Skip to content

Commit ce09e20

Browse files
kcarmichael08kcarmichael08
committed
Patch release notes for 4.7.6
1 parent 5705ad9 commit ce09e20

File tree

2 files changed

+24
-1
lines changed

2 files changed

+24
-1
lines changed

modules/common-attributes.adoc

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,8 +58,9 @@ endif::[]
5858
:osp: Red{nbsp}Hat OpenShift
5959
:olm-first: Operator Lifecycle Manager (OLM)
6060
:olm: OLM
61-
:rhacs-version: 4.7.5
61+
:rhacs-version: 4.7.6
6262
:ga-date-475: 22 July 2025
63+
:ga-date-476: 18 August 2025
6364
:ocp-supported-version: 4.12
6465
:ocp-latest-version: 4.19
6566
:plugin-acs-latest-version: 0.0.4

release_notes/47-release-notes.adoc

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ toc::[]
2121
|`4.7.3` | 15 May 2025
2222
|`4.7.4` | 11 June 2025
2323
|`4.7.5` | {ga-date-475}
24+
|`4.7.6` | {ga-date-476}
2425

2526

2627
|====
@@ -503,4 +504,25 @@ This release provides fixes for the following security issues:
503504

504505
* Flaw in `net/http` allowed request smuggling due to improper handling of bare line feed (LF) in chunked data (link:https://access.redhat.com/security/cve/cve-2025-22871[CVE-2025-22871])
505506

507+
[id="about-release-476_{context}"]
508+
== About release version 4.7.6
509+
510+
*Release date*: {ga-date-476}
511+
512+
This release of {product-title-short} 4.7 provides the following bug fixes:
513+
514+
//ROX-30366
515+
* Before this update, the upgrade to Golang gRPC 1.67 and later caused problems with gRPC connections that affected multiple users. This issue prevented gRPC connections and blocked communications between Central and Sensor. With this release, the GRPC_ENFORCE_ALPN_ENABLED flag has been added in {product-title-short}. The default value disables the Application-Layer Protocol Negotiation (ALPN) enforcement, and therefore allows the connection between Sensor and Central as well as the communication between the components.
516+
517+
This release also addresses the following security vulnerabilities:
518+
519+
* GNOME Glib flaw (link:https://access.redhat.com/security/cve/CVE-2024-34397[CVE-2024-34397])
520+
* Requests HTTP library flaw (link:https://access.redhat.com/security/cve/CVE-2024-47081[CVE-2024-47081])
521+
* Glib library flaws (link:https://access.redhat.com/security/cve/CVE-2024-52533[CVE-2024-52533], (link: https://access.redhat.com/security/cve/CVE-2025-4373[CVE-2025-4373])
522+
* Memory corruption flaw in SQLite (link:https://access.redhat.com/security/cve/CVE-2025-6965[CVE-2025-6965])
523+
* Flaw in libxslt (link:https://access.redhat.com/security/cve/CVE-2025-7425[CVE-2025-7425])
524+
* Double-free vulnerability in glibc (link:https://access.redhat.com/security/cve/CVE-2025-8058[CVE-2025-8058])
525+
* Flaw in libxml2 library (link:https://access.redhat.com/security/cve/CVE-2025-32415[CVE-2025-32415])
526+
* Perl standard library threads component flaw (link:https://access.redhat.com/security/cve/CVE-2025-40909[CVE-2025-40909])
527+
506528
include::modules/image-versions.adoc[leveloffset=+1]

0 commit comments

Comments
 (0)