# 4.14.5 Created: 2023-11-30 09:08:13 +0000 UTC Image Digest: `sha256:0ec9d715c717b2a592d07dd83860013613529fae69bc9eecb4b2d4ace679f6f3` Promoted from registry.ci.openshift.org/ocp/release:4.14.0-0.nightly-2023-11-29-164428 ## Changes from 4.14.4 ### Components * Kubernetes 1.27.6 * Red Hat Enterprise Linux CoreOS upgraded from 414.92.202311222314-0 to 414.92.202311281318-0 ### Rebuilt images without code change * [driver-toolkit](https://github.com/openshift/driver-toolkit) git [cafed17b](https://github.com/openshift/driver-toolkit/commit/cafed17b0c2b4cf8d8310304888787ed7adf7474) `sha256:3dc0ac6a3702bc31d58a44f756f55b2cfddb8211f160c12cbd0df3d38f921ba4` * [ironic-machine-os-downloader](https://github.com/openshift/ironic-rhcos-downloader) git [7b56c306](https://github.com/openshift/ironic-rhcos-downloader/commit/7b56c30661e39b212fc632e8e184c70b14dcf3a2) `sha256:90fb7d4d6cd7811483930ba246a324abfc37c37fd428dd7b4bb8ec03370b12fa` * machine-os-content `sha256:5b25c77c43b8d55b479dc9c1325d381003392ff277bf1044baecda26a5704fac` * rhel-coreos `sha256:ad55b4a24794675dac70b6ffca26208cfe8cf6e81a127fc1560774c167eaefe0` * rhel-coreos-extensions `sha256:68ce5e755897740c6947090fc295515561c700f5e57137c07e99801b2835a13c` ### [agent-installer-csr-approver, agent-installer-orchestrator](https://github.com/openshift/assisted-installer/tree/02dc1175d8d1278f94287d14899c66344cef9174) * [OCPBUGS-20049](https://issues.redhat.com/browse/OCPBUGS-20049): Remove uninitialized taint for agent-based installs (#753) [#753](https://github.com/openshift/assisted-installer/pull/753) * [Full changelog](https://github.com/openshift/assisted-installer/compare/9fd99e3861fc32b8a608bb0c81344435e32ad004...02dc1175d8d1278f94287d14899c66344cef9174) ### [alibaba-disk-csi-driver-operator](https://github.com/openshift/alibaba-disk-csi-driver-operator/tree/2ac2780e6b09d8b11a2064b8f7d1c5e946768343) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#71](https://github.com/openshift/alibaba-disk-csi-driver-operator/pull/71) * [Full changelog](https://github.com/openshift/alibaba-disk-csi-driver-operator/compare/7e0204aeee1770a98afb7ace4f3ccb5568c906e8...2ac2780e6b09d8b11a2064b8f7d1c5e946768343) ### [aws-ebs-csi-driver-operator](https://github.com/openshift/aws-ebs-csi-driver-operator/tree/8dac7fcdc597614acc5969a8d152ead2a28b9ad4) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#296](https://github.com/openshift/aws-ebs-csi-driver-operator/pull/296) * [Full changelog](https://github.com/openshift/aws-ebs-csi-driver-operator/compare/024bec5b1d318b874fd93d6e57018467d26333d1...8dac7fcdc597614acc5969a8d152ead2a28b9ad4) ### [cloud-credential-operator](https://github.com/openshift/cloud-credential-operator/tree/549cff9de8bc7a7bcf12eaa286bac04a7fc0b2f7) * [OCPBUGS-23986](https://issues.redhat.com/browse/OCPBUGS-23986): Use per-project custom roles instead of per-cluster custom roles [#631](https://github.com/openshift/cloud-credential-operator/pull/631) * [OCPBUGS-23426](https://issues.redhat.com/browse/OCPBUGS-23426): Explicitly set the vsphere secret credential data on sync. [#629](https://github.com/openshift/cloud-credential-operator/pull/629) * [Full changelog](https://github.com/openshift/cloud-credential-operator/compare/91fcc4a9058f184ee40795f539ebd15c21ba9af8...549cff9de8bc7a7bcf12eaa286bac04a7fc0b2f7) ### [cluster-csi-snapshot-controller-operator](https://github.com/openshift/cluster-csi-snapshot-controller-operator/tree/73dc400fbbbd7dc131c98199e3b5c5cac957ee83) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#174](https://github.com/openshift/cluster-csi-snapshot-controller-operator/pull/174) * [Full