Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump alpine base version for Docker build to 3.18.2 #638

Merged
merged 1 commit into from
Jun 26, 2023

Conversation

shreyas-s-rao
Copy link
Collaborator

What this PR does / why we need it:
Bump alpine base version for Docker build to 3.18.2, which includes fixes for CVEs CVE-2023-1255 and CVE-2023-2650.

Which issue(s) this PR fixes:
Fixes #

Special notes for your reviewer:
/invite @aaronfern

Release note:

Bump alpine base version for Docker build to `3.18.2`.

@shreyas-s-rao shreyas-s-rao added the area/security Security related label Jun 21, 2023
@shreyas-s-rao shreyas-s-rao requested a review from a team as a code owner June 21, 2023 13:44
@gardener-robot gardener-robot requested a review from aaronfern June 21, 2023 13:44
@gardener-robot gardener-robot added needs/review Needs review size/xs Size of pull request is tiny (see gardener-robot robot/bots/size.py) labels Jun 21, 2023
@gardener-robot-ci-2 gardener-robot-ci-2 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Jun 21, 2023
@gardener-robot-ci-3 gardener-robot-ci-3 added needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Jun 21, 2023
@gardener-robot
Copy link

@aaronfern You have pull request review open invite, please check

@ishan16696
Copy link
Member

Why to open a separate PR for this if we are not going to release this without etcd-wrapper , so IMO Why not @aaronfern should include this in his PR: #638 ?

@aaronfern
Copy link
Contributor

This is a change that is mainly for a security fix and not necessarily part of making etcd-backup-restore distroless, so I think a separate PR is fair here

@ishan16696
Copy link
Member

This is a change that is mainly for a security fix and not necessarily part of making etcd-backup-restore distroless, so I think a separate PR is fair here

ok, make sense

@shreyas-s-rao shreyas-s-rao self-assigned this Jun 26, 2023
@shreyas-s-rao shreyas-s-rao merged commit 9407ade into gardener:master Jun 26, 2023
@shreyas-s-rao shreyas-s-rao deleted the update/alpine-3.18.2 branch June 26, 2023 10:01
@gardener-robot gardener-robot added the status/closed Issue is closed (either delivered or triaged) label Jun 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/security Security related needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) needs/review Needs review size/xs Size of pull request is tiny (see gardener-robot robot/bots/size.py) status/closed Issue is closed (either delivered or triaged)
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants