Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2024-45590 odh-dashboard-container: Denial of Service Vulnerability in body-parser [rhoai-2.13] #3336

Merged
merged 1 commit into from
Oct 15, 2024
Merged

CVE-2024-45590 odh-dashboard-container: Denial of Service Vulnerability in body-parser [rhoai-2.13] #3336

merged 1 commit into from
Oct 15, 2024
+177 −77

Conversation

DaoDaoNoCode
Copy link
Member

@DaoDaoNoCode DaoDaoNoCode commented Oct 15, 2024
edited
Loading

CVE fix for JIRA: https://issues.redhat.com/browse/RHOAIENG-13432
Refer to the changes in #3188
Override packages:
express: 4.19.2 -> 4.20.0
body-parser: 1.20.2 -> 1.20.3

@DaoDaoNoCode DaoDaoNoCode force-pushed the rhoai-2.13-cve-2024-45590-fix-1 branch from b38e9bc to 1bb0cfd Compare October 15, 2024 19:38
Gkrumbach07
Gkrumbach07 approved these changes Oct 15, 2024
View reviewed changes
Copy link
Member

@Gkrumbach07 Gkrumbach07 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Oct 15, 2024
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Oct 15, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Gkrumbach07

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@DaoDaoNoCode DaoDaoNoCode mentioned this pull request Oct 15, 2024
Merged
@DaoDaoNoCode DaoDaoNoCode force-pushed the rhoai-2.13-cve-2024-45590-fix-1 branch from 1bb0cfd to cd44b7d Compare October 15, 2024 22:10
@openshift-ci openshift-ci bot removed the lgtm label Oct 15, 2024
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Oct 15, 2024

New changes are detected. LGTM label has been removed.

@openshift-merge-bot openshift-merge-bot bot merged commit 4b7a9d3 into opendatahub-io:v2.26.0-fixes Oct 15, 2024
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Gkrumbach07 Gkrumbach07 Gkrumbach07 approved these changes

@manaswinidas manaswinidas Awaiting requested review from manaswinidas

@mturley mturley Awaiting requested review from mturley

@christianvogt christianvogt Awaiting requested review from christianvogt

Assignees

@Gkrumbach07 Gkrumbach07

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@DaoDaoNoCode @Gkrumbach07