VPC Block CSI Driver add-on version change log
Review the version history for VPC Block CSI Driver.
Version 5.2
5.2.31_687, released 17 February 2025
- Resolves the following CVEs: CVE-2024-45339, and CVE-2024-45338.
- Resiliency improvement to use VPC Storage service API for tagging volumes. This doesn't impact existing or new PVCs. This reduces the number of Kubernetes service API calls.
- Updates the golang base image to 1.22.12.
- Updates the armada-storage-secret to v1.3.22.
Version 5.1
5.1.33_685, released 17 February 2025
- Resolves the following CVEs: CVE-2024-45339, and CVE-2024-45338.
- Resiliency improvement to use VPC Storage service API for tagging volumes. This doesn't impact existing or new PVCs. This reduces the number of Kubernetes service API calls.
- Updates the golang base image to 1.22.12.
- Updates the armada-storage-secret to v1.2.55.
Version 5.2
Change log for version 5.2.26_657, released 11 December 2024
- Resolves CVE-2024-51744.
- Increases custom volume profile support to a maximum of 16TB.
- Removes IOPS and capacity validation for custom volume profile from CSI Driver. Now VPC IaaS performs validation and shows the following generic error in case of wrong user input:
The volume profile specified in the request is not valid for the provided capacity and/or IOPS
. Existing VPCs are not impacted.
Change log for version 5.2.24_641, released 20 November 2024
- Updates the golang base image to
1.22.9
. - Introduces an
init
container to clean up any leftover controller pods from the 5.1 release.
Change log for version 5.2.21_602, released 3 October 2024
- Adds support for cross-account snapshot restoration.
- Updates the golang base image to
1.22.7
. - Updates to Kubernetes 1.30 client libraries.
- Updates the CSI specification to version
1.9.0
. - Fixes a security issue for the CSI sidecar liveness probe. The sidecar now runs as non-root in the Node Server pod.
- Adds the ability to set a default storage class. For more information, see Setting the default storage class.
- Updates the following sidecar images:
csi-provisioner:v5.0.2
,csi-resizer:v1.11.2
,csi-snapshotter:v8.0.1
,csi-attacher:v4.6.1
,livenessprobe:v2.13.1
, andcsi-node-driver-registrar:v2.11.1
- Resolves CVE-2024-2398, CVE-2024-37370, CVE-2024-37371.
Change log for version 5.2.20_579, released 15 July 2024
- Updates the golang image to
1.21.12-community
. - Updates the
armada-storage-secret
tov1.3.10
. - Resolves CVE-2024-28182 and CVE-2023-2953.
Change log for version 5.2.19_570, released 21 June 2024
- Updates
golang
to1.21.11-community
. - Updates the
armada-storage-secret
tov1.3.9
. - Resolves: CVE-2024-2961, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602.
Change log for version 5.2.18_539, released 10 May 2024
- Updates
golang
to1.21.9-community
. - Removes
curl
package from base image. - Updates the
armada-storage-secret
tov1.3.7
. - Resolves CVE-2023-46218, CVE-2023-28322, and CVE-2023-38546.
Change log for 5.2.17_535, released 08 March 2024
- Base image migrated from UBI to golang.
Change log for version 5.2.15_501, released 08 February 2024
- Changes how the IAM endpoint is determined for VPC Gen2 clusters.
- Upgrades Kubernetes client library to 1.28.
- Upgrades CSI spec to 1.8.0.
- Resolves the following CVEs: CVE-2022-48560, CVE-2022-48564, CVE-2023-39615, CVE-2023-43804, CVE-2023-45803, and CVE-2023-5981.
- Updates the following sidecar images:
armada-storage-secret
tov1.3.5
.csi-attacher
tov4.4.3
.csi-node-driver-registrar
tov2.9.3
.csi-provisioner
tov3.6.3
.csi-resizer
tov1.9.3
.csi-snapshotter
tov6.3.3
.livenessprobe
tov2.11.0
.
Change log for version 5.2.14_485, released 10 January 2024
- Resolves CVE-2023-3446, CVE-2023-3817, and CVE-2023-5678.
- Applies a security fix to use the correct socket path following SElinux policy module changes and CSI recommendations to use
/var/lib/kubelet/plugins/
.
Change log for version 5.2.11_447, released 27 November 2023
- Updates Golang to
1.20.11
. - Updates the UBI image to
8.9.1029
. - Updates
armada-storage-secret
tov1.3.3
. - Resolves the following CVEs: CVE-2023-22745, CVE-2007-4559, CVE-2023-40217, and CVE-2023-4641.
