Fix CVE 22868 and 22869#320
Merged
xuezhaojun merged 2 commits intostolostron:backplane-2.8from Mar 24, 2025
Merged
Conversation
Upgrade go version to go 1.23 to fix oauth CVE. Signed-off-by: xuezhaojun <zxue@redhat.com>
Signed-off-by: xuezhaojun <zxue@redhat.com>
Contributor
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: xuezhaojun The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Author
|
/cherry-pick backplane-2.7 |
|
@xuezhaojun: #320 failed to apply on top of branch "backplane-2.7": DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
xuezhaojun
added a commit
that referenced
this pull request
Mar 26, 2025
* Move `ioutil` to `os`. (#172) Signed-off-by: xuezhaojun <zxue@redhat.com> * Fix e2e fail. (#176) Signed-off-by: xuezhaojun <zxue@redhat.com> * Fix: customized addon ns. (#175) Signed-off-by: xuezhaojun <zxue@redhat.com> * Remove replace since the CVE is fixed. (#174) Signed-off-by: xuezhaojun <zxue@redhat.com> * Remove temp logic. (#173) Signed-off-by: xuezhaojun <zxue@redhat.com> * Upgrade go version to 1.22. (#177) Signed-off-by: xuezhaojun <zxue@redhat.com> * Red Hat Konflux update cluster-proxy-addon-mce-28 (#180) Signed-off-by: red-hat-konflux <konflux@no-reply.konflux-ci.dev> Co-authored-by: red-hat-konflux <konflux@no-reply.konflux-ci.dev> * Ugrade go version in dockerfiles. (#190) Signed-off-by: xuezhaojun <zxue@redhat.com> * Upgrade base images and sperate build commands. (#191) Signed-off-by: xuezhaojun <zxue@redhat.com> * 🌱 [main] update konflux files (#192) * Formatting all tekton files Signed-off-by: zhujian <jiazhu@redhat.com> * Update konflux CEL from backplane-2.8 to main Signed-off-by: zhujian <jiazhu@redhat.com> * Create an OWNERS file for tekton files Signed-off-by: zhujian <jiazhu@redhat.com> --------- Signed-off-by: zhujian <jiazhu@redhat.com> * No-op to rebuild for Prow update (#193) Signed-off-by: Dale Haiducek <19750917+dhaiducek@users.noreply.github.com> * Update Konflux references (#195) Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> Co-authored-by: red-hat-konflux[bot] <126015336+red-hat-konflux[bot]@users.noreply.github.com> * Remove `--cipher-suites` in the chart for test. (#201) Signed-off-by: xuezhaojun <zxue@redhat.com> * chore(deps): update konflux references (#202) Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> Co-authored-by: red-hat-konflux[bot] <126015336+red-hat-konflux[bot]@users.noreply.github.com> * Remove vendor dependencies. (#207) Signed-off-by: xuezhaojun <zxue@redhat.com> * chore(deps): update konflux references to 9e33cbc (#208) Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> Co-authored-by: red-hat-konflux[bot] <126015336+red-hat-konflux[bot]@users.noreply.github.com> * Add "*.proxy" as HostNames in server certs of service-proxy. (#209) Signed-off-by: xuezhaojun <zxue@redhat.com> * chore: upgrade golang.org/x/net to v0.34.0 and golang.org/x/crypto to v0.32.0 (#210) Signed-off-by: xuezhaojun <zxue@redhat.com> * Fix e2e: remove bundle version latest of clusteradm (#220) Signed-off-by: xuezhaojun <zxue@redhat.com> * Fix: change to use `main` tag of cluster-proxy in e2e test (#223) Signed-off-by: xuezhaojun <zxue@redhat.com> * Update ANP patch to fix CVE-2024-45337, CVE-2024-45338 (#215) Signed-off-by: xuezhaojun <zxue@redhat.com> * chore(deps): update konflux references (#234) Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> Co-authored-by: red-hat-konflux[bot] <126015336+red-hat-konflux[bot]@users.noreply.github.com> * Update hostnames to "*.open-cluster-management.proxy" (#236) Signed-off-by: xuezhaojun <zxue@redhat.com> * chore(deps): update konflux references (#238) Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> Co-authored-by: red-hat-konflux[bot] <126015336+red-hat-konflux[bot]@users.noreply.github.com> * chore(deps): update konflux references (#244) Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> Co-authored-by: red-hat-konflux[bot] <126015336+red-hat-konflux[bot]@users.noreply.github.com> * Enable hermetic builds (#237) Signed-off-by: xuezhaojun <zxue@redhat.com> * chore(deps): update konflux references (#247) Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> Co-authored-by: red-hat-konflux[bot] <126015336+red-hat-konflux[bot]@users.noreply.github.com> * chore(deps): update konflux references (#250) Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> Co-authored-by: red-hat-konflux[bot] <126015336+red-hat-konflux[bot]@users.noreply.github.com> * chore(deps): update konflux references (#259) Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> Co-authored-by: red-hat-konflux[bot] <126015336+red-hat-konflux[bot]@users.noreply.github.com> * chore(deps): update konflux references (#268) Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> Co-authored-by: red-hat-konflux[bot] <126015336+red-hat-konflux[bot]@users.noreply.github.com> * chore(deps): update konflux references (#302) Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> Co-authored-by: red-hat-konflux[bot] <126015336+red-hat-konflux[bot]@users.noreply.github.com> * Shift service-proxy url from ExternalName to hostalais. (#317) (#319) Upgrade go version to go 1.23 to fix oauth CVE. Signed-off-by: xuezhaojun <zxue@redhat.com> * Fix CVE 22868 and 22869 (#320) * Shift service-proxy url from ExternalName to hostalais. (#317) Upgrade go version to go 1.23 to fix oauth CVE. Signed-off-by: xuezhaojun <zxue@redhat.com> * Upgrade ANP to fix cve issue. (#316) Signed-off-by: xuezhaojun <zxue@redhat.com> --------- Signed-off-by: xuezhaojun <zxue@redhat.com> --------- Signed-off-by: xuezhaojun <zxue@redhat.com> Signed-off-by: zhujian <jiazhu@redhat.com> Signed-off-by: Dale Haiducek <19750917+dhaiducek@users.noreply.github.com> Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com> Co-authored-by: red-hat-konflux[bot] <126015336+red-hat-konflux[bot]@users.noreply.github.com> Co-authored-by: red-hat-konflux <konflux@no-reply.konflux-ci.dev> Co-authored-by: Jian Zhu <jiazhu@redhat.com> Co-authored-by: Dale Haiducek <19750917+dhaiducek@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Related Bug: https://issues.redhat.com/browse/ACM-19160