aws-load-balancer-controller/2.9.0 package update #29746

octo-sts · 2024-09-30T20:50:28Z

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>

github-actions · 2024-09-30T20:57:53Z

Package aws-load-balancer-controller: Click to expand/collapse

Package aws-load-balancer-controller:
Modified: /usr/bin/controller

Package aws-load-balancer-controller-compat: Click to expand/collapse

Package aws-load-balancer-controller-compat:
Unchanged

malcontent found differences: Click to expand/collapse

Deleted: aws-load-balancer-controller-compat/var/lib/db/sbom/aws-load-balancer-controller-compat-2.8.3-r0.spdx.json [⚠️ MEDIUM]

RISK	KEY	DESCRIPTION	EVIDENCE
-MEDIUM	net/download	download files	downloadLocation
-LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/9f802681241ab440dca1085408be

Moved: aws-load-balancer-controller/var/lib/db/sbom/aws-load-balancer-controller-2.8.3-r0.spdx.json -> /tmp/wolfictl-apk-1683752529/aws-load-balancer-controller-compat/var/lib/db/sbom/aws-load-balancer-controller-compat-2.9.0-r0.spdx.json (similarity: 0.91)

Moved: aws-load-balancer-controller/var/lib/db/sbom/aws-load-balancer-controller-2.8.3-r0.spdx.json -> /tmp/wolfictl-apk-1683752529/aws-load-balancer-controller/var/lib/db/sbom/aws-load-balancer-controller-2.9.0-r0.spdx.json (similarity: 0.99)

philroche · 2024-10-01T09:21:27Z

Changes summary:
Total files changed: 251

Total changes: 51966
Total additions: 7347
Total deletions: 44619

Total commits: 35

Fetch VPC ID from runtime using VPC tags provided via controller flags (use ${{build.arch}} in favor of unset envs #3656)

jeswinkoshyninan (167569665+jeswinkoshyninan@users.noreply.github.com) @ 2024-05-20T23:19:16Z
Update README.md (Add mitmproxy package. #3638)

Mike Wilson (hyperbolic2346@users.noreply.github.com) @ 2024-05-21T21:40:40Z
feat: disable default helm labels (newrelic-infrastructure-agent/1.44.0 package update #3574)

Rémi BUISSON (remi-buisson@orange.fr) @ 2024-05-22T16:07:00Z
Added helm envFrom value parameter for cluster-name (elixir/1.15.4 package update #3683)

Omer Aplatony (61663422+omerap12@users.noreply.github.com) @ 2024-05-22T18:29:35Z
restrict resolve resolveViaVPCENIs to fargate only (kots/1.101.0 package update #3709)

Olivia Song (sonyingy@amazon.com) @ 2024-05-22T19:17:25Z
Update go to v1.22, controller-runtime dependency to v0.18.2, and kubernetes libs to v0.30.0 (py3-urllib3/2.0.4 package update #3707)

Luke Arntz (luke@blue42.net) @ 2024-05-24T17:07:26Z
prevent controller runtime complaining about SetupLogger() was never called (fix CVE for go-licenses #3724)

Olivia Song (sonyingy@amazon.com) @ 2024-05-29T23:19:59Z
update the traffic test for ingress (kubernetes-1.26/1.26.7 package update #3725)

Olivia Song (sonyingy@amazon.com) @ 2024-05-30T05:20:12Z
fixed the mTLS bug (oranda/0.2.0 package update #3717)

Yogita Sheth (30565146+shethyogita83@users.noreply.github.com) @ 2024-05-31T01:58:39Z
Move envFrom to the correct position and update example

Huong Nguyen (huonguyenlt@gmail.com) @ 2024-07-11T15:29:05Z
fixup(sg-resolver): Allow multiple SGs with the same Name tag

Albert Lloveras (albert.l@canva.com) @ 2024-07-22T06:49:59Z
bump up go to 1.22.5 (Apply a patch to fix libwebsocket build #3798)

Olivia Song (sonyingy@amazon.com) @ 2024-08-08T22:51:31Z
keep LB addons' settings unchanged unless explicitly specified (gettext: add glibc-iconv dependency #3800)

M00nF1sh (yyyng@amazon.com) @ 2024-08-09T18:19:45Z
update mkdocs dependencies (gnutls: fix underlinking #3803)

M00nF1sh (yyyng@amazon.com) @ 2024-08-12T23:08:14Z
Merge pull request no need go runtime dep #3770 from huonguyenlt/feat/add-envFrom

Kubernetes Prow Robot (20407524+k8s-ci-robot@users.noreply.github.com) @ 2024-08-13T01:29:40Z
PR Feedback: Re-work error reporting and tests

Albert Lloveras (albert.l@canva.com) @ 2024-08-16T03:51:58Z
Merge pull request pulumi/3.76.0 package update #3775 from alloveras/main

Kubernetes Prow Robot (20407524+k8s-ci-robot@users.noreply.github.com) @ 2024-08-16T17:06:39Z
bump up base image version (add py3-trove-classifiers #3854)

Olivia Song (sonyingy@amazon.com) @ 2024-09-16T21:01:12Z
chore: Update cert-manager URL in installation.md and cert_manager.yaml (Bump traefik to 2.10.3 and resolve CVEs again. #3842)

Yosuke Mizuguchi (38171239+capytan@users.noreply.github.com) @ 2024-09-20T19:18:53Z
Update README.md (Fix boost install step. #3832)

Lino Layani (39967417+linoleparquet@users.noreply.github.com) @ 2024-09-20T19:20:13Z
set klog logger (ruff/0.0.280 package update #3833)

