Loading...

XML

Word

Printable

Type: Task
Resolution: Done
Priority: Normal
Fix Version/s: MCE 2.4.0, MCE 2.3.1, MCE 2.5.0, MCE 2.6.0
Affects Version/s: MCE 2.4.0, MCE 2.3.1, MCE 2.5.0, MCE 2.6.0
Component/s: Installer
Labels:
None

Story Points:
1
Blocked:
False
Blocked Reason:
None
Ready:
False
Intelligence Requested:
Market:

Sprint:
Installer Sprint 2024-36, Installer Sprint 2024-37, Installer Sprint 2024-38

Regression:
No

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

In order to fix CVE-2023-45288, it is required to upgrade `golang.org/x/net` to v0.23.0+ for discovery repo. It should cover the releases below:

ACM 2.11 / MCE 2.6
ACM 2.10 / MCE 2.5
ACM 2.9 / MCE 2.4
ACM 2.8 / MCE 2.3

More information can be found https://redhat-internal.slack.com/archives/G010RS588CC/p1717614506464539?thread_ts=1717511402.116909&cid=G010RS588CC

clones

ACM-12137 Upgrade golang.org/x/net of backplane-operator repo

Closed

Assignee:: Cameron Wall

Reporter:: Disaiah Bennett

QA Contact:: Thuy Nguyen

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2024/06/12 5:27 PM

Updated:: 2024/07/18 7:19 PM

Resolved:: 2024/07/18 7:19 PM