search

sarvex / podman

Podman: A tool for managing OCI containers and pods.
https://podman.io
Apache License 2.0
0 stars 0 forks source link

fix(deps): update module k8s.io/kubernetes to v1.28.9 [security] - autoclosed #64

Closed renovate[bot] closed 5 months ago

renovate[bot] commented 5 months ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
k8s.io/kubernetes v1.28.1 -> v1.28.9 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2023-5528

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.

CVE-2024-3177

A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service accountโ€™s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated.

Release Notes

kubernetes/kubernetes (k8s.io/kubernetes) ### [`v1.28.9`](https://togithub.com/kubernetes/kubernetes/releases/tag/v1.28.9): Kubernetes v1.28.9 [Compare Source](https://togithub.com/kubernetes/kubernetes/compare/v1.28.8...v1.28.9) See [kubernetes-announce@](https://groups.google.com/forum/#!forum/kubernetes-announce). Additional binary downloads are linked in the [CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md). See [the CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md) for more details. ### [`v1.28.8`](https://togithub.com/kubernetes/kubernetes/releases/tag/v1.28.8): Kubernetes v1.28.8 [Compare Source](https://togithub.com/kubernetes/kubernetes/compare/v1.28.7...v1.28.8) See [kubernetes-announce@](https://groups.google.com/forum/#!forum/kubernetes-announce). Additional binary downloads are linked in the [CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md). See [the CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md) for more details. ### [`v1.28.7`](https://togithub.com/kubernetes/kubernetes/releases/tag/v1.28.7): Kubernetes v1.28.7 [Compare Source](https://togithub.com/kubernetes/kubernetes/compare/v1.28.6...v1.28.7) See [kubernetes-announce@](https://groups.google.com/forum/#!forum/kubernetes-announce). Additional binary downloads are linked in the [CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md). See [the CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md) for more details. ### [`v1.28.6`](https://togithub.com/kubernetes/kubernetes/releases/tag/v1.28.6): Kubernetes v1.28.6 [Compare Source](https://togithub.com/kubernetes/kubernetes/compare/v1.28.5...v1.28.6) See [kubernetes-announce@](https://groups.google.com/forum/#!forum/kubernetes-announce). Additional binary downloads are linked in the [CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md). See [the CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md) for more details. ### [`v1.28.5`](https://togithub.com/kubernetes/kubernetes/releases/tag/v1.28.5): Kubernetes v1.28.5 [Compare Source](https://togithub.com/kubernetes/kubernetes/compare/v1.28.4...v1.28.5) See [kubernetes-announce@](https://groups.google.com/forum/#!forum/kubernetes-announce). Additional binary downloads are linked in the [CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md). See [the CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md) for more details. ### [`v1.28.4`](https://togithub.com/kubernetes/kubernetes/releases/tag/v1.28.4): Kubernetes v1.28.4 [Compare Source](https://togithub.com/kubernetes/kubernetes/compare/v1.28.3...v1.28.4) See [kubernetes-announce@](https://groups.google.com/forum/#!forum/kubernetes-announce). Additional binary downloads are linked in the [CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md). See [the CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md) for more details. ### [`v1.28.3`](https://togithub.com/kubernetes/kubernetes/releases/tag/v1.28.3): Kubernetes v1.28.3 [Compare Source](https://togithub.com/kubernetes/kubernetes/compare/v1.28.2...v1.28.3) See [kubernetes-announce@](https://groups.google.com/forum/#!forum/kubernetes-announce). Additional binary downloads are linked in the [CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md). See [the CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md) for more details. ### [`v1.28.2`](https://togithub.com/kubernetes/kubernetes/releases/tag/v1.28.2): Kubernetes v1.28.2 [Compare Source](https://togithub.com/kubernetes/kubernetes/compare/v1.28.1...v1.28.2) See [kubernetes-announce@](https://groups.google.com/forum/#!forum/kubernetes-announce). Additional binary downloads are linked in the [CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md). See [the CHANGELOG](https://togithub.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md) for more details.

Configuration

๐Ÿ“… Schedule: Branch creation - "" in timezone UTC, Automerge - At any time (no schedule defined).

๐Ÿšฆ Automerge: Disabled by config. Please merge this manually once you are satisfied.

โ™ป Rebasing: Never, or you tick the rebase/retry checkbox.

๐Ÿ”• Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

github-actions[bot] commented 5 months ago

๐Ÿฆ™ MegaLinter status: โŒ ERROR

Descriptor Linter Files Fixed Errors Elapsed time
โŒ ACTION actionlint 11 10 0.1s
โŒ API spectral 2 1 7.15s
โš ๏ธ BASH bash-exec 107 65 0.35s
โŒ BASH shellcheck 107 814 5.51s
โœ… BASH shfmt 107 96 0 0.84s
โŒ COPYPASTE jscpd yes 4217 354.58s
โŒ CSS stylelint 2 1 1 3.2s
โŒ DOCKERFILE hadolint 25 1 0.43s
โŒ HTML djlint 2 10 0.69s
โŒ HTML htmlhint 2 2 0.23s
โœ… JSON jsonlint 6 0 0.2s
โœ… JSON prettier 6 4 0 2.05s
โœ… JSON v8r 6 0 3.33s
โš ๏ธ MARKDOWN markdownlint 638 446 3549 27.3s
โŒ MARKDOWN markdown-link-check 638 267 584.61s
โœ… MARKDOWN markdown-table-formatter 638 480 0 2.45s
โŒ OPENAPI spectral 2 1 7.06s
โœ… PROTOBUF protolint 11 10 0 9.89s
โŒ REPOSITORY checkov yes 57 110.61s
โŒ REPOSITORY gitleaks yes 26 42.54s
โŒ REPOSITORY git_diff yes 1 0.3s
โŒ REPOSITORY grype yes 1 10.71s
โŒ REPOSITORY secretlint yes 1 397.59s
โŒ REPOSITORY trivy yes 1 12.09s
โœ… REPOSITORY trivy-sbom yes no 1.27s
โœ… REPOSITORY trufflehog yes no 13.4s
โŒ SPELL cspell 8364 265940 7210.75s
โŒ SPELL lychee 818 2326 60.07s
โœ… XML xmllint 1 0 0 0.78s
โœ… YAML prettier 138 91 0 8.44s
โŒ YAML v8r 138 1 323.7s
โŒ YAML yamllint 138 1 5.47s

See detailed report in MegaLinter reports

_MegaLinter is graciously provided by OX Security_