Bug 2058751: [release-4.9] 2022-02-15 Security Advisory

[alicerum]

• CVE-2022-25173 CVE-2022-25176 CVE-2022-25180: pin workflow-cps to 2660.vb_c0412dc4e6d
• CVE-2022-25174 CVE-2022-25177 CVE-2022-25178 CVE-2022-25181 CVE-2022-25182 CVE-2022-25183 : pin workflow-cps-global-lib to 564.ve62a_4eb_b_e039
• CVE-2022-25175 CVE-2022-25179: pin workflow-multibranch to 711.vdfef37cda_816
• CVE-2022-25184: pin pipleine-build-step to 2.

[openshift-ci]

@alicerum: This pull request references Bugzilla bug 2058752, which is invalid:

• expected the bug to target the "4.9.z" release, but it targets "4.11.0" instead
• expected the bug to be in one of the following states: NEW, ASSIGNED, ON_DEV, POST, POST, but it is VERIFIED instead
• expected Bugzilla bug 2058752 to depend on a bug targeting a release in 4.10.0, 4.10.z and in one of the following states: VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE), but no dependents were found

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

Bug 2058752: 2022-02-15 Security Advisory

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci]

@alicerum: This pull request references Bugzilla bug 2058751, which is invalid:

• expected Bugzilla bug 2058751 to depend on a bug targeting a release in 4.10.0, 4.10.z and in one of the following states: VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE), but no dependents were found

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

Bug 2058751: 2022-02-15 Security Advisory

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[alicerum]

/bugzilla-refresh

[akram]

/retitle Bug 2058751: [release-4.9] 2022-02-15 Security Advisory

[akram]

/retest

[openshift-ci]

@alicerum: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[akram]

/lgtm
/approved

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: akram, alicerum

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [akram]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[akram]

/bugzilla refresh

[openshift-ci]

@akram: This pull request references Bugzilla bug 2058751, which is invalid:

• expected dependent Bugzilla bug 2063898 to be in one of the following states: VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE), but it is MODIFIED instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-bot]

/bugzilla refresh

Recalculating validity in case the underlying Bugzilla bug has changed.

[openshift-ci]

@openshift-bot: This pull request references Bugzilla bug 2058751, which is invalid:

• expected dependent Bugzilla bug 2063898 to be in one of the following states: VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE), but it is ON_QA instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

/bugzilla refresh

Recalculating validity in case the underlying Bugzilla bug has changed.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[akram]

/bugzilla refresh

[openshift-ci]

@akram: This pull request references Bugzilla bug 2058751, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker.

6 validation(s) were run on this bug

• bug is open, matching expected state (open)
• bug target release (4.9.z) matches configured target release for branch (4.9.z)
• bug is in the state NEW, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)
• dependent bug Bugzilla bug 2063898 is in the state VERIFIED, which is one of the valid states (VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE))
• dependent Bugzilla bug 2063898 targets the "4.10.z" release, which is one of the valid target releases: 4.10.0, 4.10.z
• bug has dependents

Requesting review from QA contact:
/cc @jitendar-singh

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[jitendar-singh]

/label backport-risk-assessed

[openshift-ci]

@jitendar-singh: Can not set label backport-risk-assessed: Must be member in one of these teams: []

In response to this:

/label backport-risk-assessed

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[akram]

ART request: https://issues.redhat.com/browse/ART-3896

[akram]

/label backport-risk-assessed

[openshift-ci]

@akram: Can not set label backport-risk-assessed: Must be member in one of these teams: []

In response to this:

/label backport-risk-assessed

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[coreydaley]

/label backport-risk-assessed

[coreydaley]

/bugzilla refresh

[openshift-ci]

@coreydaley: This pull request references Bugzilla bug 2058751, which is valid.

6 validation(s) were run on this bug

• bug is open, matching expected state (open)
• bug target release (4.9.z) matches configured target release for branch (4.9.z)
• bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)
• dependent bug Bugzilla bug 2063898 is in the state VERIFIED, which is one of the valid states (VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE))
• dependent Bugzilla bug 2063898 targets the "4.10.z" release, which is one of the valid target releases: 4.10.0, 4.10.z
• bug has dependents

Requesting review from QA contact:
/cc @jitendar-singh

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[jitendar-singh]

/label cherry-pick-approved

[openshift-ci]

@alicerum: All pull requests linked via external trackers have merged:

• openshift/jenkins#1406

Bugzilla bug 2058751 has been moved to the MODIFIED state.

In response to this:

Bug 2058751: [release-4.9] 2022-02-15 Security Advisory

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.