Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 2101266

Summary: RHSA-2022:4993 need Integrate to image registry.redhat.io/redhat/redhat-operator-index:v4.10
Product: OpenShift Container Platform Reporter: yaoli
Component: OLMAssignee: Per da Silva <pegoncal>
OLM sub component: OperatorHub QA Contact: Jian Zhang <jiazha>
Status: CLOSED WONTFIX Docs Contact:
Severity: unspecified    
Priority: unspecified CC: agreene
Version: 4.10   
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-06-28 20:28:54 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description yaoli 2022-06-27 02:17:35 UTC 
Description of problem:
The customer used RHACS to scan the ocp operator hub images, there is a CVE issue

https://access.redhat.com/security/cve/cve-2022-1271

the CVE has been fixed on RHEL

https://access.redhat.com/errata/RHSA-2022:4993

but the operator image, looks need to rebuild,test by the image

registry.redhat.io/redhat/redhat-operator-index:v4.10

# oc rsh redhat-operators-fjr2v 
   
sh-4.4$ rpm -qa |grep xz
xz-libs-5.2.4-3.el8.x86_64


Version-Release number of selected component (if applicable):
OCP 4.10.14

[root@bastion ~]# oc version
Client Version: 4.10.14
Server Version: 4.10.14
Kubernetes Version: v1.23.5+b463d71