TODO:

• Review https://errata.devel.redhat.com/advisory/filters/4227 (currently 3 issues)
• collect list of CVEs fixed and their associated RPMs
• check if the updated RPMs are present in the latest 1.2.5 builds of operator and hub containers
• check if 1.2.5 builds use the latest base images (or need to be updated to fresher ones)
  • if already fixed, DROP the FM advisories in favour of our 1.2.5 advisory
  • if NOT already fixed, verify if we can get the fix from a newer base image / RPM or if this remains a KNOWN ISSUE

• check for other CVE issues closed in 1.2.5 (RHIDP-3146, RHIDP-3173, RHIDP-3925, RHIDP-3946 ...)

• for any CVEs we can't yet fix, create a JIRA to track the problem and have a place to write any Known Issue text for the RN

• for CVEs that are fixed in 1.2.5, draft release notes in this format https://github.com/redhat-developer/red-hat-developers-documentation-rhdh/blob/1.2.x/modules/release-notes/con-relnotes-fixed-issues.adoc#fixed-security-issues - submit PR