Skip to content

Comments

[release-2.9] fix: CVE-2022-41723#185

Closed
k8s-infra-cherrypick-robot wants to merge 2 commits intokubernetes-csi:release-2.9from
k8s-infra-cherrypick-robot:cherry-pick-179-to-release-2.9
Closed

[release-2.9] fix: CVE-2022-41723#185
k8s-infra-cherrypick-robot wants to merge 2 commits intokubernetes-csi:release-2.9from
k8s-infra-cherrypick-robot:cherry-pick-179-to-release-2.9

Conversation

@k8s-infra-cherrypick-robot
Copy link

@k8s-infra-cherrypick-robot k8s-infra-cherrypick-robot commented Apr 27, 2023

This is an automated cherry-pick of #179

/assign andyzhangx

fix: CVE-2022-41723

@k8s-infra-cherrypick-robot k8s-infra-cherrypick-robot mentioned this pull request Apr 27, 2023
Merged
@k8s-ci-robot k8s-ci-robot added the release-note Denotes a PR that will be considered when it comes time to generate release notes. label Apr 27, 2023
@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Apr 27, 2023
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Apr 27, 2023

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: k8s-infra-cherrypick-robot
Once this PR has been reviewed and has the lgtm label, please assign jsafrane for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Apr 27, 2023
@andyzhangx
Copy link
Member

andyzhangx commented Apr 27, 2023

can we cut v2.9.1 for this CVE-2022-41723 fix? @jsafrane
This CVE is already scanned by some users, and they require a CVE fix.

@jsafrane
Copy link
Contributor

jsafrane commented Apr 27, 2023

I want to release 2.10 in a few days and it has just library bumps.

@andyzhangx
Copy link
Member

andyzhangx commented Apr 27, 2023

/close

@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Apr 27, 2023

@andyzhangx: Closed this PR.

Details

In response to this:

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Jiawei0227 Jiawei0227 Awaiting requested review from Jiawei0227

@xing-yang xing-yang Awaiting requested review from xing-yang

Assignees

@andyzhangx andyzhangx

Labels

cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@k8s-infra-cherrypick-robot @k8s-ci-robot @andyzhangx @jsafrane