Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump some go modules in traefik to fix two CVEs. #716

Merged
merged 1 commit into from
Mar 7, 2023
Merged

Bump some go modules in traefik to fix two CVEs. #716

merged 1 commit into from
Mar 7, 2023

Conversation

dlorenc
Copy link
Contributor

@dlorenc dlorenc commented Mar 7, 2023

I sent this same PR upstream: traefik/traefik#9763

Fixes:

Related:

Pre-review Checklist

For new package PRs only

  • This PR is marked as fixing a pre-existing package request bug
    • Alternatively, the PR is marked as related to a pre-existing package request bug, such as a dependency
  • The package is available under an OSI-approved or FSF-approved license
  • The version of the package is still receiving security updates

For security-related PRs

  • The security fix is recorded in annotations and secfixes

For version bump PRs

  • The epoch field is reset to 0

@dlorenc
Bump some go modules in traefik to fix two CVEs.
70d41e9 
I sent this same PR upstream: traefik/traefik#9763

Signed-off-by: Dan Lorenc <dlorenc@chainguard.dev>
@dlorenc dlorenc requested a review from a team as a code owner March 7, 2023 16:53
@dlorenc dlorenc requested review from kaniini and cpanato March 7, 2023 16:53
@kaniini kaniini merged commit c13b7a1 into wolfi-dev:main Mar 7, 2023
@dlorenc dlorenc deleted the patchtraef branch March 7, 2023 22:52
@luhring luhring mentioned this pull request Mar 9, 2023
Open
@luhring
Copy link
Contributor

luhring commented Mar 9, 2023

This set the fixed version to a later version (-r2) than the version of the package itself (-r1). We should make it easier in wolfictl to avoid this. I've opened a bug for this: wolfi-dev/wolfictl#97

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kaniini kaniini kaniini approved these changes

@cpanato cpanato Awaiting requested review from cpanato cpanato was automatically assigned from wolfi-dev/wolfi-repository-maintainers

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dlorenc @luhring @kaniini