2101266 – RHSA-2022:4993 need Integrate to image registry.redhat.io/redhat/redhat-operator-index:v4.10

Bug 2101266 - RHSA-2022:4993 need Integrate to image registry.redhat.io/redhat/redhat-operator-index:v4.10

Summary: RHSA-2022:4993 need Integrate to image registry.redhat.io/redhat/redhat-opera...

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	OLM
Sub Component:
Version:	4.10
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	---
Assignee:	Per da Silva
QA Contact:	Jian Zhang
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-06-27 02:17 UTC by yaoli
Modified:	2022-06-28 20:28 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2022-06-28 20:28:54 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description yaoli 2022-06-27 02:17:35 UTC

Description of problem:
The customer used RHACS to scan the ocp operator hub images, there is a CVE issue

https://access.redhat.com/security/cve/cve-2022-1271

the CVE has been fixed on RHEL

https://access.redhat.com/errata/RHSA-2022:4993

but the operator image, looks need to rebuild,test by the image

registry.redhat.io/redhat/redhat-operator-index:v4.10

# oc rsh redhat-operators-fjr2v 
   
sh-4.4$ rpm -qa |grep xz
xz-libs-5.2.4-3.el8.x86_64


Version-Release number of selected component (if applicable):
OCP 4.10.14

[root@bastion ~]# oc version
Client Version: 4.10.14
Server Version: 4.10.14
Kubernetes Version: v1.23.5+b463d71

Note You need to log in before you can comment on or make changes to this bug.