RHDEVDOCS-4871 - Logging 5.5.6 Release Notes.

Author: libander

logging/cluster-logging-release-notes.adoc

@@ -13,6 +13,8 @@ include::snippets/logging-stable-updates-snip.adoc[]
 
 include::modules/cluster-logging-rn-5.6.adoc[leveloffset=+1]
 
+include::modules/cluster-logging-rn-5.5.6.adoc[leveloffset=+1]
+
 include::modules/cluster-logging-rn-5.5.5.adoc[leveloffset=+1]
 
 include::modules/cluster-logging-rn-5.5.4.adoc[leveloffset=+1]

modules/cluster-logging-rn-5.5.6.adoc

@@ -0,0 +1,53 @@
+//module included in cluster-logging-release-notes.adoc
+:_content-type: REFERENCE
+[id="cluster-logging-release-notes-5-5-6_{context}"]
+= Logging 5.5.6
+This release includes link:https://access.redhat.com/errata/RHBA-2023:0386[OpenShift Logging Bug Fix Release 5.5.6].
+
+== Known issues
+[id="openshift-logging-5-5-6-known-issues"]
+
+
+[id="openshift-logging-5-5-6-bug-fixes"]
+== Bug fixes
+* Before this update, the Pod Security admission controller added the label `podSecurityLabelSync = true` to the `openshift-logging` namespace. This resulted in our specified security labels being overwritten, and as a result Collector pods would not start. With this update, the label `podSecurityLabelSync = false` preserves security labels. Collector pods deploy as expected. (link:https://issues.redhat.com/browse/LOG-3340[LOG-3340])
+
+* Before this update, the Operator installed the console view plugin, even when it was not enabled on the cluster. This caused the Operator to crash. With this update, if an account for a cluster does not have the console view enabled, the Operator functions normally and does not install the console view. (link:https://issues.redhat.com/browse/LOG-3407[LOG-3407])
+
+* Before this update, a prior fix to support a regression where the status of the Elasticsearch deployment was not being updated caused the Operator to crash unless the `Red Hat Elasticsearch Operator` was deployed. With this update, that fix has been reverted so the Operator is now stable but re-introduces the previous issue related to the reported status. (link:https://issues.redhat.com/browse/LOG-3428[LOG-3428])
+
+* Before this update, the Loki Operator only deployed one replica of the LokiStack gateway regardless of the chosen stack size. With this update, the number of replicas is correctly configured according to the selected size. (link:https://issues.redhat.com/browse/LOG-3478[LOG-3478])
+
+* Before this update, records written to Elasticsearch would fail if multiple label keys had the same prefix and some keys included dots. With this update, underscores replace dots in label keys, resolving the issue. (link:https://issues.redhat.com/browse/LOG-3341[LOG-3341])
+
+* Before this update, the logging view plugin contained an incompatible feature for certain versions of {product-title}. With this update, the correct release stream of the plugin resolves the issue. (link:https://issues.redhat.com/browse/LOG-3467[LOG-3467])
+
+* Before this update, the reconciliation of the `ClusterLogForwarder` custom resource would incorrectly report a degraded status of one or more pipelines causing the collector pods to restart every 8-10 seconds. With this update, reconciliation of the `ClusterLogForwarder` custom resource processes correctly, resolving the issue. (link:https://issues.redhat.com/browse/LOG-3469[LOG-3469])
+
+* Before this change the spec for the `outputDefaults` field of the ClusterLogForwarder custom resource would apply the settings to every declared Elasticsearch output type. This change corrects the behavior to match the enhancement specification where the setting specifically applies to the default managed Elasticsearch store. (link:https://issues.redhat.com/browse/LOG-3342[LOG-3342])
+
+* Before this update, the the OpenShift CLI (oc) `must-gather` script did not complete because the OpenShift CLI (oc) needs a folder with write permission to build its cache. With this update, the OpenShift CLI (oc) has write permissions to a folder, and the `must-gather` script completes successfully. (link:https://issues.redhat.com/browse/LOG-3472[LOG-3472])
+
+* Before this update, the Loki Operator webhook server caused TLS errors. With this update, the Loki Operator webhook PKI is managed by the Operator Lifecycle Manager's dynamic webhook management resolving the issue. (link:https://issues.redhat.com/browse/LOG-3511[LOG-3511])
+
+[id="openshift-logging-5-5-6-CVEs"]
+== CVEs
+* link:https://access.redhat.com/security/cve/CVE-2021-46848[CVE-2021-46848]
+* link:https://access.redhat.com/security/cve/CVE-2022-2056[CVE-2022-2056]
+* link:https://access.redhat.com/security/cve/CVE-2022-2057[CVE-2022-2057]
+* link:https://access.redhat.com/security/cve/CVE-2022-2058[CVE-2022-2058]
+* link:https://access.redhat.com/security/cve/CVE-2022-2519[CVE-2022-2519]
+* link:https://access.redhat.com/security/cve/CVE-2022-2520[CVE-2022-2520]
+* link:https://access.redhat.com/security/cve/CVE-2022-2521[CVE-2022-2521]
+* link:https://access.redhat.com/security/cve/CVE-2022-2867[CVE-2022-2867]
+* link:https://access.redhat.com/security/cve/CVE-2022-2868[CVE-2022-2868]
+* link:https://access.redhat.com/security/cve/CVE-2022-2869[CVE-2022-2869]
+* link:https://access.redhat.com/security/cve/CVE-2022-2953[CVE-2022-2953]
+* link:https://access.redhat.com/security/cve/CVE-2022-2964[CVE-2022-2964]
+* link:https://access.redhat.com/security/cve/CVE-2022-4139[CVE-2022-4139]
+* link:https://access.redhat.com/security/cve/CVE-2022-35737[CVE-2022-35737]
+* link:https://access.redhat.com/security/cve/CVE-2022-42010[CVE-2022-42010]
+* link:https://access.redhat.com/security/cve/CVE-2022-42011[CVE-2022-42011]
+* link:https://access.redhat.com/security/cve/CVE-2022-42012[CVE-2022-42012]
+* link:https://access.redhat.com/security/cve/CVE-2022-42898[CVE-2022-42898]
+* link:https://access.redhat.com/security/cve/CVE-2022-43680[CVE-2022-43680]