search

openshift / node-feature-discovery

Node feature discovery, detects the available hardware features and configuration in a cluster.
Apache License 2.0
14 stars 26 forks source link

OCPBUGS-25493: update golang.org/x/crypto/ssh for CVE-2023-4879 #126

Closed chr15p closed 9 months ago

chr15p commented 10 months ago

OCPBUGS-25493 Cherry-pick #124 into release-4.15 to fix "CVE-2023-48795 node-feature-discovery-container: ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"

openshift-ci-robot commented 10 months ago

@chr15p: This pull request references Jira Issue OCPBUGS-25493, which is invalid:

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

In response to [this](https://github.com/openshift/node-feature-discovery/pull/126): >OCPBUGS-25493 Cherry-pick #124 into release-4.15 to fix "CVE-2023-48795 node-feature-discovery-container: ssh: Prefix truncation attack on Binary Packet Protocol (BPP)" Instructions for interacting with me using PR comments are available [here](https://prow.ci.openshift.org/command-help?repo=openshift%2Fnode-feature-discovery). If you have questions or suggestions related to my behavior, please file an issue against the [openshift-eng/jira-lifecycle-plugin](https://github.com/openshift-eng/jira-lifecycle-plugin/issues/new) repository.
openshift-ci[bot] commented 10 months ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: chr15p

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/openshift/node-feature-discovery/blob/release-4.15/OWNERS)~~ [chr15p] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
openshift-ci[bot] commented 10 months ago

@chr15p: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).
chr15p commented 10 months ago

/jira refresh

openshift-ci-robot commented 10 months ago

@chr15p: This pull request references Jira Issue OCPBUGS-25493, which is invalid:

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

In response to [this](https://github.com/openshift/node-feature-discovery/pull/126#issuecomment-1910003247): >/jira refresh Instructions for interacting with me using PR comments are available [here](https://prow.ci.openshift.org/command-help?repo=openshift%2Fnode-feature-discovery). If you have questions or suggestions related to my behavior, please file an issue against the [openshift-eng/jira-lifecycle-plugin](https://github.com/openshift-eng/jira-lifecycle-plugin/issues/new) repository.
chr15p commented 10 months ago

/jira refresh

openshift-ci-robot commented 10 months ago

@chr15p: This pull request references Jira Issue OCPBUGS-25493, which is valid. The bug has been moved to the POST state.

6 validation(s) were run on this bug * bug is open, matching expected state (open) * bug target version (4.15.0) matches configured target version for branch (4.15.0) * bug is in the state ASSIGNED, which is one of the valid states (NEW, ASSIGNED, POST) * dependent bug [Jira Issue OCPBUGS-27955](https://issues.redhat.com//browse/OCPBUGS-27955) is in the state ON_QA, which is one of the valid states (MODIFIED, ON_QA, VERIFIED) * dependent [Jira Issue OCPBUGS-27955](https://issues.redhat.com//browse/OCPBUGS-27955) targets the "4.16.0" version, which is one of the valid target versions: 4.16.0 * bug has dependents

Requesting review from QA contact: /cc @wabouhamad

In response to [this](https://github.com/openshift/node-feature-discovery/pull/126#issuecomment-1910005516): >/jira refresh Instructions for interacting with me using PR comments are available [here](https://prow.ci.openshift.org/command-help?repo=openshift%2Fnode-feature-discovery). If you have questions or suggestions related to my behavior, please file an issue against the [openshift-eng/jira-lifecycle-plugin](https://github.com/openshift-eng/jira-lifecycle-plugin/issues/new) repository.
yevgeny-shnaidman commented 10 months ago

/lgtm

wabouhamad commented 10 months ago

/lgtm

wabouhamad commented 10 months ago

/label cherry-pick-approved

chr15p commented 9 months ago

/label backport-risk-assessed

openshift-ci[bot] commented 9 months ago

@chr15p: Can not set label backport-risk-assessed: Must be member in one of these teams: [openshift-patch-managers]

In response to [this](https://github.com/openshift/node-feature-discovery/pull/126#issuecomment-1918675448): >/label backport-risk-assessed Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
yevgeny-shnaidman commented 9 months ago

/label backport-risk-assessed

chr15p commented 9 months ago

/label backport-risk-assessed

openshift-ci[bot] commented 9 months ago

@chr15p: Can not set label backport-risk-assessed: Must be member in one of these teams: [openshift-patch-managers]

In response to [this](https://github.com/openshift/node-feature-discovery/pull/126#issuecomment-1918710292): >/label backport-risk-assessed Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
yevgeny-shnaidman commented 9 months ago

/label backport-risk-assessed

openshift-ci-robot commented 9 months ago

@chr15p: Jira Issue OCPBUGS-25493: All pull requests linked via external trackers have merged:

Jira Issue OCPBUGS-25493 has been moved to the MODIFIED state.

In response to [this](https://github.com/openshift/node-feature-discovery/pull/126): >OCPBUGS-25493 Cherry-pick #124 into release-4.15 to fix "CVE-2023-48795 node-feature-discovery-container: ssh: Prefix truncation attack on Binary Packet Protocol (BPP)" Instructions for interacting with me using PR comments are available [here](https://prow.ci.openshift.org/command-help?repo=openshift%2Fnode-feature-discovery). If you have questions or suggestions related to my behavior, please file an issue against the [openshift-eng/jira-lifecycle-plugin](https://github.com/openshift-eng/jira-lifecycle-plugin/issues/new) repository.
openshift-bot commented 9 months ago

[ART PR BUILD NOTIFIER]

This PR has been included in build node-feature-discovery-container-v4.15.0-202401311148.p0.ge4929ab.assembly.stream for distgit node-feature-discovery. All builds following this will include this PR.