Change log for version 5.2.10_428, released 13 November 2023
- Updates Golang
1.20.10
. - Updates the
storage-secret-sidecar
image to1.3.2
. - The add-on tries to reach the IAM endpoint/token exchange URL for 5 minutes, in case of timeout.
- Resolves the following CVEs: CVE-2023-44487, CVE-2023-4911, CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, and CVE-2023-39325.
Change log for version 5.2, released 25 September 2023
- Adds support for Z system. Multi-architecture images are supported on both
s390x
andamd64
based clusters. - Adds a new configurable flag
VolumeAttachmentLimit
inaddon-vpc-block-csi-driver-configmap
configMap that allows users to edit the maximum number of volumes that can be attached per node. The default value is set to12
. - Deploys controller pods as
Deployments
. Previous releases were deployed asSatefulsets
. - Resolves an issue where logs showed incorrect completion duration of some CSI operations.
- Pulls sidecars from
registry.k8s.io
. - Adds support for 2 volume snapshot classes with delete and retain policies.
- Updates
k8s
package from1.26.1
to1.26.6
.
Version 5.1
Change log for version 5.1.31_656, released 11 December 2024
- Resolves CVE-2024-51744.
Change log for version 5.1.29_642, released 20 November 2024
- Updates the golang base image to
1.22.9
. - Introduces an
init
container to clean up any leftover controller pods from 5.2 release.
Change log for version 5.1.26_601, released 3 October 2024
- Updates the golang base image to
1.22.7
. - Updates to Kubernetes 1.30 client libraries.
- Updates the CSI specification to version
1.9.0
. - Fixes a security issue for the CSI sidecar liveness probe. The sidecar now runs as non-root in the Node Server pod.
- Adds the ability to set a default storage class. For more information, see Setting the default storage class.
- Updates the following sidecar images:
csi-provisioner:v5.0.2
,csi-resizer:v1.11.2
,csi-snapshotter:v8.0.1
,csi-attacher:v4.6.1
,livenessprobe:v2.13.1
, andcsi-node-driver-registrar:v2.11.1
- Resolves CVE-2024-2398, CVE-2024-37370, CVE-2024-37371.
Change log for version 5.1.25_574, released 15 July 2024
- Updates the golang image to
1.21.12-community
. - Updates the
armada-storage-secret
tov1.2.40
. - Resolves CVE-2024-28182 and CVE-2023-2953.
Change log for version 5.1.24_567, released 21 June 2024
- Updates
golang
to1.21.11-community
. - Updates the
armada-storage-secret
tov1.3.8
. - Resolves: CVE-2024-2961, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602.
Change log for version 5.1.23_543, released 10 May 2024
- Updates
golang
to1.21.9-community
. - Removes
curl
package from base image. - Updates the
armada-storage-secret
tov1.2.35
. - Resolves CVE-2023-46218, CVE-2023-28322, and CVE-2023-38546.
Change log for 5.1.22_522, released 08 March 2024
- Base image migrated from UBI to golang.
Change log for version 5.1.21_506, released 08 February 2024
- Changes how the IAM endpoint is determined for VPC Gen2 clusters.
- Upgrades Kubernetes client library to 1.28.
- Upgrades CSI spec to 1.8.0.
- Resolves the following CVEs: CVE-2022-48560, CVE-2022-48564, CVE-2023-39615, CVE-2023-43804, CVE-2023-45803, and CVE-2023-5981.
- Updates the following sidecar images:
armada-storage-secret
tov1.2.31
.csi-attacher
tov4.4.3
.csi-node-driver-registrar
tov2.9.3
.csi-provisioner
tov3.6.3
.csi-resizer
tov1.9.3
.csi-snapshotter
tov6.3.3
.livenessprobe
tov2.11.0
.
Change log for version 5.1.19_486, released 10 January 2024
- Resolves CVE-2023-3446, CVE-2023-3817, and CVE-2023-5678.
- Applies a security fix to use the correct socket path following SElinux policy module changes and CSI recommendations to use
/var/lib/kubelet/plugins/
.
Change log for version 5.1.16_446, released 27 November 2023
- Updates Golang to
1.20.11
. - Updates the UBI image to
8.9.1029
. - Updates
armada-storage-secret
tov1.2.29
. - Resolves the following CVEs: CVE-2023-22745, CVE-2007-4559, CVE-2023-40217, and CVE-2023-4641.
