Skip to content

Promote debian-base:buster-v1.8.0 images #2256

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 23, 2021
Merged

Promote debian-base:buster-v1.8.0 images #2256

merged 1 commit into from
Jun 23, 2021

Conversation

@jindijamie
Copy link
Contributor

@jindijamie jindijamie commented Jun 22, 2021

Promote debian-base:buster-v1.8.0 images
To fix following vulnerabilities
CVE-2021-33560 Medium
CVE-2021-20305 Medium
CVE-2021-20232 Low
CVE-2021-20231 Low
CVE-2020-24659 Low
CVE-2021-3580 Unspecified

@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Jun 22, 2021

Welcome @jindijamie!

It looks like this is your first PR to kubernetes/k8s.io 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes/k8s.io has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Jun 22, 2021

Hi @jindijamie. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Jun 22, 2021
@k8s-ci-robot k8s-ci-robot requested review from cpanato and xmudrii June 22, 2021 17:08
@k8s-ci-robot k8s-ci-robot added area/release-eng Issues or PRs related to the Release Engineering subproject sig/release Categorizes an issue or PR as relevant to SIG Release. wg/k8s-infra cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Jun 22, 2021
justaugustus
justaugustus approved these changes Jun 23, 2021
View reviewed changes
Copy link
Member

@justaugustus justaugustus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/ok-to-test
/lgtm
/approve

Image promotion for kubernetes/release#2135.
Prow job: https://prow.k8s.io/view/gs/kubernetes-jenkins/logs/post-release-push-image-debian-base/1407271642668732416

FYI @kubernetes/release-engineering @BenTheElder

@k8s-ci-robot k8s-ci-robot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Jun 23, 2021
@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jun 23, 2021
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Jun 23, 2021

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: jindijamie, justaugustus

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jun 23, 2021
@k8s-ci-robot k8s-ci-robot merged commit 14a7edb into kubernetes:main Jun 23, 2021
@k8s-ci-robot k8s-ci-robot added this to the v1.22 milestone Jun 23, 2021
amccague added a commit to amccague/git-sync that referenced this pull request Jun 30, 2021
@amccague
Update Makefile
d1a773f 
Use the latest promoted debian base image: kubernetes/k8s.io#2256

Overcomes 2 critical vulnerabilities:
* https://nvd.nist.gov/vuln/detail/CVE-2021-20231
* https://nvd.nist.gov/vuln/detail/CVE-2021-20232

My organisation cares about published and fixed vulnerabilities and we use this tool extensively, thank you for it :)
@amccague amccague mentioned this pull request Jun 30, 2021
Merged
eminugurkenar pushed a commit to eminugurkenar/git-sync that referenced this pull request Aug 16, 2021
@amccague @eminugurkenar
Update Makefile
cdd608c 
Use the latest promoted debian base image: kubernetes/k8s.io#2256

Overcomes 2 critical vulnerabilities:
* https://nvd.nist.gov/vuln/detail/CVE-2021-20231
* https://nvd.nist.gov/vuln/detail/CVE-2021-20232

My organisation cares about published and fixed vulnerabilities and we use this tool extensively, thank you for it :)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cpanato cpanato Awaiting requested review from cpanato

@xmudrii xmudrii Awaiting requested review from xmudrii

1 more reviewer

@justaugustus justaugustus justaugustus approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@justaugustus justaugustus

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. area/artifacts Issues or PRs related to the hosting of release artifacts for subprojects area/release-eng Issues or PRs related to the Release Engineering subproject cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. sig/release Categorizes an issue or PR as relevant to SIG Release. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.

Projects

None yet

Milestone

v1.22

Development

Successfully merging this pull request may close these issues.

3 participants

@jindijamie @k8s-ci-robot @justaugustus