2.9.5¶
(2021-11-09)
Enhancements¶
Added new sub-command rotate-certificates to the
rethinkopsbinary that exists inside of thedtr-rethinkdbimage. This command allows you to rotate the certificates that provide intracluster communication between the MSR system containers and RethinkDB.To rotate certificates, docker exec into the
dtr-rethinkdbcontainer and use the command below (you can provide the--debugflag for more information):REPLICA_ID=$(docker ps -lf name='^/dtr-rethinkdb-.{12}$' --format '{{.Names}}' | cut -d- -f3) $ docker exec -e DTR_REPLICA_ID=$REPLICA_ID -it $(docker ps -q --filter name=dtr-rethinkdb) # rethinkops rotate-certificates --replica-id $DTR_REPLICA_ID --debug(FIELD-4044)
Addressed issues¶
Fixed an issue wherein the webhook could fail to trigger, thus issuing the “argument list too long” error (FIELD-3424).
Fixed an issue with the MSR web UI wherein the value of
{{tag}}is absent from the scanning report (FIELD-3931).Fixed an issue wherein the MSR image scan CSV report was missing the CVSS3 score and only had the CVSS2 score (FIELD-3946).
Fixed issues wherein the list of org repositories was limited to ten and was wrapping incorrectly (FIELD-3987).
Fixed an issue with the MSR web UI wherein the Teams page displayed no more than 10 users and 10 repositories and the Organizations page displayed no more than 10 teams (FIELD-4187).
Fixed an issue with the MSR web UI wherein the Add User button failed to display for organization owners (FIELD-4261).
Fixed an issue with the MSR web UI wherein performing a search from the left-side navigation panel produced search results that displayed on top of the background text (FIELD-4268).
Made improvements to MSR administrative actions to circumvent failures that can result from stale containers (FIELD-4270) (FIELD-4291).
Fixed an image signing regression issue that applies to MSR 2.9.3 and MSR 2.9.4 (FIELD-4320).
Known issues¶
The image signing functionality in MSR 2.9.3 and 2.9.4 is incompatible with other MSR versions.
Workaround:
For images signed by MSR 2.9.3 and 2.9.4 it is necessary to delete trust data and re-sign the images using MSR 2.9.5 (FIELD-4320).
Security information¶
Resolved the following OpenSSL vulnerabilities: CVE-2021-3711 and CVE-2021-3712 (FIELD-4387).
Resolved the following libxml2 vulnerability: vulnerability CVE-2021-3541 (FIELD-4394).
Resolved the following urlllib3 vulnerabilities: CVE-2021-33503 and CVE-2021-28363 (FIELD-4399).
Resolved the following curl vulnerabilities: CVE-2021-22945, CVE-2021-22946, CVE-2021-22926, CVE-2021-22922, CVE-2021-22947, CVE-2021-22925, and CVE-2021-22923 (FIELD-4401).