(ENGDTR-3573) MSR now offers the option to disable coloring in the log output.
(ENGDTR-3558) Updated Go to version 1.19.4.
(ENGDTR-3649) Updated Synopsys scanner to version 2022-12-2.
(FIELD-5447) Fixed an issue with the
/api/v0/api_tokensendpoint wherein changing the value of the
pageStartparameter did not change the page returned in the request output.
When upgrading from a previous MSR version, for the fix to go into effect you must run a particular command sequence using the RethinkDB CLI. Contact Mirantis support for the RethinkDB CLI instructions. Fresh installations do not require the manual CLI steps.
(ENGDTR-3421) Fixed an issue wherein the MSR web UI would break whenever a user tried to access the repository page for an organization from a repository list.
(FIELD-4211) MSR now issues a warning when installations or upgrades fail due to the disabling of MKE admin container scheduling.
CVE information, as detailed:
Problem details from upstream
SQLite through 3.40.0, when relying on
--safefor execution of an untrusted CLI script, does not properly implement the
azProhibitedFunctionsprotection mechanism, and instead allows UDF functions such as
An issue was discovered in Oniguruma 6.2.0, as used in
Oniguruma-modin Ruby through 2.4.1 and
mbstringin PHP through 7.1.5. A stack out-of-bounds write in
onigenc_unicode_get_case_fold_codes_by_str()occurs during regular expression compilation. Code point
0xFFFFFFFFis not properly handled in
unicode_unfold_key(). A malformed regular expression could result in 4 bytes being written off the end of a stack buffer of
expand_case_fold_string()during the call to
onigenc_unicode_get_case_fold_codes_by_str(), a typical stack buffer overflow.