chore(deps): update module kubevirt.io/kubevirt to v1.2.1 [security] (release-v0.17)

redhat-renovate-bot commented 3 months ago

This PR contains the following updates:

Package	Type	Update	Change
kubevirt.io/kubevirt	require	minor	`v1.1.0` -> `v1.2.1`

KubeVirt NULL pointer dereference flaw

CVE-2024-31420 / GHSA-vjhf-6xfr-5p9g / GO-2024-2688

More information

#### Details A NULL pointer dereference flaw was found in KubeVirt. This flaw allows an attacker who has access to a virtual machine guest on a node with DownwardMetrics enabled to cause a denial of service by issuing a high number of calls to vm-dump-metrics --virtio and then deleting the virtual machine. #### Severity - CVSS Score: 6.5 / 10 (Medium) - Vector String: `CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H` #### References - [https://nvd.nist.gov/vuln/detail/CVE-2024-31420](https://nvd.nist.gov/vuln/detail/CVE-2024-31420) - [https://access.redhat.com/security/cve/CVE-2024-31420](https://access.redhat.com/security/cve/CVE-2024-31420) - [https://bugzilla.redhat.com/show_bug.cgi?id=2272951](https://bugzilla.redhat.com/show_bug.cgi?id=2272951) - [https://github.com/kubevirt/kubevirt](https://togithub.com/kubevirt/kubevirt) This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-vjhf-6xfr-5p9g) and the [GitHub Advisory Database](https://togithub.com/github/advisory-database) ([CC-BY 4.0](https://togithub.com/github/advisory-database/blob/main/LICENSE.md)).

kubevirt allows a local attacker to execute arbitrary code via a crafted command

CVE-2024-33394 / GHSA-4q63-mr2m-57hf / GO-2024-2816

More information

#### Details An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component. #### Severity - CVSS Score: 5.9 / 10 (Medium) - Vector String: `CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L` #### References - [https://nvd.nist.gov/vuln/detail/CVE-2024-33394](https://nvd.nist.gov/vuln/detail/CVE-2024-33394) - [https://gist.github.com/HouqiyuA/1b75e23ece7ad98490aec1c887bdf49b](https://gist.github.com/HouqiyuA/1b75e23ece7ad98490aec1c887bdf49b) - [https://github.com/kubevirt/kubevirt](https://togithub.com/kubevirt/kubevirt) This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-4q63-mr2m-57hf) and the [GitHub Advisory Database](https://togithub.com/github/advisory-database) ([CC-BY 4.0](https://togithub.com/github/advisory-database/blob/main/LICENSE.md)).

Release Notes

kubevirt/kubevirt (kubevirt.io/kubevirt)