Change log for version 5.1.15_419 released 13 November 2023
- Updates Golang
1.20.10
. - Updates the
storage-secret-sidecar
image to1.2.28
. - The add-on tries reaching the IAM endpoint/token exchange URL for 5 minutes, in case of timeout.
- Resolves the following CVEs: CVE-2023-44487, CVE-2023-4911, CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, and CVE-2023-39325.
Change log for version 5.1.13_345, released 14 September 2023
- Updated the UBI image to
8.8-860
. - Updated the Golang updated to
1.19.12
. - Resolves the following CVEs: CVE-2023-34969, CVE-2023-28321, CVE-2023-2602, CVE-2023-2603, CVE-2023-28484, CVE-2023-29469, CVE-2023-27536, CVE-2023-3899, and CVE-2023-32681.
Change log for version 5.1.12_285, released 01 August 2023
- Node affinity added for controller server and node server, so that pods do not crash on Z system (s390x) based clusters.
- Resolves the following CVEs: CVE-2023-26604, CVE-2020-24736, CVE-2023-1667, and CVE-2023-2283.
Change log for version 5.1.11_126, released 21 June 2023
- Updates the following sidecar images:
storage-secret-sidecar
tov1.2.24
.csi-node-driver-registrar
tov2.7.0
.livenessprobe
tov2.9.0
.csi-provisioner
tov3.4.1
.csi-attacher
tov4.2.0
.csi-resizer
tov1.7.0
.csi-snapshotter
tov6.2.1
.
- Updates the UBI image
8.8-860
. - Updates Golang to
1.19.10
. - Resolves the following CVEs:
- Introduced two new configurable flags in
addon-vpc-block-csi-driver-configmap
configMap to enable/disable and edit the retry interval for Snapshot Creation.IsSnapshotEnabled
allows users to disable or enable snapshot functionality. By default, this parameter is set totrue
CustomSnapshotCreateDelay
allows users to edit the maximum delay (in seconds) for snapshot calls in case the source volume is not found and the volume is not attached. The maximum delay allowed is 15 minutes and the default is 5 minutes.
Change log for version 5.1.8_1970, released 15 May 2023
- Updates UBI image to
8.7-1107
- Updates Golang to
1.19.8
- Users must determine token exchange URL based on cluster provider. For Satellite clusters, always use the provided token exchange URL. If the URL is not provided, use public IAM endpoint.
- Resolves the following CVEs:
Change log for version 5.1.6_1872, released 05 April 2023
- Updates the storage-secret-sidecar image to
v1.2.20
. - Updates Golang to
v1.19.7
. - Updates the UBI image to
8.7-1085.1679482090
- Resolves the following CVEs:
Change log for version 5.1.5_1857, released 29 March 2023
- Updates the storage-secret-sidecar image to
v1.2.19
. - Resolves CVE-2023-23916
Change log for version 5.1.4_1852, released 07 March 2023
- Upgrades Kubernetes packages to version
1.26
. - Updates the storage-secret-sidecar image to
v1.2.18
. - Resolves the following CVEs: CVE-2020-10735, CVE-2021-28861, CVE-2022-45061, CVE-2022-4415, CVE-2022-40897.
Change log for version 5.1.2_1828, released 21 February 2023
- Resolves CVE-2022-47629.
Change log for version 5.1, released 9 February 2023
- Updates the snapshot size to reflect actual source volume size.
- Improves the resize method when creating a volume from a snapshot.
- Updates the Kubernetes dependency to
1.25
. - Adds support for configuring the log level for sidecars from the configmap.
- Makes the
ibmc-vpcblock-snapshot
class the defaultVolumesnapshotclass
. - Adds the
priorityClass
in the deployment file for controller and node pods. - Updates the driver to read the node instance ID from the node spec provider ID instead of node labels.
- Fixes a bug in volume expansion for raw block volumes.
- Removes the
preStop
hook for thecsi-driver-registrar
.
Version 5.0
Change log for version 5.0.23_437, released 27 November 2023
- Updates Golang to
1.20.11
. - Updates the UBI image to
8.9.1029
. - Updates
armada-storage-secret
tov1.2.29
. - Resolves the following CVEs: CVE-2023-22745, CVE-2007-4559, CVE-2023-40217, and CVE-2023-4641.
