Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update go-restful to 2.16.0 #2376

Merged
merged 1 commit into from
Jul 27, 2022
Merged

Update go-restful to 2.16.0 #2376

merged 1 commit into from
Jul 27, 2022

Conversation

vasiliy-ul
Copy link
Contributor

What this PR does / why we need it:

The updated version fixes 'Authorization Bypass Through User-Controlled Key' vulnerability (CVE-2022-1996).

References:
emicklei/go-restful#489
emicklei/go-restful#503

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #

Special notes for your reviewer:

Release note:

NONE

@vasiliy-ul
Update go-restful to 2.16.0
8d10678 
The updated version fixes 'Authorization Bypass Through User-Controlled
Key' vulnerability (CVE-2022-1996).

References:
emicklei/go-restful#489
emicklei/go-restful#503

Signed-off-by: Vasiliy Ulyanov <vulyanov@suse.de>
@kubevirt-bot kubevirt-bot added release-note-none Denotes a PR that doesn't merit a release note. dco-signoff: yes Indicates the PR's author has DCO signed all their commits. size/L labels Jul 26, 2022
@mhenriks
Copy link
Member

/lgtm
/approve

@kubevirt-bot kubevirt-bot added the lgtm Indicates that a PR is ready to be merged. label Jul 27, 2022
@kubevirt-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mhenriks

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@kubevirt-bot kubevirt-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 27, 2022
@vasiliy-ul
Copy link
Contributor Author

vasiliy-ul commented Jul 27, 2022
edited

SonarCloud Code Analysis Failing after 34s — Quality Gate failed

Pending — Not mergeable. Job SonarCloud Code Analysis has not succeeded.

Anything to be done with SonarCloud? The failure seems unrelated to the PR as only the vendor code is changed.

@awels
Copy link
Member

awels commented Jul 27, 2022

I fixed sonar cloud to ignore /cluster-up

@kubevirt-bot kubevirt-bot merged commit 57fc263 into kubevirt:main Jul 27, 2022
@vasiliy-ul vasiliy-ul deleted the bump-go-restful branch July 27, 2022 12:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@awels awels Awaiting requested review from awels

@maya-r maya-r Awaiting requested review from maya-r

Assignees

@mhenriks mhenriks

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. dco-signoff: yes Indicates the PR's author has DCO signed all their commits. lgtm Indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. size/L
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@vasiliy-ul @mhenriks @kubevirt-bot @awels