### [`v1.2.1`](https://togithub.com/kubevirt/kubevirt/releases/tag/v1.2.1) [Compare Source](https://togithub.com/kubevirt/kubevirt/compare/v1.2.0...v1.2.1) tag v1.2.1 Tagger: Antonio Cardace This release follows v1.2.0 and consists of 288 changes, contributed by 31 people, leading to 423 files changed, 13593 insertions(+), 11123 deletions(-). The source code and selected binaries are available for download at: https://github.com/kubevirt/kubevirt/releases/tag/v1.2.1. The primary release artifact of KubeVirt is the git tree. The release tag is signed and can be verified using `git tag -v v1.2.1`. Pre-built containers are published on Quay and can be viewed at: . ## Notable changes - \[PR [#11986](https://togithub.com/kubevirt/kubevirt/issues/11986)]\[fossedihelm] Restart of a VM is required when the CPU socket count is reduced - \[PR [#11977](https://togithub.com/kubevirt/kubevirt/issues/11977)]\[fossedihelm] Bug fix: Correctly reflect RestartRequired condition - \[PR [#11972](https://togithub.com/kubevirt/kubevirt/issues/11972)]\[fossedihelm] Fix RerunOnFailure RunStrategy - \[PR [#11966](https://togithub.com/kubevirt/kubevirt/issues/11966)]\[lyarwood] `VirtualMachines` referencing an instance type are now allowed when the `LiveUpdate` feature is enabled and will trigger the `RestartRequired` condition if the reference within the `VirtualMachine` is changed. - \[PR [#11649](https://togithub.com/kubevirt/kubevirt/issues/11649)]\[kubevirt-bot] Updated common-instancetypes bundles to v1.0.0 - \[PR [#11866](https://togithub.com/kubevirt/kubevirt/issues/11866)]\[kubevirt-bot] Fix the live updates for volumes and disks - \[PR [#11853](https://togithub.com/kubevirt/kubevirt/issues/11853)]\[fossedihelm] Updated go version of the client-go to 1.21 - \[PR [#11691](https://togithub.com/kubevirt/kubevirt/issues/11691)]\[kubevirt-bot] Improve the handling of ordinal pod interface name for upgrade - \[PR [#11675](https://togithub.com/kubevirt/kubevirt/issues/11675)]\[tiraboschi] Make 'image' field in hook sidecar annotation optional. - \[PR [#11761](https://togithub.com/kubevirt/kubevirt/issues/11761)]\[avlitman] New memory statistics added named kubevirt_memory_delta_from_requested_bytes - \[PR [#11720](https://togithub.com/kubevirt/kubevirt/issues/11720)]\[assafad] Collect VMI OS info from the Guest agent as `kubevirt_vmi_phase_count` metric labels - \[PR [#11656](https://togithub.com/kubevirt/kubevirt/issues/11656)]\[kubevirt-bot] Build the `passt`custom CNI binary statically, for the `passt` network binding plugin. - \[PR [#11582](https://togithub.com/kubevirt/kubevirt/issues/11582)]\[kubevirt-bot] Expose volumesnapshot error in vmsnapshot object - \[PR [#11502](https://togithub.com/kubevirt/kubevirt/issues/11502)]\[kubevirt-bot] Allow to hotplug memory for VMs with memory limits set - \[PR [#11510](https://togithub.com/kubevirt/kubevirt/issues/11510)]\[kubevirt-bot] Reduce the downwardMetrics server maximum number of request per second to 1. - \[PR [#11464](https://togithub.com/kubevirt/kubevirt/issues/11464)]\[kubevirt-bot] Bugfix: Allow vmexport download redirections by printing logs into stderr - \[PR [#11463](https://togithub.com/kubevirt/kubevirt/issues/11463)]\[kubevirt-bot] Bugfix: Improve handling of IOThreads with incompatible buses - \[PR [#11480](https://togithub.com/kubevirt/kubevirt/issues/11480)]\[kubevirt-bot] Build KubeVirt with Go version 1.21.8 - \[PR [#11371](https://togithub.com/kubevirt/kubevirt/issues/11371)]\[kubevirt-bot] More information in the migration state of VMI / migration objects - \[PR [#11396](https://togithub.com/kubevirt/kubevirt/issues/11396)]\[kubevirt-bot] BugFix: Ensure DataVolumes created by virt-controller (DataVolumeTemplates) are recreated and owned by the VM in the case of DR and backup/restore. - \[PR [#11263](https://togithub.com/kubevirt/kubevirt/issues/11263)]\[alromeros] Bugfix: