Closed dobsonj closed 9 months ago
Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all
/lgtm /approve
[APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: dobsonj, msau42
The full list of commands accepted by this bot can be found here.
The pull request process is described here
/retest
/cherry-pick release-3.6
@sunnylovestiramisu: #1132 failed to apply on top of branch "release-3.6":
Applying: CVE-2023-48795: bump golang.org/x/crypto to v0.17.0
Using index info to reconstruct a base tree...
M go.mod
M go.sum
M vendor/golang.org/x/crypto/ssh/handshake.go
M vendor/golang.org/x/crypto/ssh/server.go
M vendor/modules.txt
Falling back to patching base and 3-way merge...
Auto-merging vendor/modules.txt
CONFLICT (content): Merge conflict in vendor/modules.txt
Auto-merging vendor/golang.org/x/crypto/ssh/server.go
CONFLICT (content): Merge conflict in vendor/golang.org/x/crypto/ssh/server.go
Auto-merging vendor/golang.org/x/crypto/ssh/handshake.go
Auto-merging go.sum
CONFLICT (content): Merge conflict in go.sum
Auto-merging go.mod
CONFLICT (content): Merge conflict in go.mod
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 CVE-2023-48795: bump golang.org/x/crypto to v0.17.0
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".
What type of PR is this? /kind bug
What this PR does / why we need it: fix: CVE-2023-48795
Release note: