Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Dockerfile for libssl3 and libcrypto3 CVE's #3783

Merged
merged 3 commits into from
Aug 6, 2023
Merged

Update Dockerfile for libssl3 and libcrypto3 CVE's #3783

merged 3 commits into from
Aug 6, 2023

Conversation

nshelke777
Copy link
Contributor

@nshelke777 nshelke777 commented Jul 13, 2023
edited

Description

Our Aquasec tool reported below High Vulnarability in libssl3:3.1.0-r4 and libcrypto3:3.1.0-r4. CVE's -
CVE-2023-2650

Fixes #ISSUE
This is fixed in 3.1.1-r0 so anything greater than this version is fine, thats why updating this to latest.
Checklist

  • Unit tests updated
  • End user documentation updated

@nshelke777
Update Dockerfile for libssl3 and libcrypto3 CVE's
77ec803 
Out Aquasec tool reported below High Vulnarability in libssl3:3.1.0-r4 and libcrypto3:3.1.0-r4.
CVE's -
CVE-2023-2650

This is fixed in 3.1.1-r0 so anything greater than this version is fine, thats why updating this to latest.
@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Jul 13, 2023
@k8s-ci-robot
Copy link
Contributor

Welcome @nshelke777!

It looks like this is your first PR to kubernetes-sigs/external-dns 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes-sigs/external-dns has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

@k8s-ci-robot k8s-ci-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Jul 13, 2023
@johngmyers
Copy link
Contributor

/ok-to-test

@k8s-ci-robot k8s-ci-robot added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label Jul 15, 2023
@johngmyers
Copy link
Contributor

/lgtm
/assign @seanmalloy

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jul 15, 2023
@nshelke777
Copy link
Contributor Author

@seanmalloy Can you merge this PR, it seems all checks have passed.

@Raffo
Copy link
Contributor

Raffo commented Aug 5, 2023

/approve

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Aug 5, 2023
@k8s-ci-robot k8s-ci-robot removed lgtm "Looks good to me", indicates that a PR is ready to be merged. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Aug 5, 2023
@Raffo
Copy link
Contributor

Raffo commented Aug 5, 2023

/approve
/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Aug 5, 2023
@mloiseleur
Copy link
Contributor

/test pull-external-dns-lint

@johngmyers
Copy link
Contributor

@Raffo looks like you unintentionally reverted the PR's change.

@nshelke777 please rebase

@Raffo
Copy link
Contributor

Raffo commented Aug 6, 2023

oh wow, sorry, I wanted to fix the merge conflict and did it totally wrong 🤦

@Raffo
Fix broken merge conflict
3ca96a5 
Signed-off-by: Raffaele Di Fazio <difazio.raffaele@gmail.com>
@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. and removed lgtm "Looks good to me", indicates that a PR is ready to be merged. labels Aug 6, 2023
@Raffo
Copy link
Contributor

Raffo commented Aug 6, 2023

Ok restored the change by pushing a commit myself, to make up for the mess to @nshelke777

@Raffo Raffo added the tide/merge-method-squash Denotes a PR that should be squashed by tide when it merges. label Aug 6, 2023
johngmyers
johngmyers approved these changes Aug 6, 2023
View reviewed changes
Copy link
Contributor

@johngmyers johngmyers left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Aug 6, 2023
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: johngmyers, mloiseleur, nshelke777, Raffo

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@Raffo
Copy link
Contributor

Raffo commented Aug 6, 2023

/test pull-external-dns-lint

@k8s-ci-robot k8s-ci-robot merged commit 725cdd0 into kubernetes-sigs:master Aug 6, 2023
15 checks passed
@nshelke777
Copy link
Contributor Author

@Raffo If possible can we have latest release of external-dns so that the CVE will be fixed in it? If not now, when will be the next release will heppen for external-dns.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@johngmyers johngmyers johngmyers approved these changes

@mloiseleur mloiseleur mloiseleur approved these changes

@seanmalloy seanmalloy Awaiting requested review from seanmalloy

@szuecs szuecs Awaiting requested review from szuecs

Assignees

@Raffo Raffo

@seanmalloy seanmalloy

@johngmyers johngmyers

@mloiseleur mloiseleur

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. tide/merge-method-squash Denotes a PR that should be squashed by tide when it merges.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@nshelke777 @k8s-ci-robot @johngmyers @Raffo @mloiseleur @seanmalloy