Change log for version 5.0.21_401, released 13 November 2023
- Updates Golang to
1.20.10
. - Updates the
storage-secret-sidecar
image to1.2.28
. - Resolves the following CVEs: CVE-2023-44487, CVE-2023-4911, CVE-2023-4527, CVE-2023-4806, CVE-2023-4813, and CVE-2023-39325.
Change log for version 5.0.19_358, released 14 September 2023
- Updated the UBI image to
8.8-860
. - Updated the Golang updated to
1.19.12
. - Resolves the following CVEs: CVE-2023-34969, CVE-2023-28321, CVE-2023-2602, CVE-2023-2603, CVE-2023-28484, CVE-2023-29469, CVE-2023-27536, CVE-2023-3899, and CVE-2023-32681.
Change log for version 5.0.17_266, released 01 August 2023
- Node affinity added for controller server and node server, so that pods do not crash on Z system (s390x) based clusters.
- Resolves the following CVEs: CVE-2023-26604, CVE-2020-24736, CVE-2023-1667, and CVE-2023-2283.
Change log for version 5.0.16_127, released 21 June 2023
- Updates the following sidecar images:
storage-secret-sidecar
tov1.2.24
.csi-node-driver-registrar
tov2.7.0
.livenessprobe
tov2.9.0
.csi-provisioner
tov3.4.1
.csi-attacher
tov4.2.0
.csi-resizer
tov1.7.0
.csi-snapshotter
tov6.2.1
.
- Updates the UBI image
8.8-860
. - Updates Golang to
1.19.10
. - Resolves the following CVEs: CVE-2022-43552, CVE-2022-3204, CVE-2023-27535,[CVE-2022-36227], CVE-2022-35252, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405, CVE-2023-29402, CVE-2023-29400, CVE-2023-24540, CVE-2023-24539.
- Introduced two new configurable flags in
addon-vpc-block-csi-driver-configmap
configMap to enable/disable and edit the retry interval for Snapshot Creation.IsSnapshotEnabled
allows users to disable or enable snapshot functionality. By default, this parameter is set totrue
CustomSnapshotCreateDelay
allows users to edit the maximum delay (in seconds) for snapshot calls in case the source volume is not found and the volume is not attached. The maximum delay allowed is 15 minutes and the default is 5 minutes.
Change log for version 5.0.12_1963, released 15 May 2023
- Updates UBI image to
8.7-1107
- Updates Golang to
1.19.8
- Users must determine token exchange URL based on cluster provider. For Satellite clusters, always use the provided token exchange URL. If the URL is not provided, use public IAM endpoint.
- Resolves the following CVEs: CVE-2023-0361, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538.
Change log for version 5.0.10_1869, released 05 April 2023
- Updates the storage-secret-sidecar image to
v1.2.20
. - Updates Golang to
v1.19.7
. - Updates the UBI image to
8.7-1085.1679482090
- Resolves the following CVEs: CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, and CVE-2023-0286.
Change log for version 5.0.9_1862, released 29 March 2023
- Updates the storage-secret-sidecar image to
v1.2.19
. - Resolves CVE-2023-23916
Change log for version 5.0.8_1841, released 07 March 2023
- Updates the storage-secret-sidecar image to
v1.2.18
. - Resolves the following CVEs: CVE-2020-10735, CVE-2021-28861, CVE-2022-45061, CVE-2022-4415, CVE-2022-40897.
Change log for version 5.0.7_1836, released 21 February 2023
- Added
priorityClass
in the deployment file for controller and node pods. - Removed
preStop hook
for thecsi-driver-registrar
. - Resolves CVE-2022-47629.
Change log for version 5.0.5_1784, released 24 January 2023
- Updates the storage-secret-sidecar image to
v1.2.15
. - Resolves CVE-2022-43680, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-3821, CVE-2022-35737, and CVE-2021-46848.
Change log for version 5.0.4_1773, released 10 January 2023
- Updates Golang to
1.18.9
. - Updates the
storage-secret-sidecar
image tov1.2.14
. - Fixed volume tagging issue related to multiple tags.
- Added Block storage volume health state in driver logs. Volume health gives a detailed description as mentioned in the Managing block storage doc.
