Skip to content

[release-1.24] fix: switch base image to fix CVEs and CVE-2023-2431 #1302

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 29, 2023
Merged

[release-1.24] fix: switch base image to fix CVEs and CVE-2023-2431 #1302

merged 3 commits into from
Jun 29, 2023

Conversation

andyzhangx
Copy link
Member

@andyzhangx andyzhangx commented Jun 28, 2023
edited
Loading

What type of PR is this?
/kind bug

What this PR does / why we need it:
cherrypick of #1175 and also fixes CVE-2023-2431

azurefileplugin (gobinary)
==========================
Total: 1 (UNKNOWN: 0, LOW: 1, MEDIUM: 0, HIGH: 0, CRITICAL: 0)

┌───────────────────┬───────────────┬──────────┬───────────────────┬──────────────────────────────────┬─────────────────────────────────────────────────────────────┐
│      Library      │ Vulnerability │ Severity │ Installed Version │          Fixed Version           │                            Title                            │
├───────────────────┼───────────────┼──────────┼───────────────────┼──────────────────────────────────┼─────────────────────────────────────────────────────────────┤
│ k8s.io/kubernetes │ CVE-2023-2[43](https://github.com/kubernetes-sigs/azurefile-csi-driver/actions/runs/5396811259/jobs/9800857730#step:6:44)1 │ LOW      │ v1.24.0-alpha.4   │ 1.27.2, 1.26.5, 1.25.10, 1.24.14 │ A security issue was discovered in Kubelet that allows pods │
│                   │               │          │                   │                                  │ to bypass...                                                │
│                   │               │          │                   │                                  │ https://avd.aquasec.com/nvd/cve-2023-2431                   │
└───────────────────┴───────────────┴──────────┴───────────────────┴──────────────────────────────────┴─────────────────────────────────────────────────────────────┘

Which issue(s) this PR fixes:

Fixes #

Requirements:

Special notes for your reviewer:

Release note:

fix: switch base image to fix CVEs

@k8s-ci-robot k8s-ci-robot added kind/bug Categorizes issue or PR as related to a bug. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Jun 28, 2023
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: andyzhangx

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Jun 28, 2023
@andyzhangx andyzhangx changed the title [release-1.24] fix: switch base image to fix CVEs [release-1.24] fix: switch base image to fix CVEs and CVE-2023-2431 Jun 28, 2023
@andyzhangx andyzhangx force-pushed the switch-base-image-1.24 branch from b0827b5 to 0cb6cf1 Compare June 28, 2023 07:52
@andyzhangx
Copy link
Member Author

/retest

5 similar comments
@andyzhangx
Copy link
Member Author

/retest

@andyzhangx
Copy link
Member Author

/retest

@andyzhangx
Copy link
Member Author

/retest

@andyzhangx
Copy link
Member Author

/retest

@andyzhangx
Copy link
Member Author

/retest

@andyzhangx andyzhangx force-pushed the switch-base-image-1.24 branch from d92f53d to 65f044a Compare June 29, 2023 00:36
@andyzhangx
Copy link
Member Author

/retest

@andyzhangx andyzhangx merged commit 2f0a9c7 into release-1.24 Jun 29, 2023
@andyzhangx andyzhangx deleted the switch-base-image-1.24 branch August 7, 2023 07:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gnufied gnufied Awaiting requested review from gnufied

@ZeroMagic ZeroMagic Awaiting requested review from ZeroMagic

Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/bug Categorizes issue or PR as related to a bug. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@andyzhangx @k8s-ci-robot