Skip to content

Backport of [NET-8601] Upgrade vault/api and docker/docker to resolve open CVEs into release/1.2.7#3844

Merged
zalimeni merged 3 commits intorelease/1.2.7from
backport/zalimeni/fix-multiple-cves/1.2.7
Mar 29, 2024
Merged

Backport of [NET-8601] Upgrade vault/api and docker/docker to resolve open CVEs into release/1.2.7#3844
zalimeni merged 3 commits intorelease/1.2.7from
backport/zalimeni/fix-multiple-cves/1.2.7

Conversation

@zalimeni
Copy link
Copy Markdown
Member

@zalimeni zalimeni commented Mar 29, 2024

Backport

This PR is a manual backport of #3837.

The below text is copied from the body of the original PR.

Changes proposed in this PR

Created by running:

make go-mod-get DEP_VERSION=github.com/hashicorp/vault/api@v1.12.2
make go-mod-get DEP_VERSION=github.com/docker/docker@v25.0.5+incompatible

These unblock the 1.4.1 patch release, so will be backported to .x and point-release branches.

How I've tested this PR

CI and Security Scan pass.

Also ran scan repository . to confirm CVEs are resolved.

How I expect reviewers to test this PR

👀

Checklist

Overview of commits

@zalimeni zalimeni added the pr/no-backport signals that a PR will not contain a backport label label Mar 29, 2024
@zalimeni zalimeni changed the title Backport of [NET-8601] Upgrade vault/api and docker/docker to resolve open CVEs into release/ Backport of [NET-8601] Upgrade vault/api and docker/docker to resolve open CVEs into release/1.2.7 Mar 29, 2024
@zalimeni zalimeni merged commit f25b934 into release/1.2.7 Mar 29, 2024
@zalimeni zalimeni deleted the backport/zalimeni/fix-multiple-cves/1.2.7 branch March 29, 2024 18:10
kisunji pushed a commit that referenced this pull request Apr 3, 2024
@zalimeni @emilymianeil
1.2.7 sync to 1.2.x (#3822)
14d145d 
* Prerelease 1.2.7

* [prerelease-1.2.7] Disable CE test (#3826)

* [1.2.7] Disable all CE tests (#3834)

Disable CE tests on all workflows

* Backport of [NET-8601] Upgrade `vault/api` and `docker/docker` to resolve open CVEs into release/1.2.7 (#3844)

* backport of commit 1711f31

* backport of commit 9049c0d

* backport of commit cacd09b

* [1.2.7] Remove Duplicate UBI Tags (#3265) (#3859)

Remove Duplicate UBI Tags (#3265)

- Amalgamate UBI with Dockerhub and Redhat tags into one step
- Avoids a production incident that errors on duplicate tags:
hashicorp/releng-support#123

Co-authored-by: emily neil <63985869+emilymianeil@users.noreply.github.com>

* Re-add get-go-version (#3863)

---------

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>
Co-authored-by: emily neil <63985869+emilymianeil@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@NicoletaPopoviciu NicoletaPopoviciu Awaiting requested review from NicoletaPopoviciu

1 more reviewer

@skpratt skpratt skpratt approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

pr/no-backport signals that a PR will not contain a backport label

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@zalimeni @skpratt