search

uniget-org / tools

Tool definitions for uniget
https://tools.uniget.dev
MIT License
2 stars 3 forks source link

chore(deps): update dependency kube-burner/kube-burner to v1.10.2 #5716

Closed uniget-bot closed 5 days ago

uniget-bot commented 5 days ago

This PR contains the following updates:

Package Update Change
kube-burner/kube-burner patch 1.10.1 -> 1.10.2

[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

kube-burner/kube-burner (kube-burner/kube-burner) ### [`v1.10.2`](https://togithub.com/kube-burner/kube-burner/releases/tag/v1.10.2) [Compare Source](https://togithub.com/kube-burner/kube-burner/compare/v1.10.1...v1.10.2) #### Changelog - [`f200ce1`](https://togithub.com/kube-burner/kube-burner/commit/f200ce17cadb58655d9bc32d0de8dadede19261f): Add cluster metadata information to all documents when using plugin helpers ([#​656](https://togithub.com/kube-burner/kube-burner/issues/656)) ([@​rsevilla87](https://togithub.com/rsevilla87)) - [`c490cdd`](https://togithub.com/kube-burner/kube-burner/commit/c490cdd298b14bd3efd44ce5e345e25efb22a480): Initialize MetricsMetadata map ([#​661](https://togithub.com/kube-burner/kube-burner/issues/661)) ([@​rsevilla87](https://togithub.com/rsevilla87))

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Renovate Bot.

github-actions[bot] commented 5 days ago

:mag: Vulnerabilities of ghcr.io/uniget-org/tools/kube-burner:1.10.2

:package: Image Reference ghcr.io/uniget-org/tools/kube-burner:1.10.2
digestsha256:dcae621c1ef38bd9e1b11eb5b4c183083bc1bf2cabaafaa25932fc380ac66ddd
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0 unspecified: 1
platformlinux/amd64
size30 MB
packages70
critical: 0 high: 0 medium: 0 low: 0 unspecified: 1stdlib 1.21.11 (golang) pkg:golang/stdlib@1.21.11
unspecified : CVE--2024--24791
Affected range<1.21.12
Fixed version1.21.12
Description
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.
github-actions[bot] commented 5 days ago

Attempting automerge. See https://github.com/uniget-org/tools/actions/runs/9811228629.

github-actions[bot] commented 5 days ago

PR is clean and can be merged. See https://github.com/uniget-org/tools/actions/runs/9811228629.