Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport of security: bump k8s.io/apimachinery version into release/1.16.x #21032

Merged
merged 3 commits into from
May 2, 2024
Merged

Backport of security: bump k8s.io/apimachinery version into release/1.16.x #21032

merged 3 commits into from
May 2, 2024

Conversation

dduzgun-security
Copy link
Contributor

Description

Upgrade to support k8s.io/apimachinery to v0.18.7 or higher.
This resolves CVE-2020-8559.

PR Checklist

  • updated test coverage
  • external facing docs updated
  • appropriate backport labels added
  • not a security concern

@github-actions github-actions bot added the pr/dependencies PR specifically updates dependencies of project label May 2, 2024
@dduzgun-security dduzgun-security changed the title Backport of security: bump k8s.io/apimachinery version Backport of security: bump k8s.io/apimachinery version into release/1.16.x May 2, 2024
@zalimeni zalimeni enabled auto-merge (squash) May 2, 2024 21:39
@zalimeni zalimeni merged commit 21df740 into release/1.16.x May 2, 2024
92 checks passed
@zalimeni zalimeni deleted the backport/security/net-7785/envoy-apimachinery/1.16.x branch May 2, 2024 21:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zalimeni zalimeni zalimeni approved these changes

Assignees
No one assigned
Labels
pr/dependencies PR specifically updates dependencies of project pr/no-backport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@dduzgun-security @zalimeni