Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump dependencies to address CVE-2023-44487 #1263

Merged
merged 1 commit into from Oct 16, 2023
Merged

Bump dependencies to address CVE-2023-44487 #1263

merged 1 commit into from Oct 16, 2023

Conversation

ingvagabund
Copy link
Contributor

There's no 1.28.3 release yet. So pinning the k8s deps to the latest release-1.28 head

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Oct 16, 2023
@ingvagabund ingvagabund added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 16, 2023
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@knelasevero
Copy link
Contributor

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Oct 16, 2023
@k8s-ci-robot k8s-ci-robot merged commit 73eb424 into kubernetes-sigs:master Oct 16, 2023
10 checks passed
@ingvagabund ingvagabund deleted the bump-deps-1.28 branch October 16, 2023 11:44
@ingvagabund ingvagabund mentioned this pull request Oct 19, 2023
Merged
coolguy1771 pushed a commit to coolguy1771/home-ops that referenced this pull request Jan 4, 2024
@lumiere-bot
feat(helm): update chart descheduler to 0.29.0 (#3935)
5e7e8ec 
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [descheduler](https://togithub.com/kubernetes-sigs/descheduler) |
minor | `0.28.1` -> `0.29.0` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>kubernetes-sigs/descheduler (descheduler)</summary>

###
[`v0.29.0`](https://togithub.com/kubernetes-sigs/descheduler/releases/tag/v0.29.0):
Descheduler v0.29.0

[Compare
Source](https://togithub.com/kubernetes-sigs/descheduler/compare/v0.28.1...v0.29.0)

#### What's Changed

- topologySpreadConstraints: handle `nodeTaintsPolicy` and
`nodeAffinityPolicy` constraints by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1218
- fix: structured err logs in eviction by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1228
- helm: update cronjob args argument to avoid unmarshal error by
[@&#8203;cayla](https://togithub.com/cayla) in
[kubernetes-sigs/descheduler#1229
- fix: golangci config by
[@&#8203;jklaw90](https://togithub.com/jklaw90) in
[kubernetes-sigs/descheduler#1242
- docs: fix evictableNamespaces example by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1241
- update image references to point to v0.28.0 by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1246
- nodefit: use info log level when pod doesn't fit by
[@&#8203;antoinedeschenes](https://togithub.com/antoinedeschenes) in
[kubernetes-sigs/descheduler#1220
- helm: support of `timeZone` for CronJob by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1245
- helm: ability to specify `dnsConfig` by
[@&#8203;audip](https://togithub.com/audip) in
[kubernetes-sigs/descheduler#1260
- Bump dependencies to address CVE-2023-44487 by
[@&#8203;ingvagabund](https://togithub.com/ingvagabund) in
[kubernetes-sigs/descheduler#1263
- CVE 2023 44487 fixes by
[@&#8203;ingvagabund](https://togithub.com/ingvagabund) in
[kubernetes-sigs/descheduler#1270
- bump deps for CVE-2023-25151 by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1277
- topologyspreadconstraint: support `matchLabelKeys` by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1233
- fix: display ownerKey in the logs correctly by
[@&#8203;dimunech](https://togithub.com/dimunech) in
[kubernetes-sigs/descheduler#1281
- fix: version skew compatibility for managed kubernetes providers by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1249
- adding jklaw90 to reviewers by
[@&#8203;jklaw90](https://togithub.com/jklaw90) in
[kubernetes-sigs/descheduler#1276
- copy cherry_pick_pull script form kubernetes/kubernetes by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1282
- CVE-2023-47108: replace otelgrpc version by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1293
- fix: json logging by [@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1296
- Make the logged nodeutilization percentages human-readable by
[@&#8203;PeterSzegedi](https://togithub.com/PeterSzegedi) in
[kubernetes-sigs/descheduler#1294
- fix: revert defer of context done by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1299
- chore: upgrade libs to kubernetes 0.28.4 and matching go version by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1292
- release v0.28.1: bump helm chart and images by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1305
- helm: ability to specify security context for pod by
[@&#8203;victorgs](https://togithub.com/victorgs) in
[kubernetes-sigs/descheduler#1311
- helm: allow configuration of ipFamilyPolicy by
[@&#8203;dongjiang1989](https://togithub.com/dongjiang1989) in
[kubernetes-sigs/descheduler#1314
- fix: topologySpreadConstraint fields in structured logs by
[@&#8203;SataQiu](https://togithub.com/SataQiu) in
[kubernetes-sigs/descheduler#1317
- `PodLifeTime`: consider pods with container status `ImagePullBackOff`
by [@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1318
- kubernetes 1.29: update deps and go-version by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1322
- `CVE-2023-48795`: bump k8s deps by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1333