Improve error reporting when fsfreeze fails - \[PR [#11422](https://togithub.com/kubevirt/kubevirt/issues/11422)]\[kubevirt-bot] add perf-scale benchmarks for release v1.2 - \[PR [#11318](https://togithub.com/kubevirt/kubevirt/issues/11318)]\[fossedihelm] fix(vmclone): delete vmclone resource when the target vm is deleted - \[PR [#11393](https://togithub.com/kubevirt/kubevirt/issues/11393)]\[kubevirt-bot] Bug-fix: Fix nil panic if VM update fails - \[PR [#11354](https://togithub.com/kubevirt/kubevirt/issues/11354)]\[kubevirt-bot] Fix perfscale buckets error - \[PR [#11378](https://togithub.com/kubevirt/kubevirt/issues/11378)]\[fossedihelm] fix(ksm): set the `kubevirt.io/ksm-enabled` node label to true if the ksm is managed by KubeVirt, instead of reflect the actual ksm value. ## Contributors 31 people contributed to this release: 112 fossedihelm 22 Luboslav Pivarc 12 Shelly Kagan 8 Antonio Cardace 6 Alvaro Romero 5 João Vilaça 4 Alice Frosi 4 Assaf Admi 4 Dharmit Shah 4 Jed Lejosne 4 Lee Yarwood 3 Alex Kalenyuk 3 Felix Matouschek 3 Michael Henriksen 3 avlitman 3 bmordeha 2 Brian Carey 2 Javier Cano Cano 2 Ram Lavi 2 Vicente Cheng 2 howard zhang 1 Alay Patel 1 Andrea Bolognani 1 Andrej Krejcir 1 Daniel Hiller 1 Edu Gómez Escandell 1 Edward Haas 1 Orel Misan 1 Shahaf Bahar ## Additional Resources - Mailing list: - Slack: - An easy to use demo: - [How to contribute][contributing] - [License][license] [contributing]: https://togithub.com/kubevirt/kubevirt/blob/main/CONTRIBUTING.md [license]: https://togithub.com/kubevirt/kubevirt/blob/main/LICENSE *** \-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEEL3WFe2eU+K2zCASGa/gKvUPjd9MFAmZVlX8UHGFjYXJkYWNl QHJlZGhhdC5jb20ACgkQa/gKvUPjd9PHcg/9GKOBdiJvG4qKA/fLOvTyJrhFIoli S2OSnpEOEtQq2AnFrgQD8cIgpX9WahWYjKL841rbxmvOAKAuw868913/Y36R75Le xuyDVuN2dFdblCcx7oFw2USPWeThVqG283E+qhss+GHVuIFXGHatFYaI966QI9Xr qyNIj+hnjyLZsaq8CWowSlIWF73leRfj1csw5XkbcWU4rAgDzKHLJoYQeX3Ekkma rhn0NwYJi4jYHRxFzPhDGXwVn1ItwwtutyWQj1EnIxt04XojxZ8pyHJ6dBv96Hwc 3bo68aG9JmGI9P7bs7+5wbMlMFdHZVrSc44JxXcv6N6D1OVWQPJfSkFVKAMhHxZ9 vycFdBJ/1p3T4gu9loM063syw98L4UDBMmCZgfunn0gdgie9OsFTzVaFvi1brQ7E dMfvr1oj8t1TOWZo71rBIDWULlwryMS9NWsVT84CteTTaVOEUva02UIf6l7CV9oq DBax71hCK7vLGqBFT4evu8g9TNtmK9LArHVBeMwe16qXVlIyIqVeujBmLVr7Qly3 X6F96i+HqaUWyCRceTX1uOhD/r9AjghHzFJwDQX2C9+c3zFI/9/cy2ajwNemEHgx X1xf9vi17bn1HT+oRRoH+slf9JdHFW0T2pFvBcwNhakyaN45gG6k4K4nGGKNrw8U MDze3ObziJMJeuQ= \=gs80 \-----END PGP SIGNATURE----- ### [`v1.2.0`](https://togithub.com/kubevirt/kubevirt/releases/tag/v1.2.0) [Compare Source](https://togithub.com/kubevirt/kubevirt/compare/v1.1.1...v1.2.0) tag v1.2.0 Tagger: Antonio Cardace This release follows v1.1.1 and consists of 822 changes, contributed by 65 people, leading to 1234 files changed, 46897 insertions(+), 22403 deletions(-). v1.2.0 is a promotion of release candidate v1.2.0-rc.1 which was originally published 2024-02-26 The source code and selected binaries are available for download at: https://github.com/kubevirt/kubevirt/releases/tag/v1.2.0. The primary release artifact of KubeVirt is the git tree. The release tag is signed and can be verified using `git tag -v v1.2.0`. Pre-built containers are published on Quay and can be viewed at: . ## Notable changes ##### API change - [\[PR #11064\]](https://togithub.com/kubevirt/kubevirt/pull/11064) \[AlonaKaplan] Introduce a new API to mark a binding plugin as migratable. - [\[PR #10970\]](https://togithub.com/kubevirt/kubevirt/pull/10970) \[alromeros] Expose fs disk information via GuestOsInfo - [\[PR #10905\]](https://togithub.com/kubevirt/kubevirt/pull/10905) \[tiraboschi] Aggregate DVs conditions on VMI (and so VM) - [\[PR #10872\]](https://togithub.com/kubevirt/kubevirt/pull/10872) \[RamLavi] IsolateEmulatorThread: Add cluster-wide parity completion setting - [\[PR #10846\]](https://togithub.com/kubevirt/kubevirt/pull/10846) \[RamLavi] Change vm.status.PrintableStatus default value to "Stopped" - [\[PR #10774\]](https://togithub.com/kubevirt/kubevirt/pull/10774) \[victortoso] Windows offline activation with ACPI SLIC table - [\[PR #10732\]](https://togithub.com/kubevirt/kubevirt/pull/10732) \[AlonaKaplan] Extend kubvirt CR by adding domain attachment option to the network binding plugin API. - [\[PR #10658\]](https://togithub.com/kubevirt/kubevirt/pull/10658) \[matthewei] Support "Clone API" to filter VirtualMachine.spec.template.annotation and VirtualMachine.spec.template.label ##### Bug fix - [\[PR #11271\]](https://togithub.com/kubevirt/kubevirt/pull/11271) \[kubevirt-bot] Bug fix: VM controller doesn't corrupt its cache anymore - [\[PR #11242\]](https://togithub.com/kubevirt/kubevirt/pull/11242) \[kubevirt-bot] Fix migration breaking in case the VM has an rng device after hotplugging a block volume on cgroupsv2 - [\[PR #11069\]](https://togithub.com/kubevirt/kubevirt/pull/11069) \[ormergi] Bug fix: Packet drops during the initial phase of VM live migration https://issues.redhat.com/browse/CNV-28040 - [\[PR #11065\]](https://togithub.com/kubevirt/kubevirt/pull/11065) \[fossedihelm] fix(vmclone): Generate VM patches from vmsnapshotcontent, instead of current VM - [\[PR #10963\]](https://togithub.com/kubevirt/kubevirt/pull/10963) \[alromeros] Bugfix: Reject volume exports when no output is specified - [\[PR #10888\]](https://togithub.com/kubevirt/kubevirt/pull/10888) \[fossedihelm] \[Bugfix] Clone VM with WaitForFirstConsumer binding mode PVC now works. - [\[PR #10860\]](https://togithub.com/kubevirt/kubevirt/pull/10860) \[akalenyu] BugFix: Double cloning with filter fails isolateEmulatorThread feature ([BZ#2228103](https://togithub.com/BZ/kubevirt/issues/2228103)). - [\[PR #10845\]](https://togithub.com/kubevirt/kubevirt/pull/10845) \[orelmisan] Reject VirtualMachineClone creation when target name is equal to source name - [\[PR #10753\]](https://togithub.com/kubevirt/kubevirt/pull/10753) \[victortoso] Fixes permission when using USB host passthrough - [\[PR #10747\]](https://togithub.com/kubevirt/kubevirt/pull/10747) \[acardace] Fix KubeVirt for CRIO 1.28 by using checksums to verify containerdisks when migrating VMIs - [\[PR #10699\]](https://togithub.com/kubevirt/kubevirt/pull/10699) \[qinqon] virt-launcher: fix qemu non root log path - [\[PR #10689\]](https://togithub.com/kubevirt/kubevirt/pull/10689) \[akalenyu] BugFix: cgroupsv2 device allowlist is bound to virt-handler internal state/block disk device overwritten on hotplug - [\[PR #10593\]](https://togithub.com/kubevirt/kubevirt/pull/10593) \[RamLavi] Fixes SMT Alignment Error in virt-launcher pod by optimizing - [\[PR #11050\]](https://togithub.com/kubevirt/kubevirt/pull/11050) \[fossedihelm] restrict default cluster role to authenticated only users - [\[PR #11047\]](https://togithub.com/kubevirt/kubevirt/pull/11047) \[jschintag] Fix potential crash when trying to list USB devices on host without any - [\[PR #10916\]](https://togithub.com/kubevirt/kubevirt/pull/10916) \[orelmisan] Fix the value of VMI `Status.GuestOSInfo.Version` - [\[PR #10046\]](https://togithub.com/kubevirt/kubevirt/pull/10046) \[victortoso] Add v1alpha3 for hooks and fix migration when using sidecars ##### Deprecation - [\[PR #10924\]](https://togithub.com/kubevirt/kubevirt/pull/10924) \[AlonaKaplan] Deprecate macvtap ##### SIG-compute - [\[PR #11054\]](https://togithub.com/kubevirt/kubevirt/pull/11054) \[jean-edouard] New cluster-wide `vmRolloutStrategy` setting to define whether changes to VMs should either be always staged or live-updated when possible. - [\[PR #10961\]](https://togithub.com/kubevirt/kubevirt/pull/10961) \[jcanocan] Reduced VM rescheduling time on node failure - [\[PR #10840\]](https://togithub.com/kubevirt/kubevirt/pull/10840) \[acardace] Requests/Limits can now be configured when using CPU/Memory hotplug - [\[PR #10839\]](https://togithub.com/kubevirt/kubevirt/pull/10839) \[RamLavi] Change second emulator thread assign strategy to best-effort. - [\[PR #10809\]](https://togithub.com/kubevirt/kubevirt/pull/10809) \[orelmisan] Source virt-launcher: Log migration info by default - [\[PR #10783\]](https://togithub.com/kubevirt/kubevirt/pull/10783) \[RamLavi] Support multiple CPUs in Housekeeping cgroup - [\[PR #11001\]](https://togithub.com/kubevirt/kubevirt/pull/11001) \[fossedihelm] Allow `kubevirt.io:default` clusterRole to get,list kubevirts - [\[PR #10918\]](https://togithub.com/kubevirt/kubevirt/pull/10918) \[orelmisan] VMClone: Emit an event in case restore creation fails - [\[PR #10898\]](https://togithub.com/kubevirt/kubevirt/pull/10898) \[matthewei] vmi status's guestOsInfo adds `Machine` ##### SIG-storage - [\[PR #10657\]](https://togithub.com/kubevirt/kubevirt/pull/10657) \[germag] Exposing Filesystem Persistent Volumes (PVs) to the VM using unprivilege virtiofsd. - [\[PR #10529\]](https://togithub.com/kubevirt/kubevirt/pull/10529) \[alromeros] Allow LUN disks to be hotplugged ##### SIG-network - [\[PR #10981\]](https://togithub.com/kubevirt/kubevirt/pull/10981) \[AlonaKaplan] Report IP of interfaces using network binding plugin. - [\[PR #10866\]](https://togithub.com/kubevirt/kubevirt/pull/10866) \[AlonaKaplan] Raise an error in case passt feature gate or API are used. - [\[PR #10800\]](https://togithub.com/kubevirt/kubevirt/pull/10800) \[AlonaKaplan] Support macvtap as a binding plugin - [\[PR #10425\]](https://togithub.com/kubevirt/kubevirt/pull/10425) \[ormergi] Introduce network binding plugin for Passt networking, interfacing with Kubevirt new network binding plugin API. ##### SIG-infra - [\[PR #11025\]](https://togithub.com/kubevirt/kubevirt/pull/11025) \[0xFelix] Allow unprivileged users read-only access to VirtualMachineCluster{Instancetypes,Preferences} by default. - [\[PR #10922\]](https://togithub.com/kubevirt/kubevirt/pull/10922) \[kubevirt-bot] Updated common-instancetypes bundles to v0.4.0 ##### SIG-scale - [\[PR #10571\]](https://togithub.com/kubevirt/kubevirt/pull/10571) \[tiraboschi] vmi memory footprint increase by 35M when guest serial console logging is turned on (default on). ##### Monitoring - [\[PR #10982\]](https://togithub.com/kubevirt/kubevirt/pull/10982) \[machadovilaca] Refactor monitoring metrics - [\[PR #10962\]](https://togithub.com/kubevirt/kubevirt/pull/10962) \[machadovilaca] Update monitoring file structure - [\[PR #10853\]](https://togithub.com/kubevirt/kubevirt/pull/10853) \[machadovilaca] Refactor monitoring collectors - [\[PR #10700\]](https://togithub.com/kubevirt/kubevirt/pull/10700) \[machadovilaca] Refactor monitoring alerts - [\[PR #10693\]](https://togithub.com/kubevirt/kubevirt/pull/10693) \[machadovilaca] Remove MigrateVmiDiskTransferRateMetric - [\[PR #10651\]](https://togithub.com/kubevirt/kubevirt/pull/10651) \[machadovilaca] Refactor monitoring recording-rules - [\[PR #10570\]](https://togithub.com/kubevirt/kubevirt/pull/10570) \[machadovilaca] Fix LowKVMNodesCount not firing - [\[PR #10418\]](https://togithub.com/kubevirt/kubevirt/pull/10418) \[machadovilaca] Add total VMs created metric ##### Uncategorized - [\[PR #11144\]](https://togithub.com/kubevirt/kubevirt/pull/11144) \[0xFelix] virtctl: Specifying size when creating a VM and using --volume-import to clone a PVC or a VolumeSnapshot is optional now - [\[PR #11122\]](https://togithub.com/kubevirt/kubevirt/pull/11122) \[brianmcarey] Update runc dependency to v1.1.12 - [\[PR #11068\]](https://togithub.com/kubevirt/kubevirt/pull/11068) \[brianmcarey] Update container base image to use current stable debian 12 base - [\[PR #10914\]](https://togithub.com/kubevirt/kubevirt/pull/10914) \[brianmcarey] KubeVirt is now built with go 1.21.5 - [\[PR #10879\]](https://togithub.com/kubevirt/kubevirt/pull/10879) \[brianmcarey] Built with golang 1.20.12 - [\[PR #10863\]](https://togithub.com/kubevirt/kubevirt/pull/10863) \[dhiller] Remove year from generated code copyright - [\[PR #10787\]](https://togithub.com/kubevirt/kubevirt/pull/10787) \[matthewei] virtctl support to add template label and annotation filters - [\[PR #10720\]](https://togithub.com/kubevirt/kubevirt/pull/10720) \[awels] Restored hotplug attachment pod request/limit to original value - [\[PR #10637\]](https://togithub.com/kubevirt/kubevirt/pull/10637) \[dharmit] Functional tests for sidecar hook with ConfigMap - [\[PR #10615\]](https://togithub.com/kubevirt/kubevirt/pull/10615) \[orelmisan] Remove leftover NonRoot feature gate - [\[PR #10598\]](https://togithub.com/kubevirt/kubevirt/pull/10598) \[alicefr] Add PVC option to the hook sidecars for supplying additional debugging tools - [\[PR #10596\]](https://togithub.com/kubevirt/kubevirt/pull/10596) \[mhenriks] Disable HTTP/2 to mitigate CVE-2023-44487 - [\[PR #10582\]](https://togithub.com/kubevirt/kubevirt/pull/10582) \[orelmisan] Remove leftover NonRootExperimental feature gate - [\[PR #10567\]](https://togithub.com/kubevirt/kubevirt/pull/10567) \[awels] Attachment pod creation is now rate limited - [\[PR #10526\]](https://togithub.com/kubevirt/kubevirt/pull/10526) \[cfilleke] Documents steps to build the KubeVirt builder container - [\[PR #10479\]](https://togithub.com/kubevirt/kubevirt/pull/10479) \[dharmit] Ability to run scripts through hook sidecardevice - [\[PR #10244\]](https://togithub.com/kubevirt/kubevirt/pull/10244) \[hshitomi] Added “adm” subcommand under “virtctl”, and “log-verbosity" subcommand under “adm”. The log-verbosity command is: to show the log verbosity of one or more components, to set the log verbosity of one or more components, and to reset the log verbosity of all components (reset to the default verbosity (2)). ## Contributors 65 people contributed to this release: 52 fossedihelm 38 Luboslav Pivarc 34 Alona Paz 33 Edward Haas 31 Brian Carey 27 João Vilaça 25 Or Mergi 24 Dan Kenigsberg 24 Jed Lejosne 19 Victor Toso 16 Alex Kalenyuk 16 Antonio Cardace 16 Ram Lavi 14 Orel Misan 13 Felix Matouschek 11 Alvaro Romero 11 Or Shoval 10 Dharmit Shah 8 Alice Frosi 7 Fabian Deutsch 7 howard zhang 7 stirabos 6 Vasiliy Ulyanov 6 prnaraya 5 Daniel Hiller 4 Denis Ollier 4 Igor Bezukh 3 Alexander Wels 3 Michael Henriksen 3 Nahshon Unna-Tsameret 2 Dalia Frank 2 Jan Schintag 2 Javier Cano Cano 2 Shelly Kagan 2 shenwei 2 wuhanqing 2 zhuanlan 1 Alay Patel 1 Andrea Bolognani 1 Andrej Krejcir 1 Andrew Burden 1 Bart Vercoulen 1 Ben Oukhanov 1 Eng Zer Jun 1 Enrique Llorente 1 Erik Panter 1 German Maglione 1 Hidehisa Shitomi 1 Karel Simon 1 Lee Yarwood 1 Marcelo Amaral 1 Ohad 1 Ondrej Pokorny 1 Romain Decker 1 Wenhui Zhang 1 cfillekes 1 haojue 1 matthewei <86186853+matthewei@users.noreply.github.com> 1 matthewei 1 muxuelan 1 rokkiter 1 wangjihai 1 xiaofang ## Additional Resources - Mailing list: - Slack: - An easy to use demo: - [How to contribute][contributing] - [License][license] [contributing]: https://togithub.com/kubevirt/kubevirt/blob/main/CONTRIBUTING.md [license]: https://togithub.com/kubevirt/kubevirt/blob/main/LICENSE *** \-----BEGIN PGP SIGNATURE----- iQJIBAABCAAyFiEEL3WFe2eU+K2zCASGa/gKvUPjd9MFAmXnf6AUHGFjYXJkYWNl QHJlZGhhdC5jb20ACgkQa/gKvUPjd9MnKhAAq7FarHyi742Ara/2KdSnICUrwx2w ud9VQvPuvb0t9PbH4feUZar5cGg1thFZXf7kx5xk+1vEvHD1Wue5h2t5i0+qq17C om5fs4ZRy7zIiFWftAglcqLC/3iMTODo3esmReY5ALkwgDgXWRMORBVTAt34xI9+ PO2zTDB3caO1Dr5oDXVVLrgxMl2uPmhZkh46nlgq3AGtmByWrWO3Zdg0S9ym7RMK pA0E+71MX32Tti25lMkdLs4I0+kKHMIdHoLjedYGDoJ8Z+rDqg1e/9JF6/4z/Zl5 ArxMo0HDXmDhLqE4zJN7UdQGUppjj+CiGe4Eiox0rj4nj34vjlHOQDvD2dYdOs4l \+Ca8vPzPMf7dCwuBra7VHJN1t62+wzoqxr1mNQ6Yhf2z87+MCm6i25h8V279ivSA qervlzzBjBDj9H+IwzSZET9sY8uAASz3lvSolhN9JBzX2J5vZXapYpKsbrSMBhOX nyaOUu75Ow7f67fJBnKkF+NR00gtMgPWTvu+rg1yvLFV0W3cTmFJK3aWkktNHwId SQVdCwODyDH9ZlYwceugiqBcEVPUaRcwpFC6kfJBejBsifG4OVgSzHQ5YDNmU2bc pzM6JMxpUnJw3o4VnsM0HdV2q0qb7jcASRVaHTs1lW/Xymiyrlq00sX8mf6Lz0fl Rwne5ssktT+kHd0= \=WB1r \-----END PGP SIGNATURE----- ### [`v1.1.1`](https://togithub.com/kubevirt/kubevirt/releases/tag/v1.1.1) [Compare Source](https://togithub.com/kubevirt/kubevirt/compare/v1.1.0...v1.1.1) tag v1.1.1 Tagger: Luboslav Pivarc This release follows v1.1.0 and consists of 110 changes, contributed by 17 people, leading to 258 files changed, 12215 insertions(+), 3245 deletions(-). The source code and selected binaries are available for download at: https://github.com/kubevirt/kubevirt/releases/tag/v1.1.1. The primary release artifact of KubeVirt is the git tree. The release tag is signed and can be verified using `git tag -v v1.1.1`. Pre-built containers are published on Quay and can be viewed at: . ## Notable changes - \[PR [#10757](https://togithub.com/kubevirt/kubevirt/issues/10757)]\[RamLavi] Fixes SMT Alignment Error in virt-launcher pod by optimizing isolateEmulatorThread feature: https://issues.redhat.com/browse/CNV-31584. - \[PR [#10873](https://togithub.com/kubevirt/kubevirt/issues/10873)]\[kubevirt-bot] Fix KubeVirt for CRIO 1.28 by using checksums to verify containerdisks when migrating VMIs - \[PR [#10869](https://togithub.com/kubevirt/kubevirt/issues/10869)]\[akalenyu] BugFix: Double cloning with filter fails - \[PR [#10854](https://togithub.com/kubevirt/kubevirt/issues/10854)]\[kubevirt-bot] Reject VirtualMachineClone creation when target name is equal to source name - \[PR [#10831](https://togithub.com/kubevirt/kubevirt/issues/10831)]\[kubevirt-bot] Fix macvtap as a binding plugin - \[PR [#10829](https://togithub.com/kubevirt/kubevirt/issues/10829)]\[kubevirt-bot] Fixes device permission when using USB host passthrough - \[PR [#10820](https://togithub.com/kubevirt/kubevirt/issues/10820)]\[kubevirt-bot] Source virt-launcher: Log migration info by default - \[PR [#10816](https://togithub.com/kubevirt/kubevirt/issues/10816)]\[kubevirt-bot] Extend kubvirt CR by adding domain attachment option to the network binding plugin API. - \[PR [#10714](https://togithub.com/kubevirt/kubevirt/issues/10714)]\[kubevirt-bot] BugFix: cgroupsv2 device allowlist is bound to virt-handler internal state/block disk device overwritten on hotplug - \[PR [#10709](https://togithub.com/kubevirt/kubevirt/issues/10709)]\[kubevirt-bot] virt-launcher: fix qemu non root log path - \[PR [#10669](https://togithub.com/kubevirt/kubevirt/issues/10669)]\[kubevirt-bot] Introduce network binding plugin for Passt networking, interfacing with Kubevirt new network binding plugin API. ## Contributors 17 people contributed to this release: 18 Edward Haas 15 Ram Lavi 14 Alona Paz 6 Or Mergi 5 Antonio Cardace 5 Vasiliy Ulyanov 4 Alex Kalenyuk 4 Denis Ollier 3 fossedihelm 2 Orel Misan 2 Victor Toso 1 Enrique Llorente 1 Felix Matouschek 1 Karel Simon 1 Michael Henriksen ## Additional Resources - Mailing list: - Slack: - An easy to use demo: - [How to contribute][contributing] - [License][license] [contributing]: https://togithub.com/kubevirt/kubevirt/blob/main/CONTRIBUTING.md [license]: https://togithub.com/kubevirt/kubevirt/blob/main/LICENSE *** \-----BEGIN PGP SIGNATURE----- iIkEABEIADEWIQS5aL5huPTZew1hSy9m6XN7mspnmQUCZYlexhMcbHBpdmFyY0By ZWRoYXQuY29tAAoJEGbpc3uaymeZt1oA/RZZ8Ci4pBvm0KFbzAug28NiCXeTN0qn DPomhtehWMecAQCpKWSJBJz3r2E6eD8R8zECZPdQRRx3SrimSCQX2ZLoPA== \=uiB8 \-----END PGP SIGNATURE----- Merge pull request [#10757](https://togithub.com/kubevirt/kubevirt/issues/10757) from RamLavi/release-1.1\_add-full-pcpu-only-support \[release 1.1] isolateEmulatorThread: Add full-pcpu-only support

