Fix for OCPBUGS-89698: CVE-2026-12143#1053
Conversation
|
@rhdmalone: This pull request references Jira Issue OCPBUGS-89698, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: rhdmalone The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
@rhdmalone: all tests passed! Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
/label jira/skip-dependent-bug-check since 5.0 is not using form-data except for dependencies and it's already 4.0.6 |
|
@rhdmalone: This pull request references Jira Issue OCPBUGS-89698, which is valid. The bug has been moved to the POST state. 4 validation(s) were run on this bug
No GitHub users were found matching the public email listed for the QA contact in Jira (ocp-sustaining-admins@redhat.com), skipping review request. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/jira refresh |
|
@germanparente: This pull request references Jira Issue OCPBUGS-89698, which is valid. 4 validation(s) were run on this bug
No GitHub users were found matching the public email listed for the QA contact in Jira (ocp-sustaining-admins@redhat.com), skipping review request. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
Fix for CVE-2026-12143: form-data does not escape CR/LF/quote in multipart field names and filenames (CRLF injection)
updates form-data to 4.0.6 or higher and makes other associated changes