Skip to content

Commit

Permalink
Advisories for CVE-2023-48795
Browse files Browse the repository at this point in the history
Signed-off-by: Philippe Deslauriers <[email protected]>
  • Loading branch information
pdeslaur committed Dec 19, 2023
1 parent 69f187f commit 99ea79b
Show file tree
Hide file tree
Showing 15 changed files with 150 additions and 15 deletions.
11 changes: 10 additions & 1 deletion apko.advisories.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
schema-version: 2.0.1
schema-version: 2.0.2

package:
name: apko
Expand Down Expand Up @@ -87,6 +87,15 @@ advisories:
data:
fixed-version: 0.11.3-r0

- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2023-12-19T16:56:36Z
type: fixed
data:
fixed-version: 0.12.0-r2

- id: GHSA-jq35-85cj-fj4p
events:
- timestamp: 2023-10-31T20:03:39Z
Expand Down
11 changes: 10 additions & 1 deletion argo-cd-2.7.advisories.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
schema-version: 2.0.1
schema-version: 2.0.2

package:
name: argo-cd-2.7
Expand Down Expand Up @@ -99,6 +99,15 @@ advisories:
data:
fixed-version: 2.7.15-r0

- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2023-12-19T18:22:31Z
type: fixed
data:
fixed-version: 2.7.15-r6

- id: CVE-2023-5528
aliases:
- GHSA-hq6q-c2x6-hmch
Expand Down
11 changes: 10 additions & 1 deletion argo-cd-2.8.advisories.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
schema-version: 2.0.1
schema-version: 2.0.2

package:
name: argo-cd-2.8
Expand Down Expand Up @@ -89,6 +89,15 @@ advisories:
data:
fixed-version: 2.8.6-r2

- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2023-12-19T18:22:00Z
type: fixed
data:
fixed-version: 2.8.7-r5

- id: CVE-2023-5528
aliases:
- GHSA-hq6q-c2x6-hmch
Expand Down
11 changes: 10 additions & 1 deletion argo-cd-2.9.advisories.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
schema-version: 2.0.1
schema-version: 2.0.2

package:
name: argo-cd-2.9
Expand Down Expand Up @@ -32,6 +32,15 @@ advisories:
data:
fixed-version: 2.9.2-r1

- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2023-12-19T18:23:00Z
type: fixed
data:
fixed-version: 2.9.3-r4

- id: CVE-2023-5528
aliases:
- GHSA-hq6q-c2x6-hmch
Expand Down
11 changes: 10 additions & 1 deletion argo-workflows.advisories.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
schema-version: 2.0.1
schema-version: 2.0.2

package:
name: argo-workflows
Expand Down Expand Up @@ -33,6 +33,15 @@ advisories:
data:
fixed-version: 3.5.2-r1

- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2023-12-19T16:57:10Z
type: fixed
data:
fixed-version: 3.5.2-r3

- id: GHSA-2c7c-3mj9-8fqh
events:
- timestamp: 2023-11-23T08:30:52Z
Expand Down
11 changes: 10 additions & 1 deletion cadvisor.advisories.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
schema-version: "2"
schema-version: 2.0.2

package:
name: cadvisor
Expand All @@ -22,6 +22,15 @@ advisories:
data:
type: vulnerable-code-version-not-used

- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2023-12-19T16:57:24Z
type: fixed
data:
fixed-version: 0.48.1-r3

- id: GHSA-6xv5-86q9-7xr8
events:
- timestamp: 2023-09-09T15:18:01Z
Expand Down
11 changes: 10 additions & 1 deletion cert-manager-1.11.advisories.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
schema-version: 2.0.1
schema-version: 2.0.2

package:
name: cert-manager-1.11
Expand Down Expand Up @@ -62,6 +62,15 @@ advisories:
data:
fixed-version: 1.11.5-r6

- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2023-12-19T16:57:47Z
type: fixed
data:
fixed-version: 1.11.5-r9

- id: GHSA-jq35-85cj-fj4p
events:
- timestamp: 2023-11-17T11:21:22Z
Expand Down
11 changes: 10 additions & 1 deletion cert-manager-1.12.advisories.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
schema-version: 2.0.1
schema-version: 2.0.2

package:
name: cert-manager-1.12
Expand Down Expand Up @@ -52,6 +52,15 @@ advisories:
data:
fixed-version: 1.12.6-r1

- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2023-12-19T16:58:13Z
type: fixed
data:
fixed-version: 1.12.7-r2

- id: GHSA-jq35-85cj-fj4p
events:
- timestamp: 2023-11-17T11:21:48Z
Expand Down
11 changes: 10 additions & 1 deletion cert-manager-1.13.advisories.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
schema-version: 2.0.1
schema-version: 2.0.2

package:
name: cert-manager-1.13
Expand Down Expand Up @@ -52,6 +52,15 @@ advisories:
data:
fixed-version: 1.13.2-r1

- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2023-12-19T16:58:38Z
type: fixed
data:
fixed-version: 1.13.3-r1

- id: GHSA-2c7c-3mj9-8fqh
events:
- timestamp: 2023-11-23T08:31:08Z
Expand Down
11 changes: 10 additions & 1 deletion flux-helm-controller.advisories.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
schema-version: 2.0.1
schema-version: 2.0.2

package:
name: flux-helm-controller
Expand Down Expand Up @@ -62,6 +62,15 @@ advisories:
type: vulnerable-code-not-included-in-package
note: Only affects Windows

- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2023-12-19T16:59:03Z
type: fixed
data:
fixed-version: 0.37.1-r1

- id: GHSA-6xv5-86q9-7xr8
events:
- timestamp: 2023-09-09T15:18:03Z
Expand Down
11 changes: 10 additions & 1 deletion flux-image-automation-controller.advisories.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
schema-version: 2.0.1
schema-version: 2.0.2

package:
name: flux-image-automation-controller
Expand Down Expand Up @@ -42,6 +42,15 @@ advisories:
type: vulnerable-code-not-included-in-package
note: Only affects Windows

- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2023-12-19T16:59:23Z
type: fixed
data:
fixed-version: 0.37.0-r2

- id: GHSA-6xv5-86q9-7xr8
events:
- timestamp: 2023-09-09T15:18:06Z
Expand Down
11 changes: 10 additions & 1 deletion flux-image-reflector-controller.advisories.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
schema-version: 2.0.1
schema-version: 2.0.2

package:
name: flux-image-reflector-controller
Expand Down Expand Up @@ -42,6 +42,15 @@ advisories:
type: vulnerable-code-not-included-in-package
note: Only affects Windows

- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2023-12-19T16:59:41Z
type: fixed
data:
fixed-version: 0.31.1-r1

- id: GHSA-jq35-85cj-fj4p
events:
- timestamp: 2023-10-31T20:03:46Z
Expand Down
11 changes: 10 additions & 1 deletion flux-kustomize-controller.advisories.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
schema-version: 2.0.1
schema-version: 2.0.2

package:
name: flux-kustomize-controller
Expand Down Expand Up @@ -52,6 +52,15 @@ advisories:
type: vulnerable-code-not-included-in-package
note: Only affects Windows

- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2023-12-19T16:59:56Z
type: fixed
data:
fixed-version: 1.2.1-r1

- id: GHSA-2c7c-3mj9-8fqh
events:
- timestamp: 2023-11-23T08:32:23Z
Expand Down
11 changes: 10 additions & 1 deletion flux-source-controller.advisories.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
schema-version: 2.0.1
schema-version: 2.0.2

package:
name: flux-source-controller
Expand Down Expand Up @@ -61,6 +61,15 @@ advisories:
data:
note: Pending upstream fix, this will require more upgrades in the code to support the cosign update. GitHub Issue https://github.com/fluxcd/source-controller/pull/1280

- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2023-12-19T17:00:24Z
type: fixed
data:
fixed-version: 1.2.3-r1

- id: GHSA-2c7c-3mj9-8fqh
events:
- timestamp: 2023-11-23T08:32:38Z
Expand Down
11 changes: 10 additions & 1 deletion flux.advisories.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
schema-version: 2.0.1
schema-version: 2.0.2

package:
name: flux
Expand Down Expand Up @@ -42,6 +42,15 @@ advisories:
type: vulnerable-code-not-included-in-package
note: Only affects Windows

- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2023-12-19T17:00:35Z
type: fixed
data:
fixed-version: 2.2.1-r1

- id: GHSA-jq35-85cj-fj4p
events:
- timestamp: 2023-10-31T20:03:44Z
Expand Down

0 comments on commit 99ea79b

Please sign in to comment.