search

stackrox / kube-linter

KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.
https://docs.kubelinter.io/
Apache License 2.0
2.82k stars 228 forks source link

build(deps): bump github.com/cert-manager/cert-manager from 1.14.4 to 1.14.5 #774

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 2 months ago

Bumps github.com/cert-manager/cert-manager from 1.14.4 to 1.14.5.

Release notes

Sourced from github.com/cert-manager/cert-manager's releases.

v1.14.5

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

v1.14.5 fixes a bug in the DigitalOcean DNS-01 provider which could cause incorrect DNS records to be deleted when using a domain with a CNAME. Special thanks to @​BobyMCbobs for reporting this issue and testing the fix!

It also patches CVE-2023-45288.

Known Issues

  • ACME Issuer (Let's Encrypt): wrong certificate chain may be used if preferredChain is configured: see 1.14 release notes for more information.

Changes

Bug or Regression

Commits
  • 6a09152 Merge pull request #6955 from SgtCoDFish/release-1.14-ignore-CVE-2020-8559
  • b774723 [release-1.14] ignore trivy false positive CVE-2020-8559
  • c1bc830 Merge pull request #6942 from inteon/release-1.14_acl
  • fb5b0ac Merge pull request #6940 from cert-manager-bot/cherry-pick-6938-to-release-1.14
  • a298c14 disable rclone gcs bucket ACL
  • 53656b4 remove docker custom network hack, since the test environment itself has been...
  • 04b2a8c Merge pull request #6931 from SgtCoDFish/release-1.14-CVE-2023-45288
  • ca8832b Merge pull request #6936 from cert-manager-bot/cherry-pick-6923-to-release-1.14
  • c35059a fix flaky dns test, make sure dns server has started before sending requests
  • 8294b60 [release-1.14] fix CVE-2023-45288, bump base images, bump go
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @roxbot.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)