|
| 1 | +// Module included in the following assemblies: |
| 2 | +// |
| 3 | +// * migration_toolkit_for_containers/mtc-release-notes.adoc |
| 4 | +:_mod-docs-content-type: REFERENCE |
| 5 | +[id="migration-mtc-release-notes-1-7-15_{context}"] |
| 6 | += {mtc-full} 1.7.15 release notes |
| 7 | + |
| 8 | +[id="resolved-issues-1-7-15_{context}"] |
| 9 | +== Resolved issues |
| 10 | + |
| 11 | +This release has the following resolved issues: |
| 12 | + |
| 13 | +.CVE-2024-24786: A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop |
| 14 | + |
| 15 | +A flaw was found in the `protojson.Unmarshal` function that could cause the function to enter an infinite loop when unmarshaling certain forms of invalid JSON messages. This condition could occur when unmarshaling into a message that contained a `google.protobuf.Any` value or when the `UnmarshalOptions.DiscardUnknown` option was set in a JSON-formatted message. |
| 16 | + |
| 17 | +To resolve this issue, upgrade to {mtc-short} 1.7.15. |
| 18 | + |
| 19 | +For more details, see link:https://access.redhat.com/security/cve/CVE-2024-24786[(CVE-2024-24786)]. |
| 20 | + |
| 21 | +.CVE-2024-28180: `jose-go` improper handling of highly compressed data |
| 22 | + |
| 23 | +A vulnerability was found in Jose due to improper handling of highly compressed data. An attacker could send a JSON Web Encryption (JWE) encrypted message that contained compressed data that used large amounts of memory and CPU when decompressed by the `Decrypt` or `DecryptMulti` functions. |
| 24 | + |
| 25 | +To resolve this issue, upgrade to {mtc-short} 1.7.15. |
| 26 | + |
| 27 | +For more details, see link:https://access.redhat.com/security/cve/CVE-2024-28180[(CVE-2024-28180)]. |
| 28 | + |
| 29 | + |
| 30 | +[id="known-issues-1-7-15_{context}"] |
| 31 | +== Known issues |
| 32 | + |
| 33 | +This release has the following known issues: |
| 34 | + |
| 35 | +.Direct Volume Migration is failing as the Rsync pod on the source cluster goes into an `Error` state |
| 36 | + |
| 37 | +On migrating any application with Persistent Volume Claim (PVC), the `Stage` migration operation succeeds with warnings, and Direct Volume Migration (DVM) fails with the `rsync` pod on the source namespace going into an `error` state. link:https://bugzilla.redhat.com/show_bug.cgi?id=2256141[(BZ#2256141)] |
| 38 | + |
| 39 | +.The conflict condition is briefly cleared after it is created |
| 40 | + |
| 41 | +When creating a new state migration plan that results in a conflict error message, the error message is cleared shortly after it is displayed. link:https://bugzilla.redhat.com/show_bug.cgi?id=2144299[(BZ#2144299)] |
| 42 | + |
| 43 | +.Migration fails when there are multiple Volume Snapshot Locations (VSLs) of different provider types configured in a cluster with no specified default VSL. |
| 44 | + |
| 45 | +When there are multiple VSLs in a cluster with different provider types, and you set none of them as the default VSL, Velero results in a validation error that causes migration operations to fail. link:https://bugzilla.redhat.com/show_bug.cgi?id=2180565[(BZ#2180565)] |
0 commit comments