Skip to content

Commit 99956bf

Browse files
CarmiWisemonCarmiWisemon
committed
More known issues
1 parent 774b220 commit 99956bf

File tree

1 file changed

+13
-13
lines changed

1 file changed

+13
-13
lines changed

modules/oadp-release-notes-1-3-0.adoc

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -71,8 +71,8 @@ During interoperability testing, Red Hat OpenShift Container Platform 4.14 had t
7171
There was a regresssion in Pod Volume Backup (PVB) functionality when Velero was installed in several namespaces. The pod volume backup controller was not properly limiting itself to PVBs in its own namespace.
7272
link:https://issues.redhat.com/browse/OADP-2308[OADP-2308]
7373

74-
.CVE-2023-39325 A flaw was found in handling multiplexed streams in the HTTP/2 protocol.
75-
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. In previous releases of OADP, a client could repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This created extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, which resulted in a denial of service due to server resource consumption.
74+
.CVE-2023-39325 Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)
75+
In previous releases of OADP, the HTTP/2 protocol was susceptible to a denial of service attack because request cancellation could reset multiple streams quickly. The server had to set up and tear down the streams while not hitting any server-side limit for the maximum number of active streams per connection. This resulted in a denial of service due to server resource consumption
7676

7777
The following issues have been listed under this issue:
7878

@@ -90,7 +90,7 @@ The following issues have been listed under this issue:
9090
For more information, see link:https://access.redhat.com/security/cve/cve-2023-39325[CVE-2023-39325 (Rapid Reset Attack)]
9191

9292

93-
For a complete list of all issues resolved in this release, see the list of link:https://issues.redhat.com/browse/OADP-2819?filter=12422837[OADP 1.3.0 resolved issues] in Jira.
93+
For a complete list of all issues resolved in this release, see the list of link:https://issues.redhat.com/issues/?filter=12422837[OADP 1.3.0 resolved issues] in Jira.
9494

9595
[id="known-issues-1-3-0_{context}"]
9696
== Known issues
@@ -99,16 +99,20 @@ For a complete list of all issues resolved in this release, see the list of link
9999
The CSI plugin panics on nil pointer when `csiSnapshotTimeout` is set to a short duration. Sometimes it succeeds to complete the snapshot within a short duration, but often it panics with the backup `PartiallyFailed` with the following error: `plugin panicked: runtime error: invalid memory address or nil pointer dereference`. link:https://issues.redhat.com/browse/OADP-3069[OADP-3069]
100100

101101
.Backup is marked as PartiallyFailed when volumeSnapshotContent CR has an error
102-
If any of the `VolumeSnapshotContent` CR has an error related to removing `VolumeSnapshotBeingCreated` annotation it moves backup to `WaitingForPluginOperationsPartiallyFailed` phase. link:https://issues.redhat.com/browse/OADP-2871[OADP-2871]
102+
If any of the `VolumeSnapshotContent` CRs have an error related to removing the `VolumeSnapshotBeingCreated` annotation, it moves the backup to the `WaitingForPluginOperationsPartiallyFailed` phase. link:https://issues.redhat.com/browse/OADP-2871[OADP-2871]
103103

104104
.Performance issues when restoring 30k resources for the first time
105-
When restoring for the first time, without an existing-resource-policy, it takes twice as long as when restoring the second and third time, with an existing-resource-policy. link:https://issues.redhat.com/browse/OADP-3071[OADP-3071]
105+
When restoring 30k resources for the first time, without an existing-resource-policy, it takes twice as long to restore them, then it takes during the second and third try, with an existing-resource-policy. link:https://issues.redhat.com/browse/OADP-3071[OADP-3071]
106106

107107
.Post Restore Hooks might start running before Datadownload operation has released the related PV
108-
Due to the Asynchronous nature of the Data Mover operation a post-hook might be attempted before the related pods PV's are released by the Data Mover PVC.
108+
Due to the asynchronous nature of the Data Mover operation, a post-hook might be attempted, before the related pods PV's are released by the Data Mover PVC.
109109
link:https://issues.redhat.com/browse/OADP-3067[OADP-3067]
110110

111-
For a complete list of all known issues in this release, see the list of link:https://issues.redhat.com/browse/OADP-2688?filter=12422838[OADP 1.3.0 known issues] in Jira.
111+
.GCP-Workload Identity Federation VSL backup PartiallyFailed
112+
VSL backup `PartiallyFailed` when GCP workload identity is configured on GCP.
113+
link:https://issues.redhat.com/browse/OADP-3084[OADP-3084]
114+
115+
For a complete list of all known issues in this release, see the list of link:https://issues.redhat.com/issues/?filter=12422838[OADP 1.3.0 known issues] in Jira.
112116

113117
[id="upgrade-notes-1-3-0_{context}"]
114118
== Upgrade notes
@@ -305,18 +309,14 @@ dpa-sample-1 Available 1s 3d16h true
305309

306310
. Verify that the `PHASE` is in `Available`.
307311

308-
////
309-
The continuation from this point and on isn't in the XREF
310-
////
312+
In OADP 1.3 you can start data movement off cluster per backup vs. creating a DataProtectionApplication (DPA) configuration.
311313

312-
. In OADP 1.3 you can start data movement off cluster per backup vs. creating a DataProtectionApplication (DPA) configuration.
313-
+
314314
.Example
315315
[source,terminal]
316316
----
317317
velero backup create example-backup --include-namespaces mysql-persistent --snapshot-move-data=true
318318
----
319-
+
319+
320320
.Example
321321
[source,yaml]
322322
----

0 commit comments

Comments
 (0)