Skip to content

Navigation Menu

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

knative / serving Public

Notifications You must be signed in to change notification settings
Fork 1.2k
Star 5.6k

Code
Issues 189
Pull requests 13
Discussions
Actions
Projects 1
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Projects
Security
Insights

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2023-44487: trigger new release builds #14506

Closed

30 tasks done

ReToCode opened this issue Oct 11, 2023 · 7 comments

Closed

30 tasks done

CVE-2023-44487: trigger new release builds #14506

ReToCode opened this issue Oct 11, 2023 · 7 comments

Comments

Copy link

Member

ReToCode commented Oct 11, 2023 •

edited

Loading

CVE-2023-44487 requires us to rebuild our currently supported releases:

knative/serving

release-1.10 - [release-1.10] Rebuild using Go 1.20.10 (to address CVEs) #14501
release-1.11 - [release-1.11] Rebuild using Go 1.20.10 (to address CVEs) #14500
release-1.10 (go deps) - [release-1.10] bump x/net to v0.17 #14517 @nak3
release-1.11 (go deps) - [release-1.11] bump x/net to v0.17 #14516 @nak3

knative/networking

release-1.10 (go deps) - [release-1.10] bump x/net to v0.17 networking#879 @nak3
release-1.11 (go deps) - [release-1.11] bump x/net to v0.17 networking#878 @nak3

knative-sandbox/net-istio

release-1.10 - [release-1.10] Rebuild using Go 1.20.10 (to address CVEs) knative-extensions/net-istio#1185
release-1.11 - [release-1.11] Rebuild using Go 1.20.10 (to address CVEs) knative-extensions/net-istio#1186
release-1.10 (go deps) - [release-1.10] bump x/net to v0.17 knative-extensions/net-istio#1191 @ReToCode
release-1.11 (go deps) - [release-1.11] bump x/net to v0.17 knative-extensions/net-istio#1190 @ReToCode

knative-sandbox/net-contour

release-1.10 - [release-1.10] Rebuild using Go 1.20.10 (to address CVEs) knative-extensions/net-contour#978
release-1.11 - [release-1.11] Rebuild using Go 1.20.10 (to address CVEs) knative-extensions/net-contour#979
release-1.10 (go deps) - [release-1.10] bump x/net to v0.17 knative-extensions/net-contour#983 @nak3
release-1.11 (go deps) - [release-1.11] bump x/net to v0.17 knative-extensions/net-contour#984 @nak3

knative-sandbox/net-gateway-api

release-1.10 - [release-1.10] Rebuild using Go 1.20.10 (to address CVEs) knative-extensions/net-gateway-api#558
release-1.11 - [release-1.11] Rebuild using Go 1.20.10 (to address CVEs) knative-extensions/net-gateway-api#559
release-1.10 (go deps) - [release-1.10] bump x/net to v0.17 knative-extensions/net-gateway-api#561 @ReToCode
release-1.11 (go deps) - [release-1.11] bump x/net to v0.17 knative-extensions/net-gateway-api#562 @ReToCode

knative-sandbox/net-kourier

release-1.10 - [release-1.10] Rebuild using Go 1.20.10 (to address CVEs) knative-extensions/net-kourier#1133
release-1.11 - [release-1.11] Rebuild using Go 1.20.10 (to address CVEs) knative-extensions/net-kourier#1134
release-1.10 (go deps) - [release-1.10] bump x/net to v0.17 knative-extensions/net-kourier#1136 @nak3
release-1.11 (go deps) - [release-1.11] bump x/net to v0.17 knative-extensions/net-kourier#1137 @nak3

knative-sandbox/net-certmanager

release-1.10 - [release-1.10] Rebuild using Go 1.20.10 (to address CVEs) knative-extensions/net-certmanager#605
release-1.11 - [release-1.11] Rebuild using Go 1.20.10 (to address CVEs) knative-extensions/net-certmanager#606
release-1.10 (go deps) - [release-1.10] bump x/net to v0.17 knative-extensions/net-certmanager#608 @ReToCode
release-1.11 (go deps) - [release-1.11] bump x/net to v0.17 knative-extensions/net-certmanager#609 @ReToCode

knative-sandbox/net-http01

release-1.10 - [release-1.10] Rebuild using Go 1.20.10 (to address CVEs) knative-extensions/net-http01#551
release-1.11 - [release-1.11] Rebuild using Go 1.20.10 (to address CVEs) knative-extensions/net-http01#552
release-1.10 (go deps) - [release-1.10] bump x/net to v0.17 knative-extensions/net-http01#554 @nak3
release-1.11 (go deps) - [release-1.11] bump x/net to v0.17 knative-extensions/net-http01#553 @nak3

/cc @skonto @nak3 @KauzClay @dprotaso @davidhadas

The text was updated successfully, but these errors were encountered:

skonto reacted with heart emoji

All reactions

❤️ 1 reaction

ReToCode added kind/question Further information is requested and removed kind/question Further information is requested labels

dprotaso modified the milestone: v1.12.0

Copy link

Member

dprotaso commented Oct 11, 2023

cherry picking is broken - seems like we need to update prow

https://cloud-native.slack.com/archives/C04LY4M2G49/p1696866925712799

All reactions

Sorry, something went wrong.

Copy link

Member

dprotaso commented Oct 11, 2023

ok - prow updated cherry picking is working again

All reactions

Sorry, something went wrong.

Copy link

Member

dprotaso commented Oct 11, 2023

Ok branches are all up to date - will leave this issue open until the point releases are out

All reactions

Sorry, something went wrong.

Copy link

Member

dprotaso commented Oct 11, 2023

looks like we also need to bump x/net to v0.17.0

see: https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo

golang.org/x/net/http2 v0.17.0,

ReToCode reacted with thumbs up emoji

All reactions

👍 1 reaction

Sorry, something went wrong.

dprotaso mentioned this issue

bump x/net to v1.17 #14512

Merged

This was referenced Oct 12, 2023

[release-1.11] bump x/net to v0.17 #14516

Merged

[release-1.10] bump x/net to v0.17 #14517

Merged

Copy link

Member Author

ReToCode commented Oct 12, 2023

@dprotaso I think we have it all now?

@nak3 thanks for your help!

All reactions

Sorry, something went wrong.

Copy link

Member Author

ReToCode commented Oct 12, 2023

PR for depending image: brancz/kube-rbac-proxy#261

All reactions

Sorry, something went wrong.

This was referenced Oct 12, 2023

[release-1.11] Upgrade to latest dependencies knative/operator#1597

Merged

[release-1.10] Upgrade to latest dependencies knative/operator#1596

Merged

Copy link

Contributor

skonto commented Nov 8, 2023

@ReToCode should we close this one?

ReToCode reacted with thumbs up emoji

All reactions

👍 1 reaction

Sorry, something went wrong.

ReToCode closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

No branches or pull requests

3 participants

Footer

© 2024 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.