Uploaded image for project: 'Red Hat Advanced Cluster Management'
  1. Red Hat Advanced Cluster Management
  2. ACM-12092

[release-2.9] App/Cluster LC: fix CVE-2023-45288 if necessary

XMLWordPrintable

    • False
    • None
    • False
    • No

      Description of problem:

       

      Need to ensure that CVE-2023-45288 is patched for all App/Cluster LC images:

      upgrade go pkg golang.org/x/net to v0.23.0 or above

       

      app lifecycle repos:

      https://github.com/stolostron/multicloud-operators-subscription
      https://github.com/stolostron/multicloud-operators-channel
      https://github.com/stolostron/multicloud-operators-application
      https://github.com/stolostron/multicloud-integrations
      https://github.com/stolostron/cluster-permission

       

      cluster lifecycle repos:

      https://github.com/stolostron/cluster-curator-controller
      https://github.com/stolostron/provider-credential-controller
      https://github.com/stolostron/cluster-image-set-controller
      https://github.com/stolostron/clusterclaims-controller

      Version-Release number of selected component (if applicable):

      How reproducible:

      Steps to Reproduce:

      1.  
      2.  
      3. ...

      Actual results:

      Expected results:

      Additional info:

              xiangli@redhat.com Xiangjing Li
              tflower@redhat.com Tesshu Flower
              David Huynh David Huynh
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: