Addressed issues

Issues addressed in the MKE 3.7.2 release include:

  • [FIELD-6453] Fixed an issue wherein users assigned as admins lost their admin privileges after conducting an LDAP sync with JIT enabled.

  • [FIELD-6446] Fixed an issue wherein the /ucp/etcd/info API endpoint incorrectly displayed the size of objects stored in the database, rather than the actual size of the database on disk. This fix introduces the DbSizeInUse field, alongside the existing ``DbSize``field , which ensures the accurate reporting of both the logically used size and physically allocated size of the backend database.

  • [FIELD-6437] Fixed an issue with the MKE configuration setting wherein the name was not verified against RFC-1123 label names.

  • [FIELD-6353] Fixed an issue wherein the accounts/<org>/members API would provide incomplete results when requesting non-admins.

  • [MKE-10267] Fixed three instances of CVE-2023-4911, rated High, which were detected on glibc-related components in the ucp-calico-node image.

  • [MKE-10231] Fixed an issue wherein clusters were left in an inoperable state following either:

    • Upgrade of MKE 3.7.0 clusters installed with the --multus-cni argument to MKE 3.7.1

    • Installation of a fresh MKE 3.7.1 cluster with the --multus-cni argument

  • [MKE-10204] Fixed an issue whereby the ucp images --list command returned all images, including those that are swarm-only. Now the swarm-only images are only returned when the :command:–swarm-only flag is included.

  • [MKE-10202] Fixed an issue whereby in swarm-only mode workers were attempting to run a Kubernetes component following an MKE upgrade.

  • [MKE-10032] Fixed an issue wherein MKE debug levels were not applied to cri-dockerd logs.

  • [MKE-10031] Fixed an issue wherein Calico for Windows was continuously writing to the cri-dockerd logs.