Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[grafana] fix cve-2021-25742 #1481

Merged
merged 2 commits into from
Jun 11, 2022
Merged

[grafana] fix cve-2021-25742 #1481

merged 2 commits into from
Jun 11, 2022

Conversation

zanac1986
Copy link
Contributor

Signed-off-by: zanac1986 zanhsieh@protonmail.com

@zanac1986
fix cve-2021-25742
88c023a 
Signed-off-by: zanac1986 <zanhsieh@protonmail.com>
@zanac1986
fix cve-2021-25742
fda5e90 
Signed-off-by: zanac1986 <zanhsieh@protonmail.com>
@zanhsieh zanhsieh changed the title fix cve-2021-25742 [grafana] fix cve-2021-25742 Jun 11, 2022
@zanhsieh zanhsieh merged commit 7cdf73f into grafana:main Jun 11, 2022
@afirth
Copy link
Contributor

afirth commented Jun 28, 2022

Hello,

This configuration is only valid on the ingress-nginx configmap, but you seem to have applied it to the grafana configmap. Is there another meaning of this annotation in grafana-land? Otherwise, I'm pretty sure you can't "fix" this here. I assume you got here from this linter but this linter is wrong. It only applies to the ingress-nginx configmap - not all configmaps in the cluster (that would be a K8s vulnerability, not an ingress-nginx one). Suggest to revert. I will open an issue too.

Thanks for all the hard work maintaining!

This was referenced Jun 28, 2022
Closed
Merged
zanhsieh added a commit that referenced this pull request Jun 29, 2022
@zanhsieh
Merge pull request #1543 from afirth/2022-06-28-revert-1481
b356024 
[grafana] Revert #1481
@zanac1986 zanac1986 deleted the fix-cve-2021-25742 branch October 16, 2022 01:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zanhsieh zanhsieh zanhsieh approved these changes

@maorfr maorfr Awaiting requested review from maorfr maorfr is a code owner

@torstenwalter torstenwalter Awaiting requested review from torstenwalter torstenwalter is a code owner

@Xtigyro Xtigyro Awaiting requested review from Xtigyro Xtigyro is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@zanac1986 @afirth @zanhsieh