Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update grpc/net to fix CVEs #1438

Merged
merged 2 commits into from
Nov 14, 2023

Conversation

dfarrell07
Copy link
Member

See commit messages for details.

Update generated by `go get -u google.golang.org/grpc`/`go mod tidy` in
the coredns directory.

GHSA-m425-mq94-257g
GHSA-qppj-fm5r-hxr3

This also updates golang.org/x/net, which fixes more CVEs.

GHSA-2wrh-6pvc-2jm9

Signed-off-by: Daniel Farrell <dfarrell@redhat.com>
Update generated by `go get -u golang.org/x/net`/`go mod tidy`.

GHSA-4374-p667-p6c8

Signed-off-by: Daniel Farrell <dfarrell@redhat.com>
@submariner-bot
Copy link
Contributor

🤖 Created branch: z_pr1438/dfarrell07/grpc_cve14
🚀 Full E2E won't run until the "ready-to-test" label is applied. I will add it automatically once the PR has 2 approvals, or you can add it manually.

@tpantelis tpantelis added the ready-to-test When a PR is ready for full E2E testing label Nov 14, 2023
@tpantelis tpantelis enabled auto-merge (rebase) November 14, 2023 05:18
@tpantelis tpantelis merged commit c4d6651 into submariner-io:release-0.14 Nov 14, 2023
24 of 26 checks passed
@submariner-bot
Copy link
Contributor

🤖 Closed branches: [z_pr1438/dfarrell07/grpc_cve14]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
ready-to-test When a PR is ready for full E2E testing security
Projects
No open projects
Status: Done
Development

Successfully merging this pull request may close these issues.

None yet

4 participants