Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Normal
Fix Version/s: 4.11.z
Affects Version/s: 4.11.z
Component/s: Node / CRI-O
Labels:
- green

Regression:
None
Story Points:
3
Sprint:
OCPNODE Sprint 225 (Green)
sprint_count:
1
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Target Version:

4.12.0

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

4.12 will have an option in cri-o: add_inheritable_capabilities which will allow a user to opt-out of dropping inheritable capabilities (which comes as a fix for CVE-2022-27652). We should add it by default as a drop-in in 4.11 so clusters that upgrade from it inherit the old behavior

is cloned by

OCPBUGS-1939 [4.11] specify `add_inheritable_capabilities` on upgrades from 4.11

Closed

is depended on by

OCPBUGS-1939 [4.11] specify `add_inheritable_capabilities` on upgrades from 4.11

Closed

links to

openshift/machine-config-operator#3352: Jira OCPBUGS-1814: Create a drop-in file for cri-o's add inheritable capabilities

Assignee:: Peter Hunt

Reporter:: Peter Hunt

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2022/09/27 8:47 PM

Updated:: 2022/09/30 6:11 PM

Resolved:: 2022/09/30 6:10 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates