New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 1856130: [release-4.5] bump golang.org/x/text/encoding to v0.3.3 #714
Bug 1856130: [release-4.5] bump golang.org/x/text/encoding to v0.3.3 #714
Conversation
CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash. Upgrade to golang.org/x/text/encoding to v0.3.3 Signed-off-by: Antonio Ojea <aojea@redhat.com>
@aojea: This pull request references Bugzilla bug 1856130, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/assign @rcarrillocruz @alexanderConstantinescu |
@aojea: This pull request references Bugzilla bug 1856130, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/retest |
/bugzilla refresh |
@aojea: This pull request references Bugzilla bug 1856130, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/lgtm |
Just FMI (for my information...): I didn't see a master PR with this patch, do you have one @aojea ? |
Master is not affected @alexanderConstantinescu The fix is in golang.org/x/text v0.3.3,
4.5 and lower needs to upgrade the module to the v0.3.3 version |
ACK, thanks for clarifying. We might need a "dummy bug" in that case that targets 4.6, so that this PR can go in. |
/cherry-pick release-4.4 |
@aojea: once the present PR merges, I will cherry-pick it on top of release-4.4 in a new PR and assign it to you. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/bugzilla refresh |
@aojea: This pull request references Bugzilla bug 1856130, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/bugzilla refresh Recalculating validity in case the underlying Bugzilla bug has changed. |
@openshift-bot: This pull request references Bugzilla bug 1856130, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/bugzilla refresh Recalculating validity in case the underlying Bugzilla bug has changed. |
@openshift-bot: Bugzilla bug 1856130 is in a bug group that is not in the allowed groups for this repo. There are no allowed bug groups configured for this repo. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/bugzilla refresh Recalculating validity in case the underlying Bugzilla bug has changed. |
@openshift-bot: Bugzilla bug 1856130 is in a bug group that is not in the allowed groups for this repo. There are no allowed bug groups configured for this repo. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@aojea the bot will be fixed when openshift/release#10440 merges. |
/bugzilla refresh Recalculating validity in case the underlying Bugzilla bug has changed. |
/retest Please review the full test history for this PR and help us cut down flakes. |
25 similar comments
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
@aojea: All pull requests linked via external trackers have merged: openshift/cluster-network-operator#714. Bugzilla bug 1856130 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@aojea: new pull request created: #757 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
CVE-2020-14040 golang.org/x/text: possibility to trigger an
infinite loop in encoding/unicode could lead to crash.
Upgrade to golang.org/x/text/encoding to v0.3.3
Signed-off-by: Antonio Ojea aojea@redhat.com