Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pickup fix for CVE-2023-44487 in google.golang.org/grpc #1401

Merged
merged 1 commit into from Oct 12, 2023
Merged

Pickup fix for CVE-2023-44487 in google.golang.org/grpc #1401

merged 1 commit into from Oct 12, 2023

Conversation

SaschaSchwarze0
Copy link
Member

@SaschaSchwarze0 SaschaSchwarze0 commented Oct 12, 2023
edited

Changes

Seems like dependabot does not yet have this in it database.

Submitter Checklist

  • Includes tests if functionality changed/was added
  • Includes docs if changes are user-facing
  • Set a kind label on this PR
  • Release notes block has been filled in, or marked NONE

See the contributor guide
for details on coding conventions, github and prow interactions, and the code review process.

Release Notes

Updates google.golang.org/grpc to address CVE-2023-44487

@SaschaSchwarze0 SaschaSchwarze0 added the kind/dependency-change Categorizes issue or PR as related to changing dependencies label Oct 12, 2023
@SaschaSchwarze0 SaschaSchwarze0 added this to the release-v0.12.0 milestone Oct 12, 2023
@openshift-ci openshift-ci bot added the release-note-none Label for when a PR does not need a release note label Oct 12, 2023
@pull-request-size pull-request-size bot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Oct 12, 2023
@openshift-ci openshift-ci bot added release-note Label for when a PR has specified a release note and removed release-note-none Label for when a PR does not need a release note labels Oct 12, 2023
qu1queee
qu1queee approved these changes Oct 12, 2023
View reviewed changes
Copy link
Contributor

@qu1queee qu1queee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Oct 12, 2023
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Oct 12, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: qu1queee

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 12, 2023
@SaschaSchwarze0 SaschaSchwarze0 changed the title Pickup for for CVE-2023-44487 in google.golang.org/grpc Pickup fix for CVE-2023-44487 in google.golang.org/grpc Oct 12, 2023
@SaschaSchwarze0 SaschaSchwarze0 merged commit 0fa3ffa into shipwright-io:main Oct 12, 2023
13 checks passed
@SaschaSchwarze0 SaschaSchwarze0 deleted the sascha-bump-grpc branch October 12, 2023 07:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@qu1queee qu1queee qu1queee approved these changes

@adambkaplan adambkaplan Awaiting requested review from adambkaplan

Assignees

@qu1queee qu1queee

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. kind/dependency-change Categorizes issue or PR as related to changing dependencies lgtm Indicates that a PR is ready to be merged. release-note Label for when a PR has specified a release note size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
release-v0.12.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@SaschaSchwarze0 @qu1queee