Skip to content

[AUTO-CHERRYPICK] nodejs and python-tensorboard: patched vendor tarball to fix CVE-2024-21538 - branch 3.0-dev#11195

Merged
jslobodzian merged 1 commit into3.0-devfrom
cblmargh/cherry-pick-pr-11140-to-3.0-dev
Nov 23, 2024
Merged

[AUTO-CHERRYPICK] nodejs and python-tensorboard: patched vendor tarball to fix CVE-2024-21538 - branch 3.0-dev#11195
jslobodzian merged 1 commit into3.0-devfrom
cblmargh/cherry-pick-pr-11140-to-3.0-dev

Conversation

@CBL-Mariner-Bot
Copy link
Copy Markdown
Collaborator

@CBL-Mariner-Bot CBL-Mariner-Bot commented Nov 22, 2024

This is an auto-generated pull request to cherry-pick commit 6fa4340 to 3.0-dev. Original PR: #11140

@0xba1a @jslobodzian @CBL-Mariner-Bot
nodejs and python-tensorboard: patched vendor tarball to fix CVE-2024…
558e84b 
…-21538 (#11140)

Co-authored-by: jslobodzian <joslobo@microsoft.com>
(cherry picked from commit 6fa4340)
@CBL-Mariner-Bot CBL-Mariner-Bot requested a review from a team as a code owner November 22, 2024 20:38
@CBL-Mariner-Bot CBL-Mariner-Bot added the Auto Fast-track Cherry-pick Automatic cherry-pick from fast-track branch label Nov 22, 2024
@CBL-Mariner-Bot CBL-Mariner-Bot mentioned this pull request Nov 22, 2024
Merged
12 tasks
@jslobodzian jslobodzian merged commit 8c804cf into 3.0-dev Nov 23, 2024
@jslobodzian jslobodzian deleted the cblmargh/cherry-pick-pr-11140-to-3.0-dev branch November 23, 2024 14:53
@rafik43
Copy link
Copy Markdown

rafik43 commented Dec 6, 2024

Hello,

We are currently utilizing the image mcr.microsoft.com/cbl-mariner/base/nodejs:18 and have encountered the vulnerability CVE-2024-21538. Could you please provide an estimated timeline for the availability of a fix?

durgajagadeesh pushed a commit to durgajagadeesh/azurelinux_djpalli that referenced this pull request Dec 31, 2024
@CBL-Mariner-Bot @0xba1a @durgajagadeesh
[AUTO-CHERRYPICK] nodejs and python-tensorboard: patched vendor tarba…
751daa7 
…ll to fix CVE-2024-21538 - branch 3.0-dev (microsoft#11195)

Co-authored-by: Bala <kumaran.4353@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jslobodzian jslobodzian jslobodzian approved these changes

Assignees

No one assigned

Labels

Auto Fast-track Cherry-pick Automatic cherry-pick from fast-track branch Automatic PR Packaging

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@CBL-Mariner-Bot @rafik43 @jslobodzian @0xba1a