From 64ffe38f2c05922832ce78d74c2039436320dbec Mon Sep 17 00:00:00 2001 From: Agil Antony Date: Wed, 29 Oct 2025 17:47:56 +0530 Subject: [PATCH 1/2] ROX31447 Release notes for 4.8.5 --- modules/common-attributes.adoc | 3 ++- release_notes/48-release-notes.adoc | 25 ++++++++++++++++++++++++- 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/modules/common-attributes.adoc b/modules/common-attributes.adoc index 79ff62fe325f..e9ac1ff3aa0d 100644 --- a/modules/common-attributes.adoc +++ b/modules/common-attributes.adoc @@ -59,10 +59,11 @@ endif::[] :osp: Red{nbsp}Hat OpenShift :olm-first: Operator Lifecycle Manager (OLM) :olm: OLM -:rhacs-version: 4.8.4 +:rhacs-version: 4.8.5 :ga-date-482: 18 August 2025 :ga-date-483: 9 September 2025 :ga-date-484: 15 September 2025 +:ga-date-485: 30 September 2025 :ocp-supported-version: 4.12 :ocp-latest-version: 4.17 :plugin-acs-latest-version: 0.0.4 diff --git a/release_notes/48-release-notes.adoc b/release_notes/48-release-notes.adoc index f7afd14071ab..c5a8c5b3a408 100644 --- a/release_notes/48-release-notes.adoc +++ b/release_notes/48-release-notes.adoc @@ -20,7 +20,7 @@ toc::[] |`4.8.2` | {ga-date-482} |`4.8.3` | {ga-date-483} |`4.8.4` | {ga-date-484} - +|`4.8.5` | {ga-date-485} |==== [id="about-this-release-480_{context}"] @@ -457,4 +457,27 @@ This release also addresses the following security vulnerabilities: * Vulnerability in the form-data JavaScript library (link:https://access.redhat.com/security/cve/cve-2025-7783)[CVE-2025-7783]) + +[id="about-this-release-485_{context}"] +== About release 4.8.5 + +*Release date* {ga-date-485} + +This release provides the following bug fixes: + +//ROX-30462 +* Before this update, Central reduced its logging from `ERROR` to `DEBUG` when semaphore acquisition failures occurred during shutdown. As a consequence, the log files were filled with excessive, misleading error messages when multiple scans were queued, making it difficult to identify genuine shutdown problems. ++ +With this update, the log level for semaphore acquisition failures is reduced from `ERROR` to `DEBUG`. As a result, it is easier to identify actual shutdown issues without the distraction of log spam. + +//ROX-30867 +* Before this update, Central processed large batches of process indicators in a single database transaction while holding a lock. As a consequence, you experienced mutex timeouts, and Central and Central DB were strained, leading to lock contention and prolonged transaction durations. ++ +With this update, the process indicator processing logic is optimized to minimize lock contention and transaction duration. As a result, mutex timeouts are prevented, and strain on Central and Central DB during high-volume indicator processing is reduced. + +//ROX-31088 +* Before this update, the installed version of the Compliance Operator was not correctly reported through telemetry. As a consequence, telemetry data for customer environments that included the Compliance Operator was inaccurate. ++ +With this update, the mechanism that reports the Compliance Operator version through telemetry is fixed. As a result, the Compliance Operator version is now correctly reported through telemetry. + include::modules/image-versions.adoc[leveloffset=+1] \ No newline at end of file From 5e4b6227d78c32f3b6737e68d20059fcf6399787 Mon Sep 17 00:00:00 2001 From: Agil Antony Date: Thu, 30 Oct 2025 17:26:09 +0530 Subject: [PATCH 2/2] ROX31447 Review comments --- release_notes/48-release-notes.adoc | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/release_notes/48-release-notes.adoc b/release_notes/48-release-notes.adoc index c5a8c5b3a408..f5da357fc868 100644 --- a/release_notes/48-release-notes.adoc +++ b/release_notes/48-release-notes.adoc @@ -466,18 +466,13 @@ This release also addresses the following security vulnerabilities: This release provides the following bug fixes: //ROX-30462 -* Before this update, Central reduced its logging from `ERROR` to `DEBUG` when semaphore acquisition failures occurred during shutdown. As a consequence, the log files were filled with excessive, misleading error messages when multiple scans were queued, making it difficult to identify genuine shutdown problems. -+ -With this update, the log level for semaphore acquisition failures is reduced from `ERROR` to `DEBUG`. As a result, it is easier to identify actual shutdown issues without the distraction of log spam. +* Before this update, the logging was excessive in various scenarios which were recoverable and not indicative of an actual error. With this update, the logs generated for acquiring scan semaphores have been reduced from `ERROR` to `DEBUG` level. As a result, it is easier to identify actual shutdown issues without the distraction of log spam. //ROX-30867 -* Before this update, Central processed large batches of process indicators in a single database transaction while holding a lock. As a consequence, you experienced mutex timeouts, and Central and Central DB were strained, leading to lock contention and prolonged transaction durations. -+ -With this update, the process indicator processing logic is optimized to minimize lock contention and transaction duration. As a result, mutex timeouts are prevented, and strain on Central and Central DB during high-volume indicator processing is reduced. +* Before this update, Central processed large batches of process indicators in a single database transaction while holding a lock. With this update, the process indicator processing logic is optimized, resulting in reduced strain on Central and Central DB during high-volume indicator processing. //ROX-31088 -* Before this update, the installed version of the Compliance Operator was not correctly reported through telemetry. As a consequence, telemetry data for customer environments that included the Compliance Operator was inaccurate. -+ -With this update, the mechanism that reports the Compliance Operator version through telemetry is fixed. As a result, the Compliance Operator version is now correctly reported through telemetry. +* Before this update, the installed version of the Compliance Operator was not correctly reported through telemetry. +With this update, the mechanism that reports the Compliance Operator version through telemetry is fixed and the Compliance Operator version is now correctly reported through telemetry. include::modules/image-versions.adoc[leveloffset=+1] \ No newline at end of file