- Issued:
- 2022-01-04
- Updated:
- 2022-01-04
RHBA-2022:0014 - OpenShift Compliance Operator bug fix and enhancement update
Synopsis
OpenShift Compliance Operator bug fix and enhancement update
Type/Severity
Bug Fix Advisory None
Topic
An updated OpenShift Compliance Operator image that fixes various bugs and adds enhancements is now available for the Red Hat OpenShift Enterprise 4 catalog.
Description
The OpenShift Compliance Operator v0.1.47 image update is available with the following changes:
Enhancements
- Add "infrastructure" to resources we always fetch
- Implement version applicability for remediations
- Add permissions to get and list machinesets
- Add support for rendering variable in rule objects Bug Fixes:
- Remove permissions for the aggregator to list nodes
- Fix Kubernetes version dependency parsing bug
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat OpenShift Container Platform | 4.8 | x86_64 |
| Red Hat OpenShift Container Platform | 4.7 | x86_64 |
| Red Hat OpenShift Container Platform | 4.6 | x86_64 |
Fixes
- This content is not included.BZ - 1965511
- This content is not included.BZ - 2032420
- This content is not included.BZ - 2033009
CVEs
- CVE-2018-20673
- CVE-2019-5827
- CVE-2019-13750
- CVE-2019-13751
- CVE-2019-17594
- CVE-2019-17595
- CVE-2019-18218
- CVE-2019-19603
- CVE-2019-20838
- CVE-2020-12762
- CVE-2020-13435
- CVE-2020-14155
- CVE-2020-16135
- CVE-2020-24370
- CVE-2021-3200
- CVE-2021-3426
- CVE-2021-3445
- CVE-2021-3572
- CVE-2021-3580
- CVE-2021-3778
- CVE-2021-3796
- CVE-2021-3800
- CVE-2021-20231
- CVE-2021-20232
- CVE-2021-20266
- CVE-2021-22876
- CVE-2021-22898
- CVE-2021-22925
- CVE-2021-23840
- CVE-2021-23841
- CVE-2021-27645
- CVE-2021-28153
- CVE-2021-33560
- CVE-2021-33574
- CVE-2021-35942
- CVE-2021-36084
- CVE-2021-36085
- CVE-2021-36086
- CVE-2021-36087
- CVE-2021-42574
References
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.