search

uniget-org / tools

Tool definitions for uniget
https://tools.uniget.dev
MIT License
2 stars 3 forks source link

chore(deps): update dependency kube-burner/kube-burner to v1.10.3 #5722

Closed uniget-bot closed 4 days ago

uniget-bot commented 4 days ago

This PR contains the following updates:

Package Update Change
kube-burner/kube-burner patch 1.10.2 -> 1.10.3

[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

kube-burner/kube-burner (kube-burner/kube-burner) ### [`v1.10.3`](https://togithub.com/kube-burner/kube-burner/releases/tag/v1.10.3) [Compare Source](https://togithub.com/kube-burner/kube-burner/compare/v1.10.1...v1.10.3) #### What's Changed - Add cluster metadata information to all documents when using plugin helpers by [@​rsevilla87](https://togithub.com/rsevilla87) in [https://github.com/kube-burner/kube-burner/pull/656](https://togithub.com/kube-burner/kube-burner/pull/656) - Initialize MetricsMetadata map by [@​rsevilla87](https://togithub.com/rsevilla87) in [https://github.com/kube-burner/kube-burner/pull/661](https://togithub.com/kube-burner/kube-burner/pull/661) - Fixing NPE for PR-661 by [@​vishnuchalla](https://togithub.com/vishnuchalla) in [https://github.com/kube-burner/kube-burner/pull/662](https://togithub.com/kube-burner/kube-burner/pull/662) **Full Changelog**: https://github.com/kube-burner/kube-burner/compare/v1.10.1...v1.10.3

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Renovate Bot.

github-actions[bot] commented 4 days ago

:mag: Vulnerabilities of ghcr.io/uniget-org/tools/kube-burner:1.10.3

:package: Image Reference ghcr.io/uniget-org/tools/kube-burner:1.10.3
digestsha256:cd9c45f68ea23e6c2db1f266ca07d3ea5b8deddc071d2d2d0b02c75f649abf5f
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0 unspecified: 1
platformlinux/amd64
size30 MB
packages70
critical: 0 high: 0 medium: 0 low: 0 unspecified: 1stdlib 1.21.11 (golang) pkg:golang/stdlib@1.21.11
unspecified : CVE--2024--24791
Affected range<1.21.12
Fixed version1.21.12
Description
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.
github-actions[bot] commented 4 days ago

Attempting automerge. See https://github.com/uniget-org/tools/actions/runs/9815540194.

github-actions[bot] commented 4 days ago

PR is clean and can be merged. See https://github.com/uniget-org/tools/actions/runs/9815540194.