The Security Profiles Operator (SPO) uses the upstream version v0.8.3,
which contains critical CVEs. It cannot be upgraded to v0.9.1 because
the newer version requires a more recent AppArmor parser than the one
available in Debian Bullseye (2.13.6-10) to successfully parse the
default AppArmor profiles.
To address this, the SPO image has been custom-built from v0.8.3 with
fixes for the critical CVEs. The new image tag is stx.11.0-v0.8.3-1.
This commit updates the image tag in the SPO application code.
Test Plan:
PASS: AIO-SX application upload, apply, remove, and delete operations
PASS: CVE scan on stx.11.0-v0.8.3-1 image confirms no critical or
high CVEs reported
PASS: User-defined AppArmor profiles load successfully
Story: 2011408
Task: 52660
Depends-on: https://review.opendev.org/c/starlingx/root/+/957303
Change-Id: Ide0953e3dbcb994bc71479cc558fddd93b9158df
Signed-off-by: Md Irshad Sheikh <mdirshad.sheikh@windriver.com>
20aaa28c22