Closed teaton12 closed 3 months ago
Fovty
commented
3 months ago @samuel-esp has already confirmed to recreate his PRs from codeberg here. I believe this will solve the security vulnerabilities.
I am not totally sure about an ETA. If it's urgent, I'll take a look at it myself.
samuel-esp
commented
3 months ago I'll do everything by the end of this week guys, it won't be immediate since i have to merge all my previous PRs in one PR that fits this repo
Fovty
commented
3 months ago All good, thanks for your effort
larssb
commented
3 months ago So v24.6.0 will contain patches to the mentioned CVE's? Thanks.
samuel-esp
commented
3 months ago Made the pull request to fix vulnerabilities #39
Fovty
commented
3 months ago New release available: https://github.com/caas-team/py-kube-downscaler/releases/tag/v24.5.2
Vulnerabilities with v24.4.0
There are 18 vulnerabilities reported in total, with 1 Critical & 2 high.
CVE-2023-37920 - certifi - CRITICAL CVE-2023-43804 - urllib3 - HIGH CVE-2023-50387 - Systemd - HIGH
Will these vulnerabilities be remediated? If so do you have an ETA?
TIA