Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump github.com/cloudflare/cfssl to fix indirect deps DOS vulnerability #7067

Merged
merged 4 commits into from
Sep 14, 2023
Merged

Bump github.com/cloudflare/cfssl to fix indirect deps DOS vulnerability #7067

merged 4 commits into from
Sep 14, 2023

Conversation

TiberiuGC
Copy link
Collaborator

@TiberiuGC TiberiuGC commented Sep 14, 2023
edited

Description

Fixes https://github.com/eksctl-io/eksctl/security/dependabot/25

Checklist

  • Added tests that cover your change (if possible)
  • Added/modified documentation as required (such as the README.md, or the userdocs directory)
  • Manually tested
  • Made sure the title of the PR is a good description that can go into the release notes
  • (Core team) Added labels for change area (e.g. area/nodegroup) and kind (e.g. kind/improvement)

BONUS POINTS checklist: complete for good vibes and maybe prizes?! 🤯

  • Backfilled missing tests for code in same general area 🎉
  • Refactored something and made the world a better place 🌟

@TiberiuGC TiberiuGC added the area/tech-debt Leftover improvements in code, testing and building label Sep 14, 2023
@TiberiuGC TiberiuGC force-pushed the maintenance/fix-security-vulnerabilities branch from 8b97b9b to 660a6fd Compare September 14, 2023 08:07
@TiberiuGC TiberiuGC changed the title Bump helm.sh/helm/v3 and github.com/cloudflare/cfssl to fix indirect deps security vulnerabilities Bump github.com/cloudflare/cfssl to fix indirect deps security vulnerabilities Sep 14, 2023
@TiberiuGC TiberiuGC marked this pull request as ready for review September 14, 2023 08:12
@TiberiuGC TiberiuGC changed the title Bump github.com/cloudflare/cfssl to fix indirect deps security vulnerabilities Bump github.com/cloudflare/cfssl to fix indirect deps DOS vulnerability Sep 14, 2023
@TiberiuGC TiberiuGC added the dependencies Pull requests that update a dependency file label Sep 14, 2023
@TiberiuGC TiberiuGC enabled auto-merge (squash) September 14, 2023 10:08
@TiberiuGC TiberiuGC merged commit 3204d5c into eksctl-io:main Sep 14, 2023
10 checks passed
IdanShohamNetApp pushed a commit to spotinst/weaveworks-eksctl that referenced this pull request Oct 19, 2023
@TiberiuGC @IdanShohamNetApp
Bump github.com/cloudflare/cfssl to fix indirect deps DOS vulnerabi…
ebb4fa3 
…lity (eksctl-io#7067)

* bump cfssl

* Update build image manifest, tag file and workflows
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cPu1 cPu1 cPu1 approved these changes

@Himangini Himangini Himangini approved these changes

Assignees
No one assigned
Labels
area/tech-debt Leftover improvements in code, testing and building dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@TiberiuGC @cPu1 @Himangini