Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade to Go 1.22.5 to fix CVE-2024-24791 #261

Merged
merged 1 commit into from
Jul 8, 2024
Merged

Upgrade to Go 1.22.5 to fix CVE-2024-24791 #261

merged 1 commit into from
Jul 8, 2024

Conversation

nacx
Copy link
Collaborator

@nacx nacx commented Jul 8, 2024

@nacx nacx changed the title Upgrade to GO 1.22.5 to fix CVE-2024-24791 Upgrade to Go 1.22.5 to fix CVE-2024-24791 Jul 8, 2024
@codecov-commenter
Copy link

⚠️ Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

All modified and coverable lines are covered by tests ✅

Please upload report for BASE (main@9a33557). Learn more about missing BASE report.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #261   +/-   ##
=======================================
  Coverage        ?   90.64%           
=======================================
  Files           ?       25           
  Lines           ?     1603           
  Branches        ?        0           
=======================================
  Hits            ?     1453           
  Misses          ?      107           
  Partials        ?       43

@istio-testing istio-testing merged commit 2360795 into istio-ecosystem:main Jul 8, 2024
13 checks passed
@nacx nacx deleted the upgrade-go branch July 8, 2024 21:14
mjnagel referenced this pull request in defenseunicorns/uds-core Sep 17, 2024
@renovate @mjnagel
chore(deps): update authservice to v1.0.2 (#738)
3328b08 
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[cgr.dev/du-uds-defenseunicorns/authservice-fips](https://images.chainguard.dev/directory/image/authservice-fips/overview)
([source](https://redirect.github.com/chainguard-images/images-private/tree/HEAD/images/authservice-fips))
| patch | `1.0.1` -> `1.0.2` |
|
[ghcr.io/istio-ecosystem/authservice/authservice](https://redirect.github.com/istio-ecosystem/authservice)
| patch | `1.0.1` -> `1.0.2` |
|
[registry1.dso.mil/ironbank/istio-ecosystem/authservice](https://redirect.github.com/istio-ecosystem/authservice)
([source](https://repo1.dso.mil/dsop/istio-ecosystem/authservice)) |
patch | `1.0.1-ubi9` -> `1.0.2-ubi9` |

---

### Release Notes

<details>
<summary>istio-ecosystem/authservice
(ghcr.io/istio-ecosystem/authservice/authservice)</summary>

###
[`v1.0.2`](https://redirect.github.com/istio-ecosystem/authservice/releases/tag/v1.0.2)

[Compare
Source](https://redirect.github.com/istio-ecosystem/authservice/compare/v1.0.1...v1.0.2)

This is a small bugfix release that includes fixes for several CVEs.

##### What's Changed

- Upgrade to Go 1.22.4 by
[@&#8203;nacx](https://redirect.github.com/nacx) in
[https://github.com/istio-ecosystem/authservice/pull/260](https://redirect.github.com/istio-ecosystem/authservice/pull/260)
- Upgrade to Go 1.22.5 to fix CVE-2024-24791 by
[@&#8203;nacx](https://redirect.github.com/nacx) in
[https://github.com/istio-ecosystem/authservice/pull/261](https://redirect.github.com/istio-ecosystem/authservice/pull/261)
- Upgrade to Go 1.23.1 by
[@&#8203;nacx](https://redirect.github.com/nacx) in
[https://github.com/istio-ecosystem/authservice/pull/264](https://redirect.github.com/istio-ecosystem/authservice/pull/264)

**Full Changelog**:
istio-ecosystem/authservice@v1.0.1...v1.0.2

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/defenseunicorns/uds-core).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC41OS4yIiwidXBkYXRlZEluVmVyIjoiMzguNzQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Micah Nagel <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sergicastro sergicastro sergicastro approved these changes

@ZackButcher ZackButcher Awaiting requested review from ZackButcher ZackButcher is a code owner

Assignees
No one assigned
Labels
size/XS
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@nacx @codecov-commenter @sergicastro @istio-testing