#### New Contributors

- [@&#8203;cayla](https://togithub.com/cayla) made their first
contribution in
[kubernetes-sigs/descheduler#1229
- [@&#8203;dimunech](https://togithub.com/dimunech) made their first
contribution in
[kubernetes-sigs/descheduler#1281
- [@&#8203;PeterSzegedi](https://togithub.com/PeterSzegedi) made their
first contribution in
[kubernetes-sigs/descheduler#1294
- [@&#8203;victorgs](https://togithub.com/victorgs) made their first
contribution in
[kubernetes-sigs/descheduler#1311
- [@&#8203;SataQiu](https://togithub.com/SataQiu) made their first
contribution in
[kubernetes-sigs/descheduler#1317

**Full Changelog**:
kubernetes-sigs/descheduler@v0.28.0...v0.29.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://togithub.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMTYuMCIsInVwZGF0ZWRJblZlciI6IjM3LjExNi4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: lumiere-bot[bot] <98047013+lumiere-bot[bot]@users.noreply.github.com>
spiceratops added a commit to spiceratops/k8s-gitops that referenced this pull request Jan 5, 2024
@spiceratops
feat(helm): update chart descheduler to 0.29.0 (#499)
b24da42 
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [descheduler](https://togithub.com/kubernetes-sigs/descheduler) |
minor | `0.28.1` -> `0.29.0` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>kubernetes-sigs/descheduler (descheduler)</summary>

###
[`v0.29.0`](https://togithub.com/kubernetes-sigs/descheduler/releases/tag/v0.29.0):
Descheduler v0.29.0

[Compare
Source](https://togithub.com/kubernetes-sigs/descheduler/compare/v0.28.1...v0.29.0)

