[AUTO-CHERRYPICK] Upgrade cert-manager to 1.12.15 - to fix CVE-2024-1…

…2401 - branch 3.0-dev (#12096) Co-authored-by: Rohit Rawat <[email protected]>
microsoft · Jan 28, 2025 · 9853652 · 9853652
1 parent 76dcc08
commit 9853652
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 84 deletions.
diff --git a/SPECS/cert-manager/CVE-2024-45337.patch b/SPECS/cert-manager/CVE-2024-45337.patch
diff --git a/SPECS/cert-manager/cert-manager.spec b/SPECS/cert-manager/cert-manager.spec
@@ -13,8 +13,7 @@ Source0:        https://github.com/jetstack/%{name}/archive/refs/tags/v%{version
 # 1. wget https://github.com/jetstack/%%{name}/archive/refs/tags/v%%{version}.tar.gz -O %%{name}-%%{version}.tar.gz
 # 2. <repo-root>/SPECS/cert-manager/generate_source_tarball.sh --srcTarball %%{name}-%%{version}.tar.gz --pkgVersion %%{version}
 Source1:        %{name}-%{version}-vendor.tar.gz
-Patch0:         CVE-2024-45337.patch
-Patch1:         CVE-2024-45338.patch
+Patch0:         CVE-2024-45338.patch
 BuildRequires:  golang
 Requires:       %{name}-acmesolver
 Requires:       %{name}-cainjector
@@ -105,8 +104,9 @@ install -D -m0755 bin/webhook %{buildroot}%{_bindir}/
 %{_bindir}/webhook
 
 %changelog
-* Mon Jan 20 2025 CBL-Mariner Servicing Account <[email protected]> - 1.12.15-1
-- Auto-upgrade to 1.12.15 - none
+* Mon Jan 27 2025 Rohit Rawat <[email protected]> - 1.12.15-1
+- Upgrade to 1.12.15 - to fix CVE-2024-12401
+- Remove CVE-2024-45337.patch as it is fixed in 1.12.15
 
 * Tue Dec 31 2024 Rohit Rawat <[email protected]> - 1.12.13-3
 - Add patch for CVE-2024-45338