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

redhat-renovate-bot commented 3 months ago

ℹ Artifact update notice

File name: modules/create-vm/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

23 additional dependencies were updated
The go directive was updated for compatibility reasons

Details:

Package	Change
`go`	`1.20` -> `1.22.6`
`github.com/onsi/ginkgo/v2`	`v2.9.4` -> `v2.13.0`
`github.com/onsi/gomega`	`v1.27.6` -> `v1.29.0`
`k8s.io/api`	`v0.27.1` -> `v0.28.1`
`k8s.io/apimachinery`	`v0.27.1` -> `v0.28.1`
`github.com/davecgh/go-spew`	`v1.1.1` -> `v1.1.2-0.20180830191138-d8f796af33cc`
`github.com/emicklei/go-restful/v3`	`v3.9.0` -> `v3.11.0`
`github.com/evanphx/json-patch`	`v4.12.0+incompatible` -> `v5.6.0+incompatible`
`github.com/go-kit/kit`	`v0.10.0` -> `v0.13.0`
`github.com/go-logfmt/logfmt`	`v0.5.1` -> `v0.6.0`
`github.com/go-openapi/jsonpointer`	`v0.19.6` -> `v0.20.0`
`github.com/go-openapi/jsonreference`	`v0.20.1` -> `v0.20.2`
`github.com/go-openapi/swag`	`v0.22.3` -> `v0.22.4`
`github.com/google/go-cmp`	`v0.5.9` -> `v0.6.0`
`github.com/google/uuid`	`v1.3.0` -> `v1.3.1`
`github.com/imdario/mergo`	`v0.3.15` -> `v0.3.16`
`go.uber.org/atomic`	`v1.7.0` -> `v1.9.0`
`go.uber.org/multierr`	`v1.6.0` -> `v1.7.0`
`google.golang.org/appengine`	`v1.6.7` -> `v1.6.8`
`k8s.io/apiextensions-apiserver`	`v0.26.11` -> `v0.28.1`
`k8s.io/klog/v2`	`v2.90.1` -> `v2.100.1`
`k8s.io/kube-openapi`	`v0.0.0-20230501164219-8b0f38b5fd1f` -> `v0.0.0-20230905202853-d090da108d2f`
`k8s.io/utils`	`v0.0.0-20230505201702-9f6742963106` -> `v0.0.0-20230726121419-3b25d923346b`
`sigs.k8s.io/structured-merge-diff/v4`	`v4.2.3` -> `v4.3.0`

openshift-ci[bot] commented 3 months ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: redhat-renovate-bot Once this PR has been reviewed and has the lgtm label, please assign ksimon1 for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubevirt/kubevirt-tekton-tasks/blob/release-v0.17/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

kubevirt-bot commented 3 months ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Once this PR has been reviewed and has the lgtm label, please assign ksimon1 for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubevirt/kubevirt-tekton-tasks/blob/release-v0.17/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

openshift-ci[bot] commented 3 months ago

@redhat-renovate-bot: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/unit-tests	543e4306bb01ade91a017f55e3706f5044d95f3e	link	true	`/test unit-tests`
ci/prow/e2e-tests	543e4306bb01ade91a017f55e3706f5044d95f3e	link	true	`/test e2e-tests`

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).

ksimon1 commented 3 months ago

/close this CVE is not fixable

openshift-ci[bot] commented 3 months ago

@ksimon1: Closed this PR.

In response to [this](https://github.com/kubevirt/kubevirt-tekton-tasks/pull/511#issuecomment-2315236018): >/close >this CVE is not fixable Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.

kubevirt-bot commented 3 months ago

@ksimon1: Closed this PR.

In response to [this](https://github.com/kubevirt/kubevirt-tekton-tasks/pull/511#issuecomment-2315236018): >/close >this CVE is not fixable Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.

redhat-renovate-bot commented 3 months ago

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (v1.2.1). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.

kubevirt / kubevirt-tekton-tasks