Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kubernetes-dns-node-cache/1.23.0-r6: cve remediation #19721

Merged
merged 1 commit into from
May 20, 2024
Merged

kubernetes-dns-node-cache/1.23.0-r6: cve remediation #19721

merged 1 commit into from
May 20, 2024

Conversation

octo-sts[bot]
Copy link
Contributor

@octo-sts octo-sts bot commented May 18, 2024

@github-actions GitHub Actions
Copy link
Contributor

Package kubernetes-dns-node-cache: Click to expand/collapse

Package kubernetes-dns-node-cache:

.PKGINFO metadata:

  (
  	"""
- 	# Generated by melange v0.16.7-22-gfe8b68a
+ 	# Generated by melange v0.7.0-12-g436f915
  	pkgname = kubernetes-dns-node-cache
- 	pkgver = 1.23.0-r6
+ 	pkgver = 1.23.0-r7
  	arch = x86_64
- 	size = 35286265
+ 	size = 37020376
  	origin = kubernetes-dns-node-cache
  	pkgdesc = NodeLocal DNSCache improves Cluster DNS performance by running a DNS caching agent on cluster nodes as a DaemonSet.
  	url = 
- 	commit = 195e878a09b405990e60a29403b57848e9f3104c
- 	builddate = 1715344811
+ 	commit = 5b1a9a9560d85683ba4a03b1c7f65e4bdec22de5
  	license = Apache-2.0
- 	provides = cmd:node-cache=1.23.0-r6
- 	datahash = 860756096795d4714ed7e4c4630f383912061d3cd602e5a6f793e3009586920f
+ 	provides = cmd:node-cache=1.23.0-r7
+ 	datahash = 2d2210dd6c29137937bab6ec66f46d7ca5bab867aa6eade3cc6f76f756938fa7
  	"""
  )

Modified: /usr/bin/node-cache

bincapz found differences: Click to expand/collapse

Changed: kubernetes-dns-node-cache/usr/bin/node-cache

4 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM databases/leveldb accesses LevelDB databases goleveldbruntime
v4LevelDBNegroniv1
+MEDIUM net/http/server serves HTTP requests gin-gonic/
+LOW cloud/google/metadata Includes the token required to use the Google Cloud Platform metadata server Metadata-Flavor
+LOW net/ip access the internet invalid packet

2 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM 3P/threat_hunting/gobfuscate references 'gobfuscate' tool, by @mthcht gObfuscate
-MEDIUM ref/site/http/dynamic URL that is dynamically generated http://%s/infotrace
http://%s/v0.4/tracesreason
http://%s/v0.6/statsx509usefallbackrootsresourceVersionMatchAllowWatchBoo

@rawlingsj rawlingsj merged commit bbfa788 into main May 20, 2024
8 checks passed
@rawlingsj rawlingsj deleted the cve-kubernetes-dns-node-cache-7884907283663cae07bb3e4057bda487 branch May 20, 2024 09:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rawlingsj rawlingsj rawlingsj approved these changes

Assignees
No one assigned
Labels
automated pr GHSA-m9w6-wp3h-vq8g
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@rawlingsj