Skip to content

[cloud-provider-dynamix] Fix CVE#18152

Closed
ptrvsrg wants to merge 1 commit into
mainfrom
fix/cve_dynamix_cloud_provider
Closed

[cloud-provider-dynamix] Fix CVE#18152
ptrvsrg wants to merge 1 commit into
mainfrom
fix/cve_dynamix_cloud_provider

Conversation

@ptrvsrg

@ptrvsrg ptrvsrg commented Feb 26, 2026

Copy link
Copy Markdown
Member

Description

Fix CVEs in cloud-provider-dynamix module

Why do we need it, and what problem does it solve?

This PR updates vulnerable dependencies used in the cloud-provider-dynamix module and adjusts patch files for compatibility with newer component versions.

Why do we need it in the patch release (if we do)?

Removes CVEs detected by Trivy in all components
Updates dependencies to patched versions of Go and component libraries

Checklist

  • The code is covered by unit tests.
  • e2e tests passed.
  • Documentation updated according to the changes.
  • Changes were tested in the Kubernetes cluster manually.

Changelog entries

section: cloud-provider-dynamix
type: fix
summary: fix CVEs in cloud-provider-dynamix
impact_level: default

Signed-off-by: Sergey Petrov <sergey.petrov@flant.com>
@ptrvsrg ptrvsrg added this to the v1.76.0 milestone Feb 26, 2026
@ptrvsrg ptrvsrg self-assigned this Feb 26, 2026
@github-actions github-actions Bot added the area/cloud-provider Pull requests that update cloud providers modules label Feb 26, 2026
@ptrvsrg ptrvsrg changed the title fix CVE in terraform-manager-dynamix [cloud-provider-dynamix] Fix CVE Feb 26, 2026
@ptrvsrg ptrvsrg added the security/cve Run Trivy CVE Scan for Dev images on PR label Feb 26, 2026
@deckhouse-BOaTswain

deckhouse-BOaTswain commented Feb 26, 2026

Copy link
Copy Markdown
Collaborator

🟢 Trivy CVE scan on PR for deckhouse:fix/cve_dynamix_cloud_provider succeeded.

Workflow details

🟢 Trivy scan dev images succeeded.

@github-actions github-actions Bot added security/cve/success Trivy CVE scan on PR images passed and removed security/cve Run Trivy CVE Scan for Dev images on PR labels Feb 26, 2026
@ptrvsrg ptrvsrg added the security/cve Run Trivy CVE Scan for Dev images on PR label Mar 3, 2026
@deckhouse-BOaTswain

deckhouse-BOaTswain commented Mar 3, 2026

Copy link
Copy Markdown
Collaborator

🟢 Trivy CVE scan on PR for deckhouse:fix/cve_dynamix_cloud_provider succeeded.

Workflow details

🟢 Trivy scan dev images succeeded.

@github-actions github-actions Bot removed the security/cve Run Trivy CVE Scan for Dev images on PR label Mar 3, 2026
@penul4ik penul4ik modified the milestones: v1.76.0, v1.77.0 Apr 24, 2026
@ptrvsrg ptrvsrg closed this Jul 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area/cloud-provider Pull requests that update cloud providers modules security/cve/success Trivy CVE scan on PR images passed Stale

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants