gluster server container supported CBC mode ciphers. With this update, these ciphers are now disabled. (BZ#1800446)
-
Previously, certain system conditions are logged in a misleading way. Hence, spurious error messages in gusterfs client logs report `writing to fuse device failed: No such file or directory'. These messages can now be safely ignored as there is no harmful effect. (BZ#1790997)
-
With this update, rhgs-server-container image re-spins to include SQLite package update with fixes to CVEs at Red Hat Enterprise Linux 7. (BZ#1802435)
-
With this update, rhgs-volmanager-container re-spins to include SQLite package update with fixes to CVEs at Red Hat Enterprise Linux 7. (BZ#1802436)
All users of OpenShift Container Storage 3.11 container images are advised to pull these updated images from the Red Hat Container Registry.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Gluster Storage Server for On-premise | 3 | x86_64 |
Fixes
- This content is not included.BZ - 1655930
- This content is not included.BZ - 1748420
- This content is not included.BZ - 1765602
- This content is not included.BZ - 1772611
- This content is not included.BZ - 1782096
- This content is not included.BZ - 1782097
- This content is not included.BZ - 1783226
- This content is not included.BZ - 1788913
- This content is not included.BZ - 1790997
- This content is not included.BZ - 1796307
- This content is not included.BZ - 1798850
- This content is not included.BZ - 1802435
- This content is not included.BZ - 1802436
- This content is not included.BZ - 1802437
CVEs
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.