Red Hat SummitChapter 9. Patch releases
Security, bug fixes, and enhancements for Ansible Automation Platform 2.6 are released as asynchronous erratas. All Ansible Automation Platform erratas are available on the Download Red Hat Ansible Automation Platform page.
As a Red Hat Customer Portal user, you can enable errata notifications in the account settings for Red Hat Subscription Management (RHSM). When errata notifications are enabled, you receive notifications through email whenever new erratas relevant to your registered systems are released.
Red Hat Customer Portal user accounts must have systems registered and consuming Ansible Automation Platform entitlements for Ansible Automation Platform errata notification emails to generate.
The patch releases section of the release notes will be updated over time to give notes on enhancements and bug fixes for patch releases of Ansible Automation Platform 2.6.
9.1. Ansible Automation Platform patch release October 28, 2025
This release includes the following components and versions:
| Release Date | Component versions |
|---|---|
| October 28, 2025 |
|
CSV Versions in this release:
- Namespace-scoped Bundle: aap-operator.v2.6.0-0.1761281301
- Cluster-scoped Bundle: aap-operator.v2.6.0-0.1761281346
9.1.1. CVE
With this update, the following CVEs have been addressed:
CVE-2025-59682 python-django: Potential partial directory-traversal via archive.extract().(AAP-54755)
CVE-2025-9908 event-driven-ansible: Sensitive internal headers disclosure in Ansible Automation Platform Event-Driven Ansible event streams.(AAP-53582)
CVE-2025-9907 event-driven-ansible: Event stream test mode exposes sensitive headers in Ansible Automation Platform Event-Driven Ansible.(AAP-53580)
CVE-2025-59343 automation-platform-ui: tar-fs symlink validation bypass.(AAP-54392)
CVE-2025-58754 automation-platform-ui: Axios DoS via lack of data size check.(AAP-53718)
9.1.2. Ansible Automation Platform
9.1.2.1. Features
- Added a step in the subscription wizard that allows the user to configure automation analytics.(AAP-55094)
- Added two new toggle options on the subscription wizard to allow for fetching subscriptions using basic authentication.(AAP-47865)
9.1.2.2. Bug Fixes
-
Fixed an issue where the
ansible-builderandansible-navigatordid not use execution environment images from ansible-automation-platform-26 namespace by default.(AAP-54934) - Fixed an issue where the settings did not display Red Hat consistently in the API and UI.(AAP-54276)
- Fixed an issue where the decision environment dropdown was broken. Replaced the dropdown type for decision environments in the rulebook activation form so that when there are no decision environments available, the dropdown displays No results found instead of an empty dropdown.(AAP-53844)
-
Fixed an issue where creating resources with
cookie/xcrftoken failed. Aligned dependency versions between Konflux build and component repository.(AAP-53561) - Fixed an issue where the component label for the Platform Auditor role did not display all components.(AAP-53551)
- Fixed an issue where empty strings were displayed in the extra variables field on the Jobs > Details page.(AAP-49448)
- Fixed an issue where the Load More in authentication mapping role dropdown did not work.(AAP-54049) HubName
- Fixed an issue where the user was unable to create Event-Driven Ansible or automation hub roles when creating a custom role and selecting the Automation Decisions project or credential types because the UI displayed only the automation controller permissions.(AAP-54756) ControllerName
- Fixed an issue where the PatternFly 6 Upgrade broke the Ansible Automation Platform topology layout and fullscreen mode.(AAP-51106)
-
Fixed an issue where some fields were missing
autocomplete = new-passwordsetting.(AAP-55783) - Fixed an issue where the user was unable to select the default execution environment in the automation settings page.(AAP-39321)
-
Fixed an issue where the LDAP Group Type parameters failed to save user preferences when the language was initially set to
es_ES, resulting in a wrong version displayed on the user interface due to an uninitialized translation object.(AAP-56356) - Fixed an issue that prevented SAML and AzureAD authentication when local user accounts share the same email address.(AAP-56518)
9.1.2.3. Deprecated
- Subscription credentials can no longer be viewed/edited from the system settings page.(AAP-55014)
9.1.3. Ansible Automation Platform Operator
9.1.3.1. Bug Fixes
- Fixed an issue where the Ansible Lightspeed API version did not work during Ansible Automation Platform idle.(AAP-54174)
- Fixed an issue that caused a failure to gather the job data from the controller API.(AAP-55632)
- Fixed a bug where the user could set an image without the respective version, causing the installation to enter an error loop.(AAP-55642)
- Fixed an issue where the backup and restore Ansible Automation Platform instance failed, from cluster A to cluster B, when restoring an upgraded AAP environment from 2.4.(AAP-55648)
9.1.4. Red Hat Ansible Lightspeed
9.1.4.1. Features
Ability to deploy Red Hat Ansible Lightspeed on new containerized installations of Ansible Automation Platform 2.6
You can deploy and use Red Hat Ansible Lightspeed when you install or upgrade to a containerized installation of Ansible Automation Platform 2.6.
Red Hat Ansible Lightspeed includes two main components that enhance your automation experience with generative artificial intelligence (AI):
Ansible Lightspeed intelligent assistant, which is an AI-powered, intuitive chat interface embedded within the Ansible Automation Platform.
The integration of Red Hat Ansible Lightspeed intelligent assistant with the Model Context Protocol (MCP) server is available as a Technology Preview release. This integration enhances the user experience by delivering relevant, dynamically sourced data results to your queries.
