search

kubernetes-sigs / aws-efs-csi-driver

CSI Driver for Amazon EFS https://aws.amazon.com/efs/
Apache License 2.0
693 stars 524 forks source link

Update golang.org dependency #1355

Closed mskanth972 closed 1 month ago

mskanth972 commented 1 month ago

Is this a bug fix or adding new feature? This PR is for Fixing the CVE(CVE-2023-45288) What is this PR about? / Why do we need it? Update golang.org dependency

What testing is done?

updated to fixed version and scanned the image by building manually


┌───────────────────┬────────────────┬──────────┬───────────────────┬──────────────────────────────────┬──────────────────────────────────────────────────────────┐
│      Library      │ Vulnerability  │ Severity │ Installed Version │          Fixed Version           │                          Title                           │
├───────────────────┼────────────────┼──────────┼───────────────────┼──────────────────────────────────┼──────────────────────────────────────────────────────────┤
│ golang.org/x/net  │ CVE-2023-45288 │ MEDIUM   │ v0.17.0           │ 0.23.0
k8s-ci-robot commented 1 month ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mskanth972

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/kubernetes-sigs/aws-efs-csi-driver/blob/master/OWNERS)~~ [mskanth972] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment