Red Hat Advanced Cluster Security for Kubernetes 3.0.62 includes feature enhancements, bug fixes, scale improvements, and other changes.

Release date: June 30, 2021

New features

Compliance Operator integration

Red Hat Advanced Cluster Security for Kubernetes now supports OpenShift Container Platform configuration compliance standards through an integration with the OpenShift Container Platform Compliance Operator. In addition, it allows you to measure and report on configuration security best practices for OpenShift Container Platform.

Alpine image vulnerability feed updates

Red Hat Advanced Cluster Security for Kubernetes now supports vulnerability feeds for the Alpine Edge and Alpine version 3.14 development branches.

Important bug fix

  • ROX-7420: Previously, alert notifications would not trigger when the admission controller blocked a deployment from being created because of a policy violation.

Important system changes

  • Red Hat Advanced Cluster Security for Kubernetes crypto miner policy now supports the miner 'xmrig' by default. It addresses some currently active crypto-mining campaigns.

  • Red Hat Advanced Cluster Security for Kubernetes no longer marks the Alpine image version 3.2-3.7 as stale because these versions are still receiving updates.

  • Improved logging for errors if no registry integration exists in Red Hat Advanced Cluster Security for Kubernetes.

  • Improved network graph lookup performance and collector performance.

Release tag version change

The next release and the subsequent releases of Red Hat Advanced Cluster Security for Kubernetes will use the updated version number convention as major-release.minor-release.patch-release.

Therefore the version for the next release of Red Hat Advanced Cluster Security for Kubernetes will be 3.63.

Image versions

Image Description Current version

Main

It includes Central, Sensor, Admission Controller, and Compliance. It also includes roxctl for use in CI (continuous integration) systems.

registry.redhat.io/rh-acs/main:3.0.62.0

Scanner

Scans images and nodes.

registry.redhat.io/rh-acs/scanner:2.16.0

Scanner DB

Stores image scan results and vulnerability definitions.

registry.redhat.io/rh-acs/scanner-db:2.16.0

Collector

Collects runtime activity in Kubernetes or OpenShift Container Platform clusters.

registry.redhat.io/rh-acs/collector:3.1.27-latest