Upgrade CNI plugins from v1.5.1 to v1.6.0

antrea-io / antrea

Kubernetes networking based on Open vSwitch

https://antrea.io

Apache License 2.0

1.67k stars 370 forks source link

Upgrade CNI plugins from v1.5.1 to v1.6.0 #6796

Open luolanzone opened 2 weeks ago

luolanzone commented 2 weeks ago

For cve-2024-34156

luolanzone commented 2 weeks ago

After did a verification locally, it turns out that the latest cni plugin 1.6.0 still have the CVE, we need to wait the next CNI release to fix it. convert to a draft version first.