mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
66 lines
3.6 KiB
Plaintext
66 lines
3.6 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * migration_toolkit_for_containers/release_notes/mtc-release-notes.adoc
|
|
:_mod-docs-content-type: REFERENCE
|
|
[id="migration-mtc-release-notes-1-8-3_{context}"]
|
|
= {mtc-full} 1.8.3 release notes
|
|
|
|
[id=technical-changes-1-8-3_{context}]
|
|
== Technical changes
|
|
|
|
{mtc-first} 1.8.3 has the following technical changes:
|
|
|
|
.{oadp-short} 1.3 is now supported
|
|
|
|
{mtc-short} 1.8.3 adds support to {oadp-first} as a dependency of {mtc-short} 1.8.z.
|
|
|
|
[id="resolved-issues-1-8-3_{context}"]
|
|
== Resolved issues
|
|
|
|
{mtc-short} 1.8.3 has the following major resolved issues:
|
|
|
|
.CVE-2024-24786: Flaw in Golang `protobuf` module causes `unmarshal` function to enter infinite loop
|
|
|
|
In previous releases of {mtc-short}, a vulnerability was found in Golang's `protobuf` module, where the `unmarshal` function entered an infinite loop while processing certain invalid inputs. Consequently, an attacker provided carefully constructed invalid inputs, which caused the function to enter an infinite loop.
|
|
|
|
With this update, the `unmarshal` function works as expected.
|
|
|
|
For more information, see link:https://access.redhat.com/security/cve/CVE-2024-24786[CVE-2024-24786].
|
|
|
|
.CVE-2023-45857: Axios Cross-Site Request Forgery Vulnerability
|
|
|
|
In previous releases of {mtc-short}, a vulnerability was discovered in Axios 1.5.1 that inadvertently revealed a confidential `XSRF-TOKEN` stored in cookies by including it in the HTTP header `X-XSRF-TOKEN` for every request made to the host, allowing attackers to view sensitive information.
|
|
|
|
For more information, see link:https://access.redhat.com/security/cve/CVE-2023-45857[CVE-2023-45857].
|
|
|
|
.Restic backup does not work properly when the source workload is not quiesced
|
|
|
|
In previous releases of {mtc-short}, some files did not migrate when deploying an application with a route. The Restic backup did not function as expected when the quiesce option was unchecked for the source workload.
|
|
|
|
This issue has been resolved in {mtc-short} 1.8.3.
|
|
|
|
For more information, see link:https://bugzilla.redhat.com/show_bug.cgi?id=2242064[BZ#2242064].
|
|
|
|
.The `Migration Controller` fails to install due to an unsupported value error in Velero
|
|
|
|
The `MigrationController` failed to install due to an unsupported value error in Velero. Updating {oadp-short} 1.3.0 to {oadp-short} 1.3.1 resolves this problem. For more information, see link:https://bugzilla.redhat.com/show_bug.cgi?id=2267018[BZ#2267018].
|
|
|
|
This issue has been resolved in {mtc-short} 1.8.3.
|
|
|
|
For a complete list of all resolved issues, see the list of link:https://issues.redhat.com/issues/?filter=12432429[{mtc-short} 1.8.3 resolved issues] in Jira.
|
|
|
|
[id="known-issues-1-8-3_{context}"]
|
|
== Known issues
|
|
|
|
{mtc-first} 1.8.3 has the following known issues:
|
|
|
|
.Ansible Operator is broken when {VirtProductName} is installed
|
|
|
|
There is a bug in the `python3-openshift` package that installing {VirtProductName} exposes, with an exception, `ValueError: too many values to unpack`, returned during the task. {mtc-short} 1.8.4 has implemented a workaround. Updating to {mtc-short} 1.8.4 means you are no longer affected by this issue. link:https://issues.redhat.com/browse/OCPBUGS-38116[(OCPBUGS-38116)]
|
|
|
|
.The associated SCC for service account cannot be migrated in {OCP} 4.12
|
|
|
|
The associated Security Context Constraints (SCCs) for service accounts in {OCP} version 4.12 cannot be migrated. This issue is planned to be resolved in a future release of {mtc-short}. link:https://issues.redhat.com/browse/MIG-1454[(MIG-1454)].
|
|
|
|
For a complete list of all known issues, see the list of link:https://issues.redhat.com/issues/?filter=12429975[{mtc-short} 1.8.3 known issues] in Jira.
|