#### What's Changed

- topologySpreadConstraints: handle `nodeTaintsPolicy` and
`nodeAffinityPolicy` constraints by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1218
- fix: structured err logs in eviction by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1228
- helm: update cronjob args argument to avoid unmarshal error by
[@&#8203;cayla](https://togithub.com/cayla) in
[kubernetes-sigs/descheduler#1229
- fix: golangci config by
[@&#8203;jklaw90](https://togithub.com/jklaw90) in
[kubernetes-sigs/descheduler#1242
- docs: fix evictableNamespaces example by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1241
- update image references to point to v0.28.0 by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1246
- nodefit: use info log level when pod doesn't fit by
[@&#8203;antoinedeschenes](https://togithub.com/antoinedeschenes) in
[kubernetes-sigs/descheduler#1220
- helm: support of `timeZone` for CronJob by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1245
- helm: ability to specify `dnsConfig` by
[@&#8203;audip](https://togithub.com/audip) in
[kubernetes-sigs/descheduler#1260
- Bump dependencies to address CVE-2023-44487 by
[@&#8203;ingvagabund](https://togithub.com/ingvagabund) in
[kubernetes-sigs/descheduler#1263
- CVE 2023 44487 fixes by
[@&#8203;ingvagabund](https://togithub.com/ingvagabund) in
[kubernetes-sigs/descheduler#1270
- bump deps for CVE-2023-25151 by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1277
- topologyspreadconstraint: support `matchLabelKeys` by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1233
- fix: display ownerKey in the logs correctly by
[@&#8203;dimunech](https://togithub.com/dimunech) in
[kubernetes-sigs/descheduler#1281
- fix: version skew compatibility for managed kubernetes providers by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1249
- adding jklaw90 to reviewers by
[@&#8203;jklaw90](https://togithub.com/jklaw90) in
[kubernetes-sigs/descheduler#1276
- copy cherry_pick_pull script form kubernetes/kubernetes by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1282
- CVE-2023-47108: replace otelgrpc version by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1293
- fix: json logging by [@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1296
- Make the logged nodeutilization percentages human-readable by
[@&#8203;PeterSzegedi](https://togithub.com/PeterSzegedi) in
[kubernetes-sigs/descheduler#1294
- fix: revert defer of context done by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1299
- chore: upgrade libs to kubernetes 0.28.4 and matching go version by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1292
- release v0.28.1: bump helm chart and images by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1305
- helm: ability to specify security context for pod by
[@&#8203;victorgs](https://togithub.com/victorgs) in
[kubernetes-sigs/descheduler#1311
- helm: allow configuration of ipFamilyPolicy by
[@&#8203;dongjiang1989](https://togithub.com/dongjiang1989) in
[kubernetes-sigs/descheduler#1314
- fix: topologySpreadConstraint fields in structured logs by
[@&#8203;SataQiu](https://togithub.com/SataQiu) in
[kubernetes-sigs/descheduler#1317
- `PodLifeTime`: consider pods with container status `ImagePullBackOff`
by [@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1318
- kubernetes 1.29: update deps and go-version by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1322
- `CVE-2023-48795`: bump k8s deps by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1333

#### New Contributors

- [@&#8203;cayla](https://togithub.com/cayla) made their first
contribution in
[kubernetes-sigs/descheduler#1229
- [@&#8203;dimunech](https://togithub.com/dimunech) made their first
contribution in
[kubernetes-sigs/descheduler#1281
- [@&#8203;PeterSzegedi](https://togithub.com/PeterSzegedi) made their
first contribution in
[kubernetes-sigs/descheduler#1294
- [@&#8203;victorgs](https://togithub.com/victorgs) made their first
contribution in
[kubernetes-sigs/descheduler#1311
- [@&#8203;SataQiu](https://togithub.com/SataQiu) made their first
contribution in
[kubernetes-sigs/descheduler#1317

**Full Changelog**:
kubernetes-sigs/descheduler@v0.28.0...v0.29.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://togithub.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMTYuMCIsInVwZGF0ZWRJblZlciI6IjM3LjExNi4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
renovate bot added a commit to teutonet/teutonet-helm-charts that referenced this pull request Feb 13, 2024
@renovate @cwrau
chore(base-cluster/dependencies): update helm release descheduler to …
61264cb 
…0.29.x (#704)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [descheduler](https://togithub.com/kubernetes-sigs/descheduler) |
minor | `0.28.x` -> `0.29.x` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>kubernetes-sigs/descheduler (descheduler)</summary>

###
[`v0.29.0`](https://togithub.com/kubernetes-sigs/descheduler/releases/tag/v0.29.0):
Descheduler v0.29.0

[Compare
Source](https://togithub.com/kubernetes-sigs/descheduler/compare/v0.28.1...v0.29.0)