changelog](https://github.com/openshift/cluster-csi-snapshot-controller-operator/compare/5d8bae88fdceefd3cc6e9befe3da641839403d9c...73dc400fbbbd7dc131c98199e3b5c5cac957ee83) ### [cluster-etcd-operator](https://github.com/openshift/cluster-etcd-operator/tree/e29f97d93ca1c4fa423b871ad7f1b73bd64ed1d0) * Revert "[release-4.14] OCPBUGS-21802: remove revision stability check from bootstrap complet…" [#1168](https://github.com/openshift/cluster-etcd-operator/pull/1168) * [Full changelog](https://github.com/openshift/cluster-etcd-operator/compare/6bc9eabed8465234b1566cf001b6215e267abff5...e29f97d93ca1c4fa423b871ad7f1b73bd64ed1d0) ### [cluster-network-operator](https://github.com/openshift/cluster-network-operator/tree/73a1db2e64e320fd2584b85c68c0bc8bfe6010cc) * [OCPBUGS-22363](https://issues.redhat.com/browse/OCPBUGS-22363): Added HCP label to CNO pods [#2081](https://github.com/openshift/cluster-network-operator/pull/2081) * [OCPBUGS-22286](https://issues.redhat.com/browse/OCPBUGS-22286): hypershift: adjust backoff on infrastructure name retry [#2078](https://github.com/openshift/cluster-network-operator/pull/2078) * [Full changelog](https://github.com/openshift/cluster-network-operator/compare/75a0a6c043df981dcf8e23e78b5254d3a68bd5ee...73a1db2e64e320fd2584b85c68c0bc8bfe6010cc) ### [cluster-openshift-controller-manager-operator](https://github.com/openshift/cluster-openshift-controller-manager-operator/tree/77e0d6a07854665a7e9c8458db67e25d02da934a) * [OCPBUGS-23490](https://issues.redhat.com/browse/OCPBUGS-23490): Remove blockage of ConfigObserver by build informer has synced flag [#318](https://github.com/openshift/cluster-openshift-controller-manager-operator/pull/318) * [Full changelog](https://github.com/openshift/cluster-openshift-controller-manager-operator/compare/04cec68a4cd060be0f324db5d30f02476a85d20e...77e0d6a07854665a7e9c8458db67e25d02da934a) ### [cluster-storage-operator](https://github.com/openshift/cluster-storage-operator/tree/d212f20b9b2c639384baef9879af149ac259c014) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#416](https://github.com/openshift/cluster-storage-operator/pull/416) * [Full changelog](https://github.com/openshift/cluster-storage-operator/compare/8a467dd5f9f45fb7443dc4a37c875724e5698ae6...d212f20b9b2c639384baef9879af149ac259c014) ### [cluster-update-keys](https://github.com/openshift/cluster-update-keys/tree/e0c26a084139906e866d9eec89f05d2d3211b334) * [OCPBUGS-10126](https://issues.redhat.com/browse/OCPBUGS-10126): Updating ose-agent-installer-orchestrator images to be consistent with ART [#48](https://github.com/openshift/cluster-update-keys/pull/48) * [Full changelog](https://github.com/openshift/cluster-update-keys/compare/9dd3eedebc62725e806d7b52d640b70e61a96f98...e0c26a084139906e866d9eec89f05d2d3211b334) ### [gcp-pd-csi-driver-operator](https://github.com/openshift/gcp-pd-csi-driver-operator/tree/b39caeae907ca5c43e331a66b4ebe112d604f174) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#96](https://github.com/openshift/gcp-pd-csi-driver-operator/pull/96) * [Full changelog](https://github.com/openshift/gcp-pd-csi-driver-operator/compare/92376a4b846366ae3c7a61e5af895e3221d09703...b39caeae907ca5c43e331a66b4ebe112d604f174) ### [hypershift](https://github.com/openshift/hypershift/tree/686a17d9163c5882299326583a693e36e391dd46) * [OCPBUGS-24063](https://issues.redhat.com/browse/OCPBUGS-24063): fix(cpo): Set restart annotation on network-node-identity [#3248](https://github.com/openshift/hypershift/pull/3248) * release-4.14, HOSTEDCP-1315: Improve NodePool CPU arch & platform check [#3236](https://github.com/openshift/hypershift/pull/3236) * [OCPBUGS-22676](https://issues.redhat.com/browse/OCPBUGS-22676): Make the OLMCatalogPlacement field immutable [#3143](https://github.com/openshift/hypershift/pull/3143) * [OCPBUGS-23558](https://issues.redhat.com/browse/OCPBUGS-23558): Let router