Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade to address High CVEs #1731

Merged
merged 1 commit into from
Dec 12, 2023
Merged

Upgrade to address High CVEs #1731

merged 1 commit into from
Dec 12, 2023

Conversation

ChristianZaccaria
Copy link
Contributor

Why are these changes needed?

There are currently 3 High CVEs detected by Snyk:

https://www.cve.org/CVERecord?id=CVE-2023-44487
https://www.cve.org/CVERecord?id=CVE-2022-21698
https://www.cve.org/CVERecord?id=CVE-2023-45142

This PR addresses each of them. I've opened a PR against my local fork (which is in sync with this repo and is scanned by Snyk), to verify this resolution. Moreover, the provided links detail how the CVEs were introduced.

Checks

  • I've made sure the tests are passing.
  • Testing Strategy
    • Manual tests
    • This PR is not tested :(

@ChristianZaccaria
Copy link
Contributor Author

/hold

@kevin85421 kevin85421 self-requested a review December 11, 2023 18:00
@kevin85421 kevin85421 self-assigned this Dec 11, 2023
@ChristianZaccaria
Copy link
Contributor Author

/unhold Good to merge!

kevin85421
kevin85421 approved these changes Dec 12, 2023
View reviewed changes
Copy link
Member

@kevin85421 kevin85421 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work! Thanks!

@kevin85421 kevin85421 merged commit ce960e2 into ray-project:master Dec 12, 2023
25 checks passed
ChristianZaccaria added a commit to ChristianZaccaria/kuberay that referenced this pull request Jan 5, 2024
@ChristianZaccaria
PATCH: Upgrade to address High CVEs (ray-project#1731)
14228f4
ChristianZaccaria added a commit to ChristianZaccaria/kuberay that referenced this pull request Jan 5, 2024
@ChristianZaccaria
DROP: Upgrade to address High CVEs (ray-project#1731)
1ee3caa
astefanutti pushed a commit to opendatahub-io/kuberay that referenced this pull request Jan 5, 2024
@ChristianZaccaria @astefanutti
DROP: Upgrade to address High CVEs (ray-project#1731)
742adbc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@astefanutti astefanutti astefanutti approved these changes

@kevin85421 kevin85421 kevin85421 approved these changes

Assignees

@kevin85421 kevin85421

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ChristianZaccaria @astefanutti @kevin85421