openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
enterprise-4.21
openshift-docs/modules/migration-mtc-release-notes-1-8-2.adoc
A.Arnold 7e31ffca8a OCP 4.20 - MIG-1763: MTC 1.8.10 release notes and attributes 
Signed-off-by: A.Arnold <anarnold@redhat.com>
2025-09-12 20:48:40 +01:00

38 lines
2.1 KiB
Plaintext
Raw Permalink Blame History

// Module included in the following assemblies:
//
// * migration_toolkit_for_containers/release_notes/mtc-release-notes.adoc
:_mod-docs-content-type: REFERENCE
[id="migration-mtc-release-notes-1-8-2_{context}"]
= {mtc-full} 1.8.2 release notes
[id="resolved-issues-1-8-2_{context}"]
== Resolved issues
This release has the following major resolved issues:
.Backup phase fails after setting custom CA replication repository
In previous releases of {mtc-first}, after editing the replication repository, adding a custom CA certificate, successfully connecting the repository, and triggering a migration, a failure occurred during the backup phase.
.CVE-2023-26136: tough-cookie package before 4.1.3 are vulnerable to Prototype Pollution
In previous releases of ({mtc-short}), versions before 4.1.3 of the `tough-cookie` package used in {mtc-short} were vulnerable to prototype pollution. This vulnerability occurred because CookieJar did not handle cookies properly when the value of the `rejectPublicSuffixes` was set to `false`.
For more details, see link:https://access.redhat.com/security/cve/cve-2023-26136[(CVE-2023-26136)]
.CVE-2022-25883 openshift-migration-ui-container: nodejs-semver: Regular expression denial of service
In previous releases of ({mtc-short}), versions of the `semver` package before 7.5.2, used in {mtc-short}, were vulnerable to Regular Expression Denial of Service (ReDoS) from the function `newRange`, when untrusted user data was provided as a range.
For more details, see link:https://access.redhat.com/security/cve/cve-2022-25883[(CVE-2022-25883)]
[id="known-issues-1-8-2_{context}"]
== Known issues
{mtc-short} 1.8.2 has the following known issues:
.Ansible Operator is broken when {VirtProductName} is installed
There is a bug in the `python3-openshift` package that installing {VirtProductName} exposes, with an exception, `ValueError: too many values to unpack`, returned during the task. {mtc-short} 1.8.4 has implemented a workaround. Updating to {mtc-short} 1.8.4 means you are no longer affected by this issue. link:https://issues.redhat.com/browse/OCPBUGS-38116[(OCPBUGS-38116)]
View Git Blame Copy Permalink