openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity

OADP-3171: Release notes for OADP 1.2.5

Browse Source 
Signed-off-by: A.Arnold <anarnold@redhat.com>
This commit is contained in:
A.Arnold
2024-05-31 12:12:25 +01:00
committed by openshift-cherrypick-robot
parent 68c361ac3a
commit d6932cbe4c
2 changed files with 49 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backup_and_restore/application_backup_and_restore/release-notes/oadp-release-notes-1-2.adoc
View File

@@ -9,6 +9,8 @@ toc::[]
The release notes for OpenShift API for Data Protection (OADP) 1.2 describe new features and enhancements, deprecated features, product recommendations, known issues, and resolved issues.
include::modules/oadp-release-notes-1-2-5.adoc[leveloffset=+1]
include::modules/oadp-release-notes-1-2-4.adoc[leveloffset=+1]
include::modules/oadp-release-notes-1-2-3.adoc[leveloffset=+1]

47
modules/oadp-release-notes-1-2-5.adoc Normal file
View File

@@ -0,0 +1,47 @@
// Module included in the following assemblies:
//
// * backup_and_restore/oadp-release-notes-1-2.adoc
:_mod-docs-content-type: REFERENCE
[id="migration-oadp-release-notes-1-2-5_{context}"]
= OADP 1.2.5 release notes
{oadp-first} 1.2.5 is a Container Grade Only (CGO) release, released to refresh the health grades of the containers, with no changes to any code in the product itself compared to that of {oadp-short} 1.2.4.
[id="resolved-issues-1-2-5_{context}"]
== Resolved issues
// There are no resolved issues in {oadp-short} 1.2.5.
.CVE-2023-2431: `oadp-velero-plugin-for-microsoft-azure-container`: Bypass of seccomp profile enforcement
A flaw was found in Kubernetes, which impacts earlier versions of {oadp-short}. This flaw arises when Kubernetes allows a local authenticated attacker to bypass security restrictions, caused by a flaw when using the localhost type for a `seccomp` profile but specifying an empty profile field. An attacker can bypass the `seccomp` profile enforcement by sending a specially crafted request. This flaw has been resolved in {oadp-short} 1.2.5.
For more details, see link:https://access.redhat.com/security/cve/CVE-2023-2431[(CVE-2023-2431)].
.CSI restore ended with 'PartiallyFailed' status and PVCs not created
CSI restore ended with `PartiallyFailed` status. PVCs are not created, pod are in `Pending` status. This issue has been resolved in {oadp-short} 1.2.5.
link:https://issues.redhat.com/browse/OADP-1956[(OADP-1956)]
.PodVolumeBackup fails on completed pod volumes
In earlier versions of {oadp-short} 1.2, when there is a completed pod that mounted volumes in a namespace used by the Restic `podvolumebackup` or Velero backup, the backup does not complete successfully. This occurs when `defaultVolumesToFsBackup` is set to `true`. This issue has been resolved in {oadp-short} 1.2.5.
link:https://issues.redhat.com/browse/OADP-1870[(OADP-1870)]
[id="known-issues-1-2-5_{context}"]
== Known issues
// The {oadp-short} 1.2.5 has the following known issue:
.Data Protection Application (DPA) does not reconcile when the credentials secret is updated
Currently, the {oadp-short} Operator does not reconcile when you update the `cloud-credentials` secret. This occurs because there are no {oadp-short} specific labels or owner references on the `cloud-credentials` secret. If you create a `cloud-credentials` secret with incorrect credentials, such as empty data, the Operator reconciles and creates a backup storage location (BSL) and registry deployment with the empty data. As a result, when you update the `cloud-credentials` secret with the correct credentials, the {oadp-short} Operator does not immediately reconcile to catch the new credentials.
Workaround: Update to {oadp-short} 1.3.
link:https://issues.redhat.com/browse/OADP-3327[(OADP-3327)]