Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release-ocm-2.9] ACM-18646: CVE-2025-22869 - change golang.org/x/crypto to openshift/golang-crypto to fix a cve #1062

Merged
merged 1 commit into from
Mar 20, 2025
Merged

[release-ocm-2.9] ACM-18646: CVE-2025-22869 - change golang.org/x/crypto to openshift/golang-crypto to fix a cve #1062

merged 1 commit into from
Mar 20, 2025

Conversation

omer-vishlitzky
Copy link
Contributor

@omer-vishlitzky omer-vishlitzky commented Mar 19, 2025
edited by openshift-ci bot
Loading

ACM-18646: CVE-2025-22869 - change golang.org/x/crypto to openshift/golang-crypto v0.33.1-0.20250310193910-9003f682e581 to
fix a cve while staying on a lower go version, as original dependency fix requires go 1.23

@omer-vishlitzky
ACM-18646: CVE-2025-22869 - change golang.org/x/crypto to openshift/g…
ae2b611 
…olang-crypto v0.33.1-0.20250310193910-9003f682e581 to

fix a cve while staying on a lower go version, as original dependency fix requires go 1.23
@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Mar 19, 2025
@openshift-ci-robot
Copy link

openshift-ci-robot commented Mar 19, 2025
edited by openshift-ci bot
Loading

@omer-vishlitzky: This pull request references ACM-18646 which is a valid jira issue.

In response to this:

ACM-18646: CVE-2025-22869 - change golang.org/x/crypto to openshift/golang-crypto v0.33.1-0.20250310193910-9003f682e581 to
fix a cve while staying on a lower go version, as original dependency fix requires go 1.23

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Mar 19, 2025
@openshift-ci openshift-ci bot requested review from danmanor and oourfali March 19, 2025 22:31
@codecov Codecov
Copy link

codecov bot commented Mar 19, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 54.13%. Comparing base (743c005) to head (ae2b611).
Report is 1 commits behind head on release-ocm-2.9.

Additional details and impacted files

Impacted file tree graph

@@               Coverage Diff                @@
##           release-ocm-2.9    #1062   +/-   ##
================================================
  Coverage            54.13%   54.13%           
================================================
  Files                   14       14           
  Lines                 2941     2941           
================================================
  Hits                  1592     1592           
  Misses                1205     1205           
  Partials               144      144
🚀 New features to boost your workflow:
  • Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Mar 20, 2025

@omer-vishlitzky: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Mar 20, 2025
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Mar 20, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: gamli75, omer-vishlitzky

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 20, 2025
@openshift-merge-bot openshift-merge-bot bot merged commit 2b2bad9 into openshift:release-ocm-2.9 Mar 20, 2025
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gamli75 gamli75 gamli75 approved these changes

@danmanor danmanor Awaiting requested review from danmanor

@oourfali oourfali Awaiting requested review from oourfali

Assignees

@gamli75 gamli75

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@omer-vishlitzky @openshift-ci-robot @gamli75