Tobias Germer (bvrcreepyx@hotmail.de) @ 2024-09-23T18:12:26Z
Allow disabling ingress validation (Fix rarian builds. #3847)

sarevalo2002 (77837444+sarevalo2002@users.noreply.github.com) @ 2024-09-23T18:37:04Z
feat: support vpc- in target group binding vpc-id validation (upgrade gem grpc pacakge to apply cve fixes #3845)

Anton Khizunov (35187379+khizunov@users.noreply.github.com) @ 2024-09-23T20:58:00Z
Migrate aws sdk go v1 to v2 (Add tinyxml 1 package. #3844)

Shraddha Bang (18206078+shraddhabang@users.noreply.github.com) @ 2024-09-24T00:10:00Z
Bump github.com/prometheus/client_golang from 1.18.0 to 1.20.4

dependabot[bot] (49699333+dependabot[bot]@users.noreply.github.com) @ 2024-09-24T00:11:04Z
Use the documented .Capabilities.KubeVersion.Version in the hpa template (cedar/2.3.1 package update #3766)

Prasad Katti (prasadmkatti@gmail.com) @ 2024-09-24T18:38:51Z
Merge pull request wasmer/4.1.0 package update #3862 from kubernetes-sigs/dependabot/go_modules/github.com/prometheus/client_golang-1.20.4

Kubernetes Prow Robot (20407524+k8s-ci-robot@users.noreply.github.com) @ 2024-09-25T00:16:00Z
Support listener attributes

Weiwei Li (weiweiww@amazon.com) @ 2024-09-25T04:48:00Z
Merge pull request wolfi-bot/corepack #3863 from wweiwei-li/listenerAttributes

Kubernetes Prow Robot (20407524+k8s-ci-robot@users.noreply.github.com) @ 2024-09-26T00:21:29Z
GO2 SDK Migration bug fix on comparators

Shraddha Bang (shrabang@amazon.com) @ 2024-09-26T20:51:18Z
Merge pull request fix flannel-cni-plugin build #3864 from shraddhabang/main

Kubernetes Prow Robot (20407524+k8s-ci-robot@users.noreply.github.com) @ 2024-09-26T23:30:01Z
Fix CVE-2024-34156

Shraddha Bang (shrabang@amazon.com) @ 2024-09-27T22:27:12Z
Merge pull request task/3.28.0 package update #3868 from shraddhabang/main

Kubernetes Prow Robot (20407524+k8s-ci-robot@users.noreply.github.com) @ 2024-09-28T00:58:01Z
cut v2.9.0 release

Shraddha Bang (shrabang@amazon.com) @ 2024-09-30T18:04:23Z
Merge pull request Bump python 3.12 to beta4 #3872 from shraddhabang/main

Kubernetes Prow Robot (20407524+k8s-ci-robot@users.noreply.github.com) @ 2024-09-30T20:33:24Z

GitHub compare URL: kubernetes-sigs/aws-load-balancer-controller@a1418f9...0700e85

aws-load-balancer-controller/2.9.0 package update

8a04c7e

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>

octo-sts bot added request-version-update request for a newer version of a package automated pr P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. labels Sep 30, 2024

octo-sts bot added bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. tests/missing labels Sep 30, 2024

philroche self-assigned this Oct 1, 2024

philroche approved these changes Oct 1, 2024

View reviewed changes

philroche merged commit 6f78dca into main Oct 1, 2024

philroche deleted the wolfictl-7a7a0ded-dc36-4f02-b3e1-1a5fc006c34b branch October 1, 2024 09:21

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

aws-load-balancer-controller/2.9.0 package update #29746

aws-load-balancer-controller/2.9.0 package update #29746

Uh oh!

octo-sts bot commented Sep 30, 2024

Uh oh!

github-actions bot commented Sep 30, 2024

Deleted: aws-load-balancer-controller-compat/var/lib/db/sbom/aws-load-balancer-controller-compat-2.8.3-r0.spdx.json [⚠️ MEDIUM]

Moved: aws-load-balancer-controller/var/lib/db/sbom/aws-load-balancer-controller-2.8.3-r0.spdx.json -> /tmp/wolfictl-apk-1683752529/aws-load-balancer-controller-compat/var/lib/db/sbom/aws-load-balancer-controller-compat-2.9.0-r0.spdx.json (similarity: 0.91)

Moved: aws-load-balancer-controller/var/lib/db/sbom/aws-load-balancer-controller-2.8.3-r0.spdx.json -> /tmp/wolfictl-apk-1683752529/aws-load-balancer-controller/var/lib/db/sbom/aws-load-balancer-controller-2.9.0-r0.spdx.json (similarity: 0.99)

Uh oh!

philroche commented Oct 1, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

aws-load-balancer-controller/2.9.0 package update #29746

aws-load-balancer-controller/2.9.0 package update #29746

Uh oh!

Conversation

octo-sts bot commented Sep 30, 2024

Uh oh!

github-actions bot commented Sep 30, 2024

Deleted: aws-load-balancer-controller-compat/var/lib/db/sbom/aws-load-balancer-controller-compat-2.8.3-r0.spdx.json [⚠️ MEDIUM]

Moved: aws-load-balancer-controller/var/lib/db/sbom/aws-load-balancer-controller-2.8.3-r0.spdx.json -> /tmp/wolfictl-apk-1683752529/aws-load-balancer-controller-compat/var/lib/db/sbom/aws-load-balancer-controller-compat-2.9.0-r0.spdx.json (similarity: 0.91)

Moved: aws-load-balancer-controller/var/lib/db/sbom/aws-load-balancer-controller-2.8.3-r0.spdx.json -> /tmp/wolfictl-apk-1683752529/aws-load-balancer-controller/var/lib/db/sbom/aws-load-balancer-controller-2.9.0-r0.spdx.json (similarity: 0.99)

Uh oh!

philroche commented Oct 1, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants