Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BUG 2312515: CVE-2024-6104 cephcsi-container: go-retryablehttp: url might write sensitive information to log file #381

Open
wants to merge 3 commits into
base: release-4.12
Choose a base branch
from
Open

BUG 2312515: CVE-2024-6104 cephcsi-container: go-retryablehttp: url might write sensitive information to log file #381

wants to merge 3 commits into from

Commits on Sep 18, 2024

  1. rebase: bump github.com/hashicorp/go-retryablehttp from 0.7.1 to 0.7.7 

    Bumps [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) from 0.7.1 to 0.7.7.
- [Changelog](https://github.com/hashicorp/go-retryablehttp/blob/main/CHANGELOG.md)
- [Commits](hashicorp/go-retryablehttp@v0.7.1...v0.7.7)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-retryablehttp
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
(cherry picked from commit 2131a84)
    @dependabot @iPraveenParihar
    dependabot[bot] authored and iPraveenParihar committed Sep 18, 2024
    Configuration menu
    Copy the full SHA
    d796f8a View commit details
    Browse the repository at this point in the history

Commits on Oct 8, 2024

  1. ci: install openssl for Fedora 37 testing image 

    GitHub Workflows fail installing Helm if the `openssl` package is not
available. Fedora 36 installs `openssl` by default, Fedora 37 does not.

Signed-off-by: Niels de Vos <[email protected]>
(cherry picked from commit 774beef)
    @nixpanic @iPraveenParihar
    nixpanic authored and iPraveenParihar committed Oct 8, 2024
    Configuration menu
    Copy the full SHA
    bf81a80 View commit details
    Browse the repository at this point in the history

  2. ci: update centos stream 8 baseurl 

    Since CentOS Stream 8 is EOL, this commit updates the
config to use vault.centos.org for CentOS Stream 8.
This should be removed once the base image (ceph) is
updated to a version with a newer CentOS.

Signed-off-by: Praveen M <[email protected]>
(cherry picked from commit 5809628)
    @iPraveenParihar
    iPraveenParihar committed Oct 8, 2024
    Configuration menu
    Copy the full SHA
    f96f6f7 View commit details
    Browse the repository at this point in the history