Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release-4.15] MGMT-19943: Upgrade docker and containers dependencies to mitigate CVE-2023-2253, CVE-2024-41110 #1045

Open
wants to merge 1 commit into
base: release-4.15
Choose a base branch
from
Open

[release-4.15] MGMT-19943: Upgrade docker and containers dependencies to mitigate CVE-2023-2253, CVE-2024-41110 #1045

wants to merge 1 commit into from

Conversation

omer-vishlitzky
Copy link

@omer-vishlitzky omer-vishlitzky commented Feb 25, 2025
edited
Loading

Bump github.com/docker/distribution to v2.8.2-beta.1
Bump github.com/docker/docker v25.0.6

@omer-vishlitzky
[MGMT-19943] Upgrade docker and containers dependencies to mitigate C…
ce11f8f 
…VE-2023-2253, CVE-2024-41110

Bump github.com/docker/distribution to v2.8.2-beta.1
Bump github.com/docker/docker v25.0.6
@openshift-ci openshift-ci bot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Feb 25, 2025
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Feb 25, 2025

@omer-vishlitzky: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Feb 25, 2025
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Feb 25, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: gamli75, omer-vishlitzky

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 25, 2025
@andfasano
Copy link
Contributor

/label backport-risk-assessed

@openshift-ci openshift-ci bot added the backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. label Feb 26, 2025
@mhanss
Copy link

mhanss commented Feb 26, 2025

/label cherry-pick-approved

@openshift-ci openshift-ci bot added the cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. label Feb 26, 2025
@omer-vishlitzky omer-vishlitzky changed the title [MGMT-19943] Upgrade docker and containers dependencies to mitigate CVE-2023-2253, CVE-2024-41110 [release-4.15] MGMT-19943 Upgrade docker and containers dependencies to mitigate CVE-2023-2253, CVE-2024-41110 Feb 27, 2025
@omer-vishlitzky omer-vishlitzky changed the title [release-4.15] MGMT-19943 Upgrade docker and containers dependencies to mitigate CVE-2023-2253, CVE-2024-41110 [release-4.15] MGMT-19943: Upgrade docker and containers dependencies to mitigate CVE-2023-2253, CVE-2024-41110 Feb 27, 2025
@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Feb 27, 2025
@openshift-ci-robot
Copy link

openshift-ci-robot commented Feb 27, 2025
edited by openshift-ci bot
Loading

@omer-vishlitzky: This pull request references MGMT-19943 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "4.15.z" version, but no target version was set.

In response to this:

Bump github.com/docker/distribution to v2.8.2-beta.1
Bump github.com/docker/docker v25.0.6

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@andfasano
Copy link
Contributor

andfasano commented Feb 27, 2025
edited
Loading

/hold

the parent ticket for version 4.16 is missing

@openshift-ci openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gamli75 gamli75 gamli75 approved these changes

@adriengentil adriengentil Awaiting requested review from adriengentil

@eranco74 eranco74 Awaiting requested review from eranco74

Assignees

@gamli75 gamli75

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@omer-vishlitzky @andfasano @mhanss @openshift-ci-robot @gamli75