#### What's Changed

- topologySpreadConstraints: handle `nodeTaintsPolicy` and
`nodeAffinityPolicy` constraints by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1218
- fix: structured err logs in eviction by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1228
- helm: update cronjob args argument to avoid unmarshal error by
[@&#8203;cayla](https://togithub.com/cayla) in
[kubernetes-sigs/descheduler#1229
- fix: golangci config by
[@&#8203;jklaw90](https://togithub.com/jklaw90) in
[kubernetes-sigs/descheduler#1242
- docs: fix evictableNamespaces example by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1241
- update image references to point to v0.28.0 by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1246
- nodefit: use info log level when pod doesn't fit by
[@&#8203;antoinedeschenes](https://togithub.com/antoinedeschenes) in
[kubernetes-sigs/descheduler#1220
- helm: support of `timeZone` for CronJob by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1245
- helm: ability to specify `dnsConfig` by
[@&#8203;audip](https://togithub.com/audip) in
[kubernetes-sigs/descheduler#1260
- Bump dependencies to address CVE-2023-44487 by
[@&#8203;ingvagabund](https://togithub.com/ingvagabund) in
[kubernetes-sigs/descheduler#1263
- CVE 2023 44487 fixes by
[@&#8203;ingvagabund](https://togithub.com/ingvagabund) in
[kubernetes-sigs/descheduler#1270
- bump deps for CVE-2023-25151 by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1277
- topologyspreadconstraint: support `matchLabelKeys` by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1233
- fix: display ownerKey in the logs correctly by
[@&#8203;dimunech](https://togithub.com/dimunech) in
[kubernetes-sigs/descheduler#1281
- fix: version skew compatibility for managed kubernetes providers by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1249
- adding jklaw90 to reviewers by
[@&#8203;jklaw90](https://togithub.com/jklaw90) in
[kubernetes-sigs/descheduler#1276
- copy cherry_pick_pull script form kubernetes/kubernetes by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1282
- CVE-2023-47108: replace otelgrpc version by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1293
- fix: json logging by [@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1296
- Make the logged nodeutilization percentages human-readable by
[@&#8203;PeterSzegedi](https://togithub.com/PeterSzegedi) in
[kubernetes-sigs/descheduler#1294
- fix: revert defer of context done by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1299
- chore: upgrade libs to kubernetes 0.28.4 and matching go version by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1292
- release v0.28.1: bump helm chart and images by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1305
- helm: ability to specify security context for pod by
[@&#8203;victorgs](https://togithub.com/victorgs) in
[kubernetes-sigs/descheduler#1311
- helm: allow configuration of ipFamilyPolicy by
[@&#8203;dongjiang1989](https://togithub.com/dongjiang1989) in
[kubernetes-sigs/descheduler#1314
- fix: topologySpreadConstraint fields in structured logs by
[@&#8203;SataQiu](https://togithub.com/SataQiu) in
[kubernetes-sigs/descheduler#1317
- `PodLifeTime`: consider pods with container status `ImagePullBackOff`
by [@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1318
- kubernetes 1.29: update deps and go-version by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1322
- `CVE-2023-48795`: bump k8s deps by
[@&#8203;a7i](https://togithub.com/a7i) in
[kubernetes-sigs/descheduler#1333

#### New Contributors

- [@&#8203;cayla](https://togithub.com/cayla) made their first
contribution in
[kubernetes-sigs/descheduler#1229
- [@&#8203;dimunech](https://togithub.com/dimunech) made their first
contribution in
[kubernetes-sigs/descheduler#1281
- [@&#8203;PeterSzegedi](https://togithub.com/PeterSzegedi) made their
first contribution in
[kubernetes-sigs/descheduler#1294
- [@&#8203;victorgs](https://togithub.com/victorgs) made their first
contribution in
[kubernetes-sigs/descheduler#1311
- [@&#8203;SataQiu](https://togithub.com/SataQiu) made their first
contribution in
[kubernetes-sigs/descheduler#1317

**Full Changelog**:
kubernetes-sigs/descheduler@v0.28.0...v0.29.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/teutonet/teutonet-helm-charts).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMjcuMCIsInVwZGF0ZWRJblZlciI6IjM3LjEyNy4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Chris Werner Rau <cwr@teuto.net>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@knelasevero knelasevero Awaiting requested review from knelasevero

@seanmalloy seanmalloy Awaiting requested review from seanmalloy

Assignees

@knelasevero knelasevero

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ingvagabund @k8s-ci-robot @knelasevero