Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

version: bump to 1.28.6 #8086

Merged
merged 3 commits into from
Apr 29, 2024
Merged

version: bump to 1.28.6 #8086

merged 3 commits into from
Apr 29, 2024

Conversation

haircommander
Copy link
Member

@haircommander haircommander commented Apr 29, 2024
edited

What type of PR is this?

What this PR does / why we need it:

Which issue(s) this PR fixes:

Special notes for your reviewer:

Does this PR introduce a user-facing change?

Fix CVE-2024-3154 , a security flaw where CRI-O allowed users to specify annotations that changed specific fields in the runtime. One consequence is a user can change the systemd properties of the container, allowing unsafe properties to be set by the runtime

@openshift-ci openshift-ci bot added do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. dco-signoff: yes Indicates the PR's author has DCO signed all their commits. labels Apr 29, 2024
@openshift-ci openshift-ci bot requested review from klihub and wgahnagl April 29, 2024 16:23
@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Apr 29, 2024
@kwilczynski kwilczynski changed the title bump to 1.28.6 version: bump to 1.28.6 Apr 29, 2024
@haircommander
Copy link
Member Author

/release-note-none

@openshift-ci openshift-ci bot added release-note-none Denotes a PR that doesn't merit a release note. and removed do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. labels Apr 29, 2024
@haircommander haircommander removed the release-note-none Denotes a PR that doesn't merit a release note. label Apr 29, 2024
@openshift-ci openshift-ci bot added the release-note Denotes a PR that will be considered when it comes time to generate release notes. label Apr 29, 2024
@haircommander
Copy link
Member Author

/kind bug

@openshift-ci openshift-ci bot added the kind/bug Categorizes issue or PR as related to a bug. label Apr 29, 2024
@haircommander
fix typo and lints of CVE-2024-3154 fix
a4f6048 
Signed-off-by: Peter Hunt <pehunt@redhat.com>
@haircommander
fix test for versions that set inactive-or-failed by default
54bec39 
Signed-off-by: Peter Hunt <pehunt@redhat.com>
@haircommander
bump to 1.28.6
7fedc44 
Signed-off-by: Peter Hunt <pehunt@redhat.com>
sohankunkerkar
sohankunkerkar approved these changes Apr 29, 2024
View reviewed changes
Copy link
Member

@sohankunkerkar sohankunkerkar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Apr 29, 2024
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Apr 29, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: haircommander, sohankunkerkar

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@sohankunkerkar
Copy link
Member

/hold

@openshift-ci openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Apr 29, 2024
@sohankunkerkar
Copy link
Member

wait until #8088 gets merged.

@sohankunkerkar
Copy link
Member

#8085 (comment)

/hold cancel

@openshift-ci openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Apr 29, 2024
@codecov Codecov
Copy link

codecov bot commented Apr 29, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 48.58%. Comparing base (24f50b9) to head (7fedc44).
Report is 8 commits behind head on release-1.28.

Additional details and impacted files 
@@              Coverage Diff              @@
##           release-1.28    #8086   +/-   ##
=============================================
  Coverage         48.57%   48.58%           
=============================================
  Files               136      136           
  Lines             15992    15992           
=============================================
+ Hits               7768     7769    +1     
+ Misses             7299     7298    -1     
  Partials            925      925

@openshift-merge-bot openshift-merge-bot bot merged commit 77bbb1c into cri-o:release-1.28 Apr 29, 2024
41 of 44 checks passed
@saschagrunert saschagrunert mentioned this pull request Jun 7, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kwilczynski kwilczynski kwilczynski left review comments

@sohankunkerkar sohankunkerkar sohankunkerkar approved these changes

@mrunalp mrunalp Awaiting requested review from mrunalp mrunalp is a code owner

@klihub klihub Awaiting requested review from klihub

@wgahnagl wgahnagl Awaiting requested review from wgahnagl

Assignees

@sohankunkerkar sohankunkerkar

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. dco-signoff: yes Indicates the PR's author has DCO signed all their commits. kind/bug Categorizes issue or PR as related to a bug. lgtm Indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@haircommander @sohankunkerkar @kwilczynski