New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
update urllib to 1.26.5 for a CVE found in previous versions #210
Conversation
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cdoern The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
@TomSweeneyRedHat PTAL I think this is what is needed |
@jwhonce: GitHub didn't allow me to request PR reviews from the following users: jnovy. Note that only containers members and repo collaborators can review this PR, and authors cannot review their own PRs. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@cdoern would be good to mention the full CVE ID in the commit message. @jwhonce thanks, I'll check with @TomSweeneyRedHat and @jnovy on the package versions in RHEL |
Yes, please include the full CVE in the commit message. Also, in the description or a comment, please include a link to the BZ that this is fixing. As far as the versions go, Jindrich is the man to check with. |
@cdoern Please update so we can merge. |
resolves CVE-2020-26137 https://issues.redhat.com/browse/OCPBUGS-1926 Signed-off-by: Charlie Doern <cdoern@redhat.com>
sorry for the delay, I think this is set. |
/lgtm |
resolves GHSA-wqvq-5m8c-6g24
https://issues.redhat.com/browse/OCPBUGS-1926
Signed-off-by: Charlie Doern cdoern@redhat.com