Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Normal
Fix Version/s: 4.11.z
Affects Version/s: 4.11.z
Component/s: Node / CRI-O
Labels:
- green

Story Points:
3
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Target Version:

4.11.z

SFDC Cases Counter:
SFDC Cases Links:

4.12 will have an option in cri-o: add_inheritable_capabilities which will allow a user to opt-out of dropping inheritable capabilities (which comes as a fix for CVE-2022-27652). We should add it by default as a drop-in in 4.11 so clusters that upgrade from it inherit the old behavior

blocks

OTA-794 Raise the minor_min version for 4.11.z to 4.12.0 upgrade once add_inheritable_capabilities MachineConfig released

Closed

clones

OCPBUGS-1814 specify `add_inheritable_capabilities` on upgrades from 4.11

Closed

depends on

OCPBUGS-1814 specify `add_inheritable_capabilities` on upgrades from 4.11

Closed

links to

openshift/machine-config-operator#3352: Jira OCPBUGS-1939: Create a drop-in file for cri-o's add inheritable capabilities

Assignee:: Peter Hunt

Reporter:: Peter Hunt

QA Contact:: Min Li

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2022/09/30 6:08 PM

Updated:: 2022/10/25 6:43 PM

Resolved:: 2022/10/18 10:10 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates