Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[enterprise-4.13] MIG-1509: MTC 1.7.15 Release Notes #75392

Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions migration_toolkit_for_containers/mtc-release-notes.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ include::modules/migration-mtc-release-notes-1-8-3.adoc[leveloffset=+1]
include::modules/migration-mtc-release-notes-1-8-2.adoc[leveloffset=+1]
include::modules/migration-mtc-release-notes-1-8-1.adoc[leveloffset=+1]
include::modules/migration-mtc-release-notes-1-8.adoc[leveloffset=+1]
include::modules/migration-mtc-release-notes-1-7-15.adoc[leveloffset=+1]
include::modules/migration-mtc-release-notes-1-7-14.adoc[leveloffset=+1]
include::modules/migration-mtc-release-notes-1-7-13.adoc[leveloffset=+1]
include::modules/migration-mtc-release-notes-1-7-12.adoc[leveloffset=+1]
Expand Down
45 changes: 45 additions & 0 deletions modules/migration-mtc-release-notes-1-7-15.adoc
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
// Module included in the following assemblies:
//
// * migration_toolkit_for_containers/mtc-release-notes.adoc
:_mod-docs-content-type: REFERENCE
[id="migration-mtc-release-notes-1-7-15_{context}"]
= {mtc-full} 1.7.15 release notes

[id="resolved-issues-1-7-15_{context}"]
== Resolved issues

This release has the following resolved issues:

.CVE-2024-24786: A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop

A flaw was found in the `protojson.Unmarshal` function that could cause the function to enter an infinite loop when unmarshaling certain forms of invalid JSON messages. This condition could occur when unmarshaling into a message that contained a `google.protobuf.Any` value or when the `UnmarshalOptions.DiscardUnknown` option was set in a JSON-formatted message.

To resolve this issue, upgrade to {mtc-short} 1.7.15.

For more details, see link:https://access.redhat.com/security/cve/CVE-2024-24786[(CVE-2024-24786)].

.CVE-2024-28180: `jose-go` improper handling of highly compressed data

A vulnerability was found in Jose due to improper handling of highly compressed data. An attacker could send a JSON Web Encryption (JWE) encrypted message that contained compressed data that used large amounts of memory and CPU when decompressed by the `Decrypt` or `DecryptMulti` functions. 

To resolve this issue, upgrade to {mtc-short} 1.7.15.

For more details, see link:https://access.redhat.com/security/cve/CVE-2024-28180[(CVE-2024-28180)].


[id="known-issues-1-7-15_{context}"]
== Known issues

This release has the following known issues:

.Direct Volume Migration is failing as the Rsync pod on the source cluster goes into an `Error` state

On migrating any application with Persistent Volume Claim (PVC), the `Stage` migration operation succeeds with warnings, and Direct Volume Migration (DVM) fails with the `rsync` pod on the source namespace going into an `error` state. link:https://bugzilla.redhat.com/show_bug.cgi?id=2256141[(BZ#2256141)]

.The conflict condition is briefly cleared after it is created

When creating a new state migration plan that results in a conflict error message, the error message is cleared shortly after it is displayed. link:https://bugzilla.redhat.com/show_bug.cgi?id=2144299[(BZ#2144299)]

.Migration fails when there are multiple Volume Snapshot Locations (VSLs) of different provider types configured in a cluster with no specified default VSL.

When there are multiple VSLs in a cluster with different provider types, and you set none of them as the default VSL, Velero results in a validation error that causes migration operations to fail. link:https://bugzilla.redhat.com/show_bug.cgi?id=2180565[(BZ#2180565)]