Impact statement for the OCPBUGS-31067 series.

Which 4.y.z to 4.y'.z' updates increase vulnerability?

Any update to 4.16.rc (4.16 is not released at time of issue and fix) can be exposed to this issue if the installed cluster version is old enough. The theory is that 4.13 and previous clusters that upgrade to 4.16 will have issues autoscaling, but in practice we were unable to reproduce and only build02 (which is 4.6 install) has exhibited this issue

Which types of clusters?

In theory any clusters that need to scale nodes

What is the impact? Is it serious enough to warrant removing update recommendations?

requires additional CSR approval instead of automatic

How involved is remediation?

Approve CSR by hand, or set up job to auto approve

Is this a regression?

Yes, as part of a fix to a previous problem