Technology Preview features are not supported with Red Hat production service level agreements (SLAs) and might not be functionally complete. Red Hat does not recommend using them in production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process. For more information about the support scope of Red Hat Technology Preview features, see Technology Preview Features Support Scope.
Ansible Lightspeed coding assistant, which is a generative AI service that works with IBM watsonx Code Assistant to help developers create and maintain Ansible content more efficiently.
For more information, see Deploying Red Hat Ansible Lightspeed on containerized Ansible Automation Platform in the containerized install user guide.
9.1.4.2. Enhancements
-
Added
postgres_extra_settingsto Ansible Automation Platform operators to apply PostgreSQL configuration file level changes to managed postgres.(AAP-55053)
9.1.5. Automation controller
9.1.5.1. Enhancements
- Added support for Red Hat username and password for the subscription management API.(AAP-54975)
9.1.5.2. Bug Fixes
-
Fixes the
system_administratorrole creation race condition which most commonly happened on new Openshift deployments resulting in the default instance group not being created.(AAP-54963) - Fixed an issue where the Controller container file was missing the metrics utility in version 2.6.(AAP-54948)
-
Fixed an issue where the
awx.awx.licenseappeared to succeed when given an invalid pool/subscription.(AAP-54768) -
Fixed an issue where the
ansible.platformcollection did not work with the default Red Hat Ansible Automation Platform credential type.(AAP-41000) -
Fixed an issue where there was a duplicate value (
subsystem_metrics_pipe_execute_seconds) detected under api/controller/v2/metrics/ on Ansible Automation Platform 2.5.(AAP-55621) - Fixed an issue where the platform auditor did not have access to controller settings.(AAP-55607)
9.1.6. Automation hub
9.1.6.1. Enhancements
- Fixed an HTTP 500 error when getting /api/galaxy/_ui/v2/users/3/.(AAP-54260)
9.1.6.2. Bug Fixes
- Fixed an HTTP 500 error when getting /api/galaxy/_ui/v2/users/3/.(AAP-54260)
9.1.7. Container-based Ansible Automation Platform
9.1.7.1. Enhancements
- Implemented preflight ansible-core version validation.(AAP-54932)
9.1.7.2. Bug Fixes
-
Fixed an issue where
REDHAT_CANDLEPIN_VERIFYwas not being used for the correct CA permissions so that the controller could not make requests to subscription.rhsm.redhat.com.(AAP-55180)
9.1.8. RPM-based Ansible Automation Platform
9.1.8.1. Bug Fixes
-
Fixed an issue where setting
automationgateway_disable_https=falseresulted in install failure.(AAP-55466) -
Fixed an issue where
RESOURCE_KEY SECRET_KEYwas not updated when restoring from a different environment.(AAP-54942) - Fixed an issue where Event-Driven Ansible DE credentials failed to populate on initial installation.(AAP-54519)
Fixed an issue where the envoy.log for automation gateway did not receive logs after it was rotated.(AAP-51779)
Fixed an issue where REDHAT_CANDLEPIN_VERIFY was not being used for the correct CA permissions so that the controller could not make requests to subscription.rhsm.redhat.com.(AAP-55183)
9.1.9. Event-Driven Ansible
9.1.9.1. Features
- Changes in the deployment and nginx configuration now allow for gunicorn and daphne to bind to :: as well, essentially allowing for seamlessly binding to IPv4 and IPv6 (dual-stack) addresses, while also enabling the operator to run in single-stack IPv6 or IPv4 scenarios.(AAP-56192)
9.1.10. Receptor
9.1.10.1. Bug Fixes
Fixed an issue where there was stability issue on long-running jobs, clusters under heavy load, and network flakiness.(AAP-53742)
9.2. Ansible Automation Platform patch release October 16, 2025
This release includes the following components and versions:
| Release Date | Component versions |
|---|---|
| October 16, 2025 |
|
CSV Versions in this release:
- Namespace-scoped Bundle: aap-operator.v2.6.0-0.1760139263
- Cluster-scoped Bundle: aap-operator.v2.6.0-0.1760139657
9.2.1. Ansible Automation Platform
9.2.1.1. Bug Fixes
- Fixed an issue where the claims processing failed to migrate services during the post-migrate upgrade process.(AAP-55631)
9.2.2. Automation controller
9.2.2.1. Bug Fixes
- Fixed an issue where the Ansible Automation Platform upgrade would be marked as failed if a single authenticator failed to migrate.(AAP-55629)
9.2.3. Automation hub
9.2.3.1. Bug Fixes
- Fixed a global galaxy team role migration issue that could occur during the post-migrate upgrade process.(AAP-55304)
- Fixed an issue caused by a constraint violation during migrations.(AAP-55309)
-
Fixed an issue from
aap-gateway-manage,migrate_service_data, that states Role definition content type must be null to assign globally, which was due to permissions in hub that failed validation.(AAP-55639)
9.3. Ansible Automation Platform patch release October 6, 2025
This release includes the following components and versions:
| Release Date | Component versions |
|---|---|
| October 6, 2025 |
|
CSV Versions in this release:
- Namespace-scoped Bundle: aap-operator.v2.6.0-0.1759764484
- Cluster-scoped Bundle: aap-operator.v2.6.0-0.1759764962
9.3.1. Automation hub
- Fixed an issue where the automation hub collections in 2.6 could not be pulled with Ansible Galaxy due to incorrect dynamic http logic. This issue only affects the Red Hat Ansible Automation Platform Operator installation.(AAP-55099)
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}