Merge pull request #71785 from openshift-cherrypick-robot/cherry-pick-71232-to-enterprise-4.12

ShaunaDiaz · web-flow · commit 8586ebad8dda · 2024-02-16T16:55:10.000-05:00
[enterprise-4.12] Logging 5.8.3 Release Notes
diff --git a/logging/logging_release_notes/logging-5-8-release-notes.adoc b/logging/logging_release_notes/logging-5-8-release-notes.adoc
@@ -10,6 +10,8 @@ include::snippets/logging-compatibility-snip.adoc[]
 
 include::snippets/logging-stable-updates-snip.adoc[]
 
+include::modules/logging-release-notes-5-8-3.adoc[leveloffset=+1]
+
 include::modules/logging-release-notes-5-8-2.adoc[leveloffset=+1]
 
 include::modules/logging-release-notes-5-8-1.adoc[leveloffset=+1]
diff --git a/modules/logging-release-notes-5-8-3.adoc b/modules/logging-release-notes-5-8-3.adoc
@@ -0,0 +1,29 @@
+// module included in /logging/logging-5-8-release-notes
+:_mod-docs-content-type: REFERENCE
+[id="logging-release-notes-5-8-3_{context}"]
+= Logging 5.8.3
+This release includes link:https://access.redhat.com/errata/RHBA-2024:0693[Logging Bug Fix 5.8.3] and
+link:https://access.redhat.com/errata/RHSA-2024:0728[Logging Security Fix 5.8.3]
+
+[id="logging-release-notes-5-8-3-bug-fixes"]
+== Bug fixes
+* Before this update, when configured to read a custom S3 Certificate Authority the Loki Operator would not automatically update the configuration when the name of the ConfigMap or the contents changed. With this update, the Loki Operator is watching for changes to the ConfigMap and automatically updates the generated configuration. (link:https://issues.redhat.com/browse/LOG-4969[LOG-4969])
+
+* Before this update, Loki outputs configured without a valid URL caused the collector pods to crash. With this update, outputs are subject to URL validation, resolving the issue. (link:https://issues.redhat.com/browse/LOG-4822[LOG-4822])
+
+* Before this update the Cluster Logging Operator would generate collector configuration fields for outputs that did not specify a secret to use the service account bearer token. With this update, an output does not require authentication, resolving the issue. (link:https://issues.redhat.com/browse/LOG-4962[LOG-4962])
+
+* Before this update, the `tls.insecureSkipVerify` field of an output was not set to a value of `true` without a secret defined. With this update, a secret is no longer required to set this value. (link:https://issues.redhat.com/browse/LOG-4963[LOG-4963])
+
+* Before this update, output configurations allowed the combination of an insecure (HTTP) URL with TLS authentication. With this update, outputs configured for TLS authentication require a secure (HTTPS) URL. (link:https://issues.redhat.com/browse/LOG-4893[LOG-4893])
+
+[id="logging-release-notes-5-8-3-CVEs"]
+== CVEs
+* link:https://access.redhat.com/security/cve/CVE-2021-35937[CVE-2021-35937]
+* link:https://access.redhat.com/security/cve/CVE-2021-35938[CVE-2021-35938]
+* link:https://access.redhat.com/security/cve/CVE-2021-35939[CVE-2021-35939]
+* link:https://access.redhat.com/security/cve/CVE-2023-7104[CVE-2023-7104]
+* link:https://access.redhat.com/security/cve/CVE-2023-27043[CVE-2023-27043]
+* link:https://access.redhat.com/security/cve/CVE-2023-48795[CVE-2023-48795]
+* link:https://access.redhat.com/security/cve/CVE-2023-51385[CVE-2023-51385]
+* link:https://access.redhat.com/security/cve/CVE-2024-0553[CVE-2024-0553]
