Update go version to 1.23.1 in csi-snapshotter current version has security issue CVE-2024-34156 - Githubissues

kubernetes-csi / external-snapshotter

Sidecar container that watches Kubernetes Snapshot CRD objects and triggers CreateSnapshot/DeleteSnapshot against a CSI endpoint.

Apache License 2.0

490 stars 371 forks source link

Update go version to 1.23.1 in csi-snapshotter current version has security issue CVE-2024-34156 #1158

Closed manishym closed 1 month ago

manishym commented 1 month ago

What happened: Trivy vulnerability scanner test failed on PR: https://github.com/kubernetes-csi/external-snapshotter/pull/1152

What you expected to happen: Trivy vulnerability scanner test should not fail. How to reproduce it: Fails as part of PR checks. Anything else we need to know?: https://github.com/kubernetes-csi/external-snapshotter/actions/runs/10734252511/job/29995629875?pr=1152#step:6:38 Environment: CICD

Driver version:
Kubernetes version (use kubectl version):
OS (e.g. from /etc/os-release):
Kernel (e.g. uname -a):
Install tools:
Others:

Madhu-1 commented 1 month ago

Note:- we already have a PR to fix this one https://github.com/kubernetes-csi/external-snapshotter/pull/1156

manishym commented 1 month ago

fixed by https://github.com/kubernetes-csi/external-snapshotter/pull/1156