Bug 2309720: CVE-2024-6104 cephcsi-container: go-retryablehttp: url might write sensitive information to log file #368
Conversation
|
@iPraveenParihar: This pull request references Bugzilla bug 2309720, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
iPraveenParihar
force-pushed
the
bz/2309720
branch
2 times, most recently
from
48a645e
to
2102e75
Compare
Bumps [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) from 0.7.1 to 0.7.7. - [Changelog](https://github.com/hashicorp/go-retryablehttp/blob/main/CHANGELOG.md) - [Commits](hashicorp/go-retryablehttp@v0.7.1...v0.7.7) --- updated-dependencies: - dependency-name: github.com/hashicorp/go-retryablehttp dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> (cherry picked from commit 2131a84)
iPraveenParihar
force-pushed
the
bz/2309720
branch
from
2102e75
to
9bed4f8
Compare
|
/bugzilla refresh |
|
@iPraveenParihar: This pull request references Bugzilla bug 2309720, which is valid. The bug has been moved to the POST state. 3 validation(s) were run on this bug
Requesting review from QA contact: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
@openshift-ci[bot]: GitHub didn't allow me to request PR reviews from the following users: keesturam. Note that only red-hat-storage members and repo collaborators can review this PR, and authors cannot review their own PRs. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/cc @Madhu-1 @Rakshith-R |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: iPraveenParihar, Madhu-1 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-merge-bot
bot
merged commit 867e6e1
into
red-hat-storage:release-4.15
|
@iPraveenParihar: All pull requests linked via external trackers have merged: Bugzilla bug 2309720 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Bumps github.com/hashicorp/go-retryablehttp from 0.7.1 to 0.7.7.
updated-dependencies:
Signed-off-by: dependabot[bot] support@github.com
(cherry picked from commit 2131a84)
Describe what this PR does
Provide some context for the reviewer
Is there anything that requires special attention
Do you have any questions?
Is the change backward compatible?
Are there concerns around backward compatibility?
Provide any external context for the change, if any.
For example:
Related issues
Mention any github issues relevant to this PR. Adding below line
will help to auto close the issue once the PR is merged.
Fixes: #issue_number
Future concerns
List items that are not part of the PR and do not impact it's
functionality, but are work items that can be taken up subsequently.
Checklist:
guidelines in the developer
guide.
Request
notes
updated with breaking and/or notable changes for the next major release.
Show available bot commands
These commands are normally not required, but in case of issues, leave any of
the following bot commands in an otherwise empty comment in this PR:
/retest ci/centos/<job-name>: retest the<job-name>after unrelatedfailure (please report the failure too!)