New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[1.26][CVE-2023-39325] .: bump golang.org/x/net to v0.17.0 #121126
[1.26][CVE-2023-39325] .: bump golang.org/x/net to v0.17.0 #121126
Conversation
Bumping golang.org/x/net in light of CVE-2023-39325 and CVE-2023-44487. Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
/lgtm |
LGTM label has been added. Git tree hash: f72bc365a07ca6e0539584c1cecc82c9560f0c44
|
@MadhavJivrajani: The following test failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/triage accepted
/lgtm
Cherry-pick of #121117
What type of PR is this?
/kind cleanup
What this PR does / why we need it:
Bumping golang.org/x/net in light of CVE-2023-39325 and CVE-2023-44487.
Special notes for your reviewer:
This is needed along with Go version bumps to go1.21.3 and go1.20.10
Release announcement: https://groups.google.com/d/msgid/golang-dev/4BIpAJrySaC2VRUr-eUqhQ%40geopod-ismtpd-7
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:
/assign @liggitt
/priority important-soon