Skip to content

spark-4.0/4.0.0-r0: cve remediation #57505

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
octo-sts wants to merge 1 commit into from
Closed

spark-4.0/4.0.0-r0: cve remediation #57505

octo-sts wants to merge 1 commit into from

Conversation

@octo-sts
Copy link
Contributor

@octo-sts octo-sts bot commented Jun 25, 2025

spark-4.0/4.0.0-r0: fix GHSA-qh8g-58pp-2wxh

Advisory data: https://github.com/wolfi-dev/advisories/blob/main/spark-4.0.advisories.yaml

"Breadcrumbs" for this automated service

@jamie-albert jamie-albert self-assigned this Jun 25, 2025
@jamie-albert
Copy link
Member

jamie-albert commented Jun 25, 2025

advisory: wolfi-dev/advisories#20540

@octo-sts
Copy link
Contributor Author

octo-sts bot commented Jun 25, 2025

This vulnerability remediation is stale and no longer needed. 👋

Advisory CGA-9h2q-jvgf-3h42 has the latest event type of "pending-upstream-fix": https://github.com/wolfi-dev/advisories/blob/main/spark-4.0.advisories.yaml

ID:      CGA-9h2q-jvgf-3h42
Package: spark-4.0
Aliases: CVE-2024-6763 GHSA-qh8g-58pp-2wxh
Events:
  - "scan/v1" at 2025-06-25 08:54:34 UTC
  - "pending-upstream-fix" at 2025-06-25 21:47:27 UTC

@octo-sts octo-sts bot closed this Jun 25, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@jamie-albert jamie-albert

Labels

automated pr GHSA-qh8g-58pp-2wxh maven/pombump request-cve-remediation service:cve-pr-closer spark-4.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jamie-albert