- Resolves the following CVEs:
Change log for version 5.0.2_1713, released 17 November 2022
- Updates the
storage-secret-sidecar
image tov1.2.12
- Resolves the following CVEs:
Change log for version 5.0.1_1695, released 9 November 2022
- Updates the
storage-secret-sidecar
image tov1.2.10
- Updates the
csi-node-driver-registrar
tov2.5.0
- Updates the
livenessprobe
tov2.6.0
- Updates the
csi-provisioner
tov3.2.1
- Updates the
csi-attacher
tov3.5.0
- Updates the
csi-resizer
tov1.5.0
- Resolves the following CVEs:
Change log for version 5.0, released 11 October 2022
- Adds snapshot support for cluster versions 1.25 and later.
- Makes the resource requests and limits of the
vpc-block-csi-driver
containers configurable. To view the config runkubectl get cm -n kube-system addon-vpc-block-csi-driver-configmap -o yaml
- Adds the following parameters for customizing the driver.
AttachDetachMinRetryGAP: "3"
: The initial retry interval for checking Attach/Detach Status. The default is 3 seconds.AttachDetachMinRetryAttempt: "3"
: The number of attempts for AttachDetachMinRetryGAP. The default is 3 retries for 3 seconds retry gap.AttachDetachMaxRetryAttempt: "46"
: Total number of retries for checking Attach/Detach Status. Default is 46 times. For example, ~7 minutes (3 secs * 3 times + 6 secs * 6 times + 10 secs * 10 times).AttacherWorkerThreads: "15"
: The number ofgoroutines
for processing VolumeAttachments.AttacherKubeAPIBurst: "10"
: The number of requests to the Kubernetes API server, exceeding the QPS, that can be sent at any given timeAttacherKubeAPIQPS: "5.0"
: The number of requests per second sent by a Kubernetes client to the Kubernetes API server.
- Disables the
handle-volume-inuse-error
option as this is applies to CSI drivers that support offline expansion only.
Change log for version 5.0.4-beta_1566, released 14 July 2022
- Updates the storage-secret-sidecar image to
v1.1.12
. - Updates Golang to version
1.18.3
. - Updates UBI image to version
8.6-854
. - Pushes community images to
icr.io
. - Fixes a bug for
user_tags
andservice_tags
data types. - Changes the
volumesnapshotclass
name. - Fixes for format errors and mount failures.
- Resolves the following CVEs:
Change log for version 5.0.1-beta_1411, released 15 June 2022
Fixes a bug where the resource group wasn't included in the snapshot creation request payload.
Change log for version 5.0.0-beta_1125, released 10 June 2022
Adds snapshot support.
Version 4.4
Change log for version 4.4.17_1829, released 21 February 2023
- Resolves CVE-2022-47629.
Change log for version 4.4.16_1779, released 24 January 2023
- Updates the storage-secret-sidecar image to
v1.2.15
. - Resolves CVE-2022-43680, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-3821, CVE-2022-35737, and CVE-2021-46848.
Change log for version 4.4.15_1764, released 10 January 2023
- Updates Golang to
1.18.9
. - Updates the
storage-secret-sidecar
image tov1.2.14
. - Fixed volume tagging issue related to multiple tags.
- Resolves the following CVEs:
Change log for version 4.4.13_1712, released 17 November 2022
- Updates the
storage-secret-sidecar
image tov1.2.12
- Resolves the following CVEs:
Change log for version 4.4.12_1700, released 9 November 2022
- Updates the
storage-secret-sidecar
image tov1.2.10
, - Updates the
csi-node-driver-registrar
tov2.5.0
- Updates the
livenessprobe
tov2.6.0
- Updates the
csi-provisioner
tov3.2.1
- Updates the
csi-attacher
tov3.5.0
- Updates the
csi-resizer
tov1.5.0
- Resolves the following CVEs: CVE-2022-37434, CVE-2022-2509, CVE-2022-40674, CVE-2020-35525, CVE-2020-35527, CVE-2022-3515.
Change log for version 4.4.11_1614, released 23 September 2022
- Updates the
storage-secret-sidecar
image tov1.2.8
. - Updates the golang version to
1.18.6
. - Resolves the following CVEs: CVE-2022-27664, CVE-2022-32190.
Change log for version 4.4.10_1578, released 13 September 2022
- Updates the
storage-secret-sidecar
image tov1.2.7
- Resolves the following CVEs: CVE-2022-32206, CVE-2022-32208, CVE-2022-2526.
Change log for version 4.4.9_1566, released 25 August 2022
- Updates Golang to version
1.18.5
- Updates the
storage-secret-sidecar
image tov1.2.6
- Resolves the following CVEs: CVE-2022-1586, CVE-2022-2068, CVE-2022-1292, CVE-2022-2097.