use svc ips 4.14 [#3221](https://github.com/openshift/hypershift/pull/3221) * [Full changelog](https://github.com/openshift/hypershift/compare/af252b2a1f2ad495f77e177e9e5c8efa7388af67...686a17d9163c5882299326583a693e36e391dd46) ### [ibm-vpc-block-csi-driver-operator](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/tree/504fbad135ee976d8b5baa846e9da46607262b46) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#91](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/pull/91) * [Full changelog](https://github.com/openshift/ibm-vpc-block-csi-driver-operator/compare/faf68eda7983c9e4c6cab158b067fe73ea594173...504fbad135ee976d8b5baa846e9da46607262b46) ### [ironic-agent](https://github.com/openshift/ironic-agent-image/tree/979149f6171a232355564ebc63dd258390b29c20) * [OCPBUGS-23751](https://issues.redhat.com/browse/OCPBUGS-23751): Update packages with latest fixes [#96](https://github.com/openshift/ironic-agent-image/pull/96) * [Full changelog](https://github.com/openshift/ironic-agent-image/compare/ed6e12a62fc40fc450ad394034769cc734acb5e5...979149f6171a232355564ebc63dd258390b29c20) ### [multus-networkpolicy](https://github.com/openshift/multus-networkpolicy/tree/cd6eae10a368d23b94530cdc2a2c2f2356d8cc02) * Update vendor package (#40) [#40](https://github.com/openshift/multus-networkpolicy/pull/40) * [Full changelog](https://github.com/openshift/multus-networkpolicy/compare/2440eebf5a922691e0dd483bbcddf00e9f63eb16...cd6eae10a368d23b94530cdc2a2c2f2356d8cc02) ### [oc-mirror](https://github.com/openshift/oc-mirror/tree/a9d1320cb1150a1aa25a2e67eb8bb2042fb8c9ac) * skipping prune failure if manifest not found (#735) [#735](https://github.com/openshift/oc-mirror/pull/735) * [Full changelog](https://github.com/openshift/oc-mirror/compare/d124cd5277ee9565f912aa6c0214e8d200f69cd6...a9d1320cb1150a1aa25a2e67eb8bb2042fb8c9ac) ### [openshift-apiserver](https://github.com/openshift/openshift-apiserver/tree/a9364565cd3471a9b718a3274b35970269d20e09) * : OCPBUGS-21464: Enable HTTP/2 CVE mitigation [#397](https://github.com/openshift/openshift-apiserver/pull/397) * [Full changelog](https://github.com/openshift/openshift-apiserver/compare/8e1cc19354fb9caa57a454f7fa3f883e73252083...a9364565cd3471a9b718a3274b35970269d20e09) ### [operator-lifecycle-manager, operator-registry](https://github.com/openshift/operator-framework-olm/tree/427c2db7b6ba237584c86d643551dd3037d682a1) * [OCPBUGS-20829](https://issues.redhat.com/browse/OCPBUGS-20829): [releaser-4.14] Fix apiserver vulnerability [#608](https://github.com/openshift/operator-framework-olm/pull/608) * [Full changelog](https://github.com/openshift/operator-framework-olm/compare/a470bab38bf678e25eb585550eaffb3959bd4bbd...427c2db7b6ba237584c86d643551dd3037d682a1) ### [vsphere-csi-driver-operator](https://github.com/openshift/vmware-vsphere-csi-driver-operator/tree/f46e4b57a7e96016b68d0c01f41d869ec1a1ffc8) * [OCPBUGS-22430](https://issues.redhat.com/browse/OCPBUGS-22430): disable http/2 server support in webhook [#182](https://github.com/openshift/vmware-vsphere-csi-driver-operator/pull/182) * [Full changelog](https://github.com/openshift/vmware-vsphere-csi-driver-operator/compare/f7afb6462c79317cc53c621084640860a4351788...f46e4b57a7e96016b68d0c01f41d869ec1a1ffc8) ### [vsphere-problem-detector](https://github.com/openshift/vsphere-problem-detector/tree/db5e66c6ff913207b2286db21c3da9d440fb0be9) * [OCPBUGS-23078](https://issues.redhat.com/browse/OCPBUGS-23078): CVE-2023-44487: bump github.com/openshift/library-go to release-4.14 [#138](https://github.com/openshift/vsphere-problem-detector/pull/138) * [Full changelog](https://github.com/openshift/vsphere-problem-detector/compare/6b359ea5b69636a00cfd5c4f81f0279cfd41401a...db5e66c6ff913207b2286db21c3da9d440fb0be9)