Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OCPBUGS-21078: Bump deps to address CVE-2023-44487 [4.13] #758

Merged
merged 2 commits into from Oct 31, 2023
Merged

OCPBUGS-21078: Bump deps to address CVE-2023-44487 [4.13] #758

merged 2 commits into from Oct 31, 2023

Conversation

atiratree
Copy link
Member

No description provided.

@openshift-ci-robot openshift-ci-robot added jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Oct 17, 2023
@openshift-ci-robot
Copy link

@atiratree: This pull request references Jira Issue OCPBUGS-21078, which is invalid:

  • expected Jira Issue OCPBUGS-21078 to depend on a bug targeting a version in 4.14.0 and in one of the following states: VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA), but no dependents were found

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@atiratree
Copy link
Member Author

/jira refresh

@openshift-ci-robot
Copy link

@atiratree: This pull request references Jira Issue OCPBUGS-21078, which is invalid:

  • expected dependent Jira Issue OCPBUGS-21088 to be in one of the following states: VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA), but it is MODIFIED instead

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@atiratree
Copy link
Member Author

need library-go bump before we can proceed
/hold

@openshift-ci openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Oct 18, 2023
@atiratree
Copy link
Member Author

/hold cancel

@openshift-ci openshift-ci bot added approved Indicates a PR has been approved by an approver from all required OWNERS files. and removed do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. labels Oct 27, 2023
@atiratree atiratree changed the title OCPBUGS-21078: Bump deps to address CVE-2023-44487 OCPBUGS-21078: Bump deps to address CVE-2023-44487 [4.13] Oct 27, 2023
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Oct 27, 2023

@atiratree: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@atiratree
Copy link
Member Author

/jira refresh

@openshift-ci-robot
Copy link

@atiratree: This pull request references Jira Issue OCPBUGS-21078, which is invalid:

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@atiratree
Copy link
Member Author

/jira refresh

@openshift-ci-robot openshift-ci-robot added jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. and removed jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Oct 31, 2023
@openshift-ci-robot
Copy link

@atiratree: This pull request references Jira Issue OCPBUGS-21078, which is valid.

8 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.13.z) matches configured target version for branch (4.13.z)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, POST)
  • dependent bug Jira Issue OCPBUGS-21088 is in the state Verified, which is one of the valid states (VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA))
  • dependent bug Jira Issue OCPBUGS-21088 is in the state Verified, which is one of the valid states (VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA))
  • dependent Jira Issue OCPBUGS-21088 targets the "4.14.0" version, which is one of the valid target versions: 4.14.0
  • dependent Jira Issue OCPBUGS-21088 targets the "4.14.0" version, which is one of the valid target versions: 4.14.0
  • bug has dependents

Requesting review from QA contact:
/cc @zhouying7780

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@ingvagabund
Copy link
Member

/label backport-risk-assessed
/lgtm

@openshift-ci openshift-ci bot added the backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. label Oct 31, 2023
@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Oct 31, 2023
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Oct 31, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: atiratree, ingvagabund

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [atiratree,ingvagabund]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@zhouying7780
Copy link

/label cherry-pick-approved

@openshift-ci openshift-ci bot added the cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. label Oct 31, 2023
@openshift-ci openshift-ci bot merged commit 5dcd222 into openshift:release-4.13 Oct 31, 2023
11 checks passed
@openshift-ci-robot
Copy link

@atiratree: Jira Issue OCPBUGS-21078: All pull requests linked via external trackers have merged:

Jira Issue OCPBUGS-21078 has been moved to the MODIFIED state.

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-merge-robot
Copy link
Contributor

Fix included in accepted release 4.13.0-0.nightly-2023-10-31-174618

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zhouying7780 zhouying7780 Awaiting requested review from zhouying7780

Assignees

@kasturinarra kasturinarra

@ingvagabund ingvagabund

@zhouying7780 zhouying7780

@xingxingxia xingxingxia

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@atiratree @openshift-ci-robot @ingvagabund @zhouying7780 @openshift-merge-robot @kasturinarra @xingxingxia