Details
-
Spike
-
Resolution: Done
-
Critical
-
None
-
Alongside OpenShift 4.12, Alongside OpenShift 4.13
-
False
-
None
-
False
Description
This Jira is only contains impact assessment for OCPBUGS-6053 (for 4.13) and OCPBUGS-6678 (for 4.12.z). Check the bug for more details.
Which 4.y.z to 4.y'.z' updates increase vulnerability?
Answer:
- All updates to 4.12.1 and 4.13.0-ec.2.
Which types of clusters are impacted?
Answer:
- Clusters with a channel set, who might, after arriving on a vulnerable release, have availableUpdates null and Upgradeable=False.
- Clusters are not vulnerable if availableUpdates is populated, regardless of whether the values it contains came from conditionally-recommended updates.
What is the impact? Is it serious enough to warrant removing update recommendations?
Answer:
- The /settings/cluster page in the web-console fails to render.
How involved is remediation?
Answer:
- The /settings/cluster page recovers once there are availableUpdates or Upgradeable becomes True or both.
- For upgrading the cluster use
$ oc adm upgrade
Refer https://docs.openshift.com/container-platform/4.12/updating/updating-cluster-cli.html for steps around how to upgrade cluster using oc.
- You can also use OC CLI to monitor the cluster. For example you can also use OC CLI to describe ClusterVersion status i.e.
$ oc get clusterversion -o yaml or oc get clusterversion -o json
Is this a regression?
Answer:
- Yes, the regression entered 4.13.0-ec.2 via
OCPBUGS-4700and 4.12.1 viaOCPBUGS-5263.
Attachments
Issue Links
- blocks
-
OCPBUGS-6053 `availableUpdates: null` results in run-time error on Cluster Settings page
-
- Closed
-
- relates to
-
-
- Closed
-
- links to