Change log for version 4.4.8_1550, released 18 July 2022
- Updates the
storage-secret-sidecar
image tov1.2.5
- Updates Golang to version
1.18.3
- Updates UBI image to version
8.6-854
- Fixes an issue where volume mounting on node fails with already mounted error.
- Resolves the following CVEs: CVE-2022-29824, CVE-2021-40528, CVE-2022-22576, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782, CVE-2022-25313, CVE-2022-25314.
Change log for version 4.4.6_1446, released 24 June 2022
- Includes an update where volume creation or expansion isn't retried if the provided volume capacity is not supported by volume profile.
- Updates the
storage-secret-sidecar
image tov1.2.4
- Resolves CVE-2022-1271
- Adds a security fix related with image signing.
Change log for version 4.4.5_1371, released 13 June 2022
- Adds support for IAM trusted profiles.
- Adds IAM token caching in memory for up to 40 minutes which reduces the number of calls to IAM and improves driver performance.
- Updates the
storage-secret-sidecar
image tov1.2.3
. - Fixes a volume expansion error handling issue.
Version 4.3
Change log for version 4.3.8_1705 released 11 November 2022
- Updates the
storage-secret-sidecar
image tov1.2.10
- Updates the
csi-node-driver-registrar
tov2.5.0
- Updates the
livenessprobe
tov2.6.0
- Updates the
csi-provisioner
tov3.2.1
- Updates the
csi-attacher
tov3.5.0
- Updates the
csi-resizer
tov1.5.0
- Resolves the following CVEs: CVE-2022-37434, CVE-2022-2509, CVE-2022-40674, CVE-2020-35525, CVE-2020-35527, CVE-2022-3515
Change log for version 4.3.7_1613, released 22 September 2022
- Updates the
storage-secret-sidecar
image tov1.1.15
. - Updates the golang version to
1.18.6
. - Resolves the following CVEs: CVE-2022-27664 and CVE-2022-32190.
Change log for version 4.3.6_1579, released 12 September 2022
- Updates the
storage-secret-sidecar
image tov1.1.14
- Resolves the following CVEs: CVE-2022-32206, CVE-2022-32208, CVE-2022-2526.
Change log for version 4.3.5_1563, released 24 August 2022
- Updates Golang to version
1.18.5
- Updates the
storage-secret-sidecar
image tov1.1.13
- Resolves the following CVEs: CVE-2022-1586, CVE-2022-2068, CVE-2022-1292, CVE-2022-2097.
Change log for version 4.3.4_1551, released 18 July 2022
- Updates the
storage-secret-sidecar
image tov1.1.12
- Updates Golang to version
1.18.3
- Updates UBI image to version
8.6-854
- Improves secret watcher in case of secret update.
- Fixes an issue where volume mounting on node fails with already mounted error.
- Resolves the following CVEs: CVE-2022-29824, CVE-2021-40528, CVE-2022-22576, CVE-2022-27774, CVE-2022-27776, CVE-2022-27782, CVE-2022-25313, CVE-2022-25314.
Change log for version 4.3.2_1441, released 17 June 2022
- Added security fix related to image signing
- Updates the
storage-secret-sidecar
image tov1.1.11
- Resolves CVE-2022-1271
Change log for version 4.3.0_1163, released 25 May 2022
- Resolves the following CVEs: CVE-2021-3634, CVE-2021-3737, [CVE-2021-4189]https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4189){: external}.
- Updates the
storage-secret-sidecar
image tov1.1.10
- Fixes Volume provisioning failure when in StorageClass Region is provided without zone info
- Fixes an issue where volume creation fails if only
failure-domain.beta.kubernetes.io/zone
is given inallowedTopologies
Region
support is now DEPRECATED in the storage class. Providing "region" detail in storage classes is deprecated in this release, this will not cause any issues with either existing PVC or new PVC. For now the default behavior is to get the region detail from the node label only which is now mandatory for all cases.
Version 4.2
Change log for version 4.2.6_1161, released 12 May 2022
- Updates armada-storage-secret to
v1.1.10
- Resolves the following CVEs: CVE-2021-3634, CVE-2021-3737, CVE-2021-4189.
Change log for version 4.2.5_1106, released 12 May 2022
- Updates armada-storage-secret to
v1.1.9
- Updates the UBI version to
8.5-243.1651231653
- Resolves CVE-2022-1271.