Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): Remediating CVEs found by trivy; CVE-2023-45142 on otelrestful and CVE-2023-48795 on golang.org/x/crypto #9513

Merged
merged 1 commit into from
Mar 5, 2024
Merged

chore(deps): Remediating CVEs found by trivy; CVE-2023-45142 on otelrestful and CVE-2023-48795 on golang.org/x/crypto #9513

merged 1 commit into from
Mar 5, 2024

Conversation

yitzhtal
Copy link
Contributor

Proposed Changes

Bumping versions in order to resolve CVE-2023-48795 and CVE-2023-45142.

Types of Changes

CVE remediation.

Verification

CI / Build and tests.

Testing

N/A

Linked Issues

N/A

User-Facing Change

N/A

Further Comments

N/A

@yitzhtal yitzhtal requested a review from a team as a code owner February 16, 2024 09:51
@yitzhaktal
fixing cves found by trivy; medium and highs
9f88bef 
Signed-off-by: Tal Yitzhak <taly@lightrun.com>
@codecov Codecov
Copy link

codecov bot commented Feb 17, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (085ccbb) 49.12% compared to head (9f88bef) 27.81%.
Report is 1 commits behind head on master.

Additional details and impacted files 
@@             Coverage Diff             @@
##           master    #9513       +/-   ##
===========================================
- Coverage   49.12%   27.81%   -21.31%     
===========================================
  Files         151      154        +3     
  Lines       13475    13527       +52     
===========================================
- Hits         6619     3763     -2856     
- Misses       5515     8977     +3462     
+ Partials     1341      787      -554
Flag Coverage Δ
e2etests ?
inttests 22.41% <ø> (-17.08%) ⬇️
unittests 15.95% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@yitzhtal
Copy link
Contributor Author

yitzhtal commented Mar 5, 2024

When can this be merged? @brandond @briandowns

@dereknola dereknola merged commit 2c4773a into k3s-io:master Mar 5, 2024
15 checks passed
dereknola pushed a commit to dereknola/k3s that referenced this pull request Mar 5, 2024
@yitzhtal @yitzhaktal @dereknola
chore(deps): Remediating CVEs found by trivy; CVE-2023-45142 on otelr…
ce044c4 
…estful and CVE-2023-48795 on golang.org/x/crypto (k3s-io#9513)

Signed-off-by: Tal Yitzhak <taly@lightrun.com>
Co-authored-by: Tal Yitzhak <taly@lightrun.com>
@dereknola dereknola mentioned this pull request Mar 5, 2024
Merged
dereknola pushed a commit to dereknola/k3s that referenced this pull request Mar 5, 2024
@yitzhtal @yitzhaktal @dereknola
chore(deps): Remediating CVEs found by trivy; CVE-2023-45142 on otelr…
a3c812a 
…estful and CVE-2023-48795 on golang.org/x/crypto (k3s-io#9513)

Signed-off-by: Tal Yitzhak <taly@lightrun.com>
Co-authored-by: Tal Yitzhak <taly@lightrun.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
@cguertin14 cguertin14 mentioned this pull request Mar 28, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brandond brandond brandond approved these changes

@briandowns briandowns briandowns approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@yitzhtal @brandond @briandowns @dereknola @yitzhaktal