Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automated cherry pick of #112693: Fixed (CVE-2022-27664) Bump golang.org/x/net to #113526

Closed
wants to merge 1 commit into from
Closed

Automated cherry pick of #112693: Fixed (CVE-2022-27664) Bump golang.org/x/net to #113526

wants to merge 1 commit into from

Conversation

aimuz
Copy link
Contributor

@aimuz aimuz commented Nov 2, 2022

Cherry pick of #112693 on release-1.23.

#112693: Fixed (CVE-2022-27664) Bump golang.org/x/net to

For details on the cherry pick process, see the cherry pick requests page.

@k8s-ci-robot k8s-ci-robot added this to the v1.23 milestone Nov 2, 2022
@k8s-ci-robot k8s-ci-robot added the do-not-merge/cherry-pick-not-approved Indicates that a PR is not yet approved to merge into a release branch. label Nov 2, 2022
@k8s-ci-robot
Copy link
Contributor

@aimuz: This cherry pick PR is for a release branch and has not yet been approved by Release Managers.
Adding the do-not-merge/cherry-pick-not-approved label.

To merge this cherry pick, it must first be approved (/lgtm + /approve) by the relevant OWNERS.

AFTER it has been approved by code owners, please leave the following comment on a line by itself, with no leading whitespace: /cc kubernetes/release-managers

(This command will request a cherry pick review from Release Managers and should work for all GitHub users, whether they are members of the Kubernetes GitHub organization or not.)

For details on the patch release process and schedule, see the Patch Releases page.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. do-not-merge/needs-kind Indicates a PR lacks a `kind/foo` label and requires one. do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Nov 2, 2022
@k8s-ci-robot
Copy link
Contributor

Hi @aimuz. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added needs-priority Indicates a PR lacks a `priority/foo` label and requires one. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Nov 2, 2022
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: aimuz
Once this PR has been reviewed and has the lgtm label, please assign liggitt for approval by writing /assign @liggitt in a comment. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added area/apiserver area/cloudprovider area/code-generation area/dependency Issues or PRs related to dependency changes area/kubectl sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/auth Categorizes an issue or PR as relevant to SIG Auth. sig/cli Categorizes an issue or PR as relevant to SIG CLI. sig/cloud-provider Categorizes an issue or PR as relevant to SIG Cloud Provider. sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. sig/instrumentation Categorizes an issue or PR as relevant to SIG Instrumentation. sig/node Categorizes an issue or PR as relevant to SIG Node. sig/storage Categorizes an issue or PR as relevant to SIG Storage. and removed do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels Nov 2, 2022
@k8s-ci-robot k8s-ci-robot requested review from ahg-g, andrewsykim and a team November 2, 2022 01:50
@aimuz
Copy link
Contributor Author

aimuz commented Nov 2, 2022

/kind bug

@aimuz aimuz force-pushed the automated-cherry-pick-of-#112693-upstream-release-1.23 branch from fb8f41c to bdee0f4 Compare November 4, 2022 06:33
@k8s-ci-robot k8s-ci-robot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Nov 4, 2022
@aimuz aimuz force-pushed the automated-cherry-pick-of-#112693-upstream-release-1.23 branch from bdee0f4 to d50087c Compare November 4, 2022 07:45
@aimuz
Copy link
Contributor Author

aimuz commented Nov 4, 2022

/hold

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Nov 4, 2022
@aimuz aimuz force-pushed the automated-cherry-pick-of-#112693-upstream-release-1.23 branch from d50087c to 1e461fd Compare November 4, 2022 09:08
@aimuz
Copy link
Contributor Author

aimuz commented Nov 4, 2022

/test pull-kubernetes-verify

@aimuz aimuz force-pushed the automated-cherry-pick-of-#112693-upstream-release-1.23 branch from 1e461fd to 540377a Compare November 7, 2022 11:27
@k8s-ci-robot k8s-ci-robot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. area/kubelet and removed size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. labels Nov 7, 2022
@aimuz aimuz force-pushed the automated-cherry-pick-of-#112693-upstream-release-1.23 branch from 540377a to a28108f Compare November 7, 2022 11:42
@k8s-ci-robot
Copy link
Contributor

@aimuz: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-kubernetes-dependencies a28108f link true /test pull-kubernetes-dependencies
pull-kubernetes-integration a28108f link true /test pull-kubernetes-integration
pull-kubernetes-e2e-aks-engine-windows-containerd-1-23 a28108f link false /test pull-kubernetes-e2e-aks-engine-windows-containerd-1-23

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@aimuz
Copy link
Contributor Author

aimuz commented Nov 8, 2022

Might need to copy golang.org/x/sys into the project?

https://github.com/golang/sys/tree/aba9fc2a8ff2c9439446386f616b860442f0cf9a

aba9fc2a8ff2c9439446386f616b860442f0cf9a is the first bad commit
commit aba9fc2a8ff2c9439446386f616b860442f0cf9a
Author: Tobias Klauser <tklauser@distanz.ch>
Date:   Tue Sep 6 10:59:06 2022 +0200

    unix: use unsafe.Slice instead of unsafeheader package

    Go 1.18 is the minimum supported Go version and unsafe.Slice was
    introduced in Go 1.17.

    Change-Id: Ie5f1fad01f219e7b7a190de2c49676f366ad3bc7
    Reviewed-on: https://go-review.googlesource.com/c/sys/+/428515
    TryBot-Result: Gopher Robot <gobot@golang.org>
    Reviewed-by: Benny Siegert <bsiegert@gmail.com>
    Reviewed-by: Ian Lance Taylor <iant@google.com>
    Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>

 unix/syscall.go             |  9 +--------
 unix/syscall_darwin.1_13.go | 12 ++----------
 unix/syscall_unix.go        |  8 +-------
 unix/sysvshm_unix.go        | 13 ++-----------
 4 files changed, 6 insertions(+), 36 deletions(-)

@aimuz
Copy link
Contributor Author

aimuz commented Nov 8, 2022

Might need to copy golang.org/x/sys into the project?

@fedebongio
Copy link
Contributor

/triage accepted

@k8s-ci-robot k8s-ci-robot added triage/accepted Indicates an issue or PR is ready to be actively worked on. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Nov 8, 2022
@enj enj added this to Needs Triage in SIG Auth Old Nov 14, 2022
@aimuz
Copy link
Contributor Author

aimuz commented Nov 16, 2022

Waiting #113416

@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Dec 22, 2022
@k8s-ci-robot
Copy link
Contributor

@aimuz: PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@aimuz
Copy link
Contributor Author

aimuz commented Dec 23, 2022

@liggitt

Does the 113983 change include the change of the current PR? If so, I will close this PR. Thank you for your reply

@bart0sh bart0sh moved this from Triage to Waiting on Author in SIG Node PR Triage Dec 23, 2022
@liggitt
Copy link
Member

liggitt commented Dec 23, 2022

Yes, it includes this fix

@liggitt liggitt closed this Dec 23, 2022
SIG Node PR Triage automation moved this from Waiting on Author to Done Dec 23, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ahg-g ahg-g Awaiting requested review from ahg-g

@andrewsykim andrewsykim Awaiting requested review from andrewsykim

Assignees
No one assigned
Labels
area/apiserver area/cloudprovider area/code-generation area/dependency Issues or PRs related to dependency changes area/kubectl area/kubelet cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/cherry-pick-not-approved Indicates that a PR is not yet approved to merge into a release branch. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. kind/bug Categorizes issue or PR as related to a bug. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/auth Categorizes an issue or PR as relevant to SIG Auth. sig/cli Categorizes an issue or PR as relevant to SIG CLI. sig/cloud-provider Categorizes an issue or PR as relevant to SIG Cloud Provider. sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. sig/instrumentation Categorizes an issue or PR as relevant to SIG Instrumentation. sig/node Categorizes an issue or PR as relevant to SIG Node. sig/storage Categorizes an issue or PR as relevant to SIG Storage. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
SIG Node PR Triage
Archived in project
[sig-architecture] Dependency management
Status: Done
SIG Auth Old
Needs Triage
SIG Node PR Triage
Done
Milestone
v1.23
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@aimuz @k8s-ci-robot @xmudrii @fedebongio @liggitt