search

kubernetes / git-sync

A sidecar app which clones a git repo and keeps it in sync with the upstream.
Apache License 2.0
2.14k stars 409 forks source link

git-sync Multiple Vulnerabilities #906

Closed laurentailylabs closed 2 days ago

laurentailylabs commented 3 days ago

Multiple vulnerabilities reported in zlib, openSSH, and GNULibc can be exploited to e.g. execute arbitrary code.

Can you please update the base image ?

thockin commented 2 days ago

ACK

thockin commented 2 days ago

https://github.com/kubernetes/k8s.io/pull/6941

thockin commented 2 days ago

https://github.com/kubernetes/git-sync/releases/tag/v4.2.4