-
Bug
-
Resolution: Done
-
Major
-
ACM 2.10.0
-
1
-
False
-
None
-
False
-
-
-
MCO Sprint 24, MCO Sprint 25
-
Critical
-
No
Description of problem:
Need to ensure that CVE-2023-45288 is patched for all App/Cluster LC images:
upgrade go pkg golang.org/x/net to v0.23.0 or above
Observability Repos:
https://github.com/stolostron/multicluster-observability-operator (https://github.com/stolostron/multicluster-observability-operator/pull/1525)
https://github.com/stolostron/observatorium-operator/ (https://github.com/stolostron/observatorium-operator/pull/156#event-13377851534)
https://github.com/stolostron/observatorium (https://github.com/stolostron/observatorium/pull/98)
https://github.com/stolostron/thanos-receive-controller (https://github.com/stolostron/thanos-receive-controller/pull/33)
https://github.com/stolostron/thanos (https://github.com/stolostron/thanos/pull/122)
https://github.com/stolostron/kube-rbac-proxy (already at v0.26.0)
https://github.com/stolostron/kube-state-metrics (https://github.com/stolostron/kube-state-metrics/pull/70)
https://github.com/stolostron/prometheus (https://github.com/stolostron/prometheus/pull/65)
https://github.com/stolostron/prometheus-operator (https://github.com/stolostron/prometheus-operator/pull/57)
https://github.com/stolostron/prometheus-alertmanager (https://github.com/stolostron/prometheus-alertmanager/pull/71)
https://github.com/stolostron/node-exporter (https://github.com/stolostron/node-exporter/pull/61)
https://github.com/stolostron/grafana (https://github.com/stolostron/grafana/pull/140)
https://github.com/stolostron/kube-thanos
Version-Release number of selected component (if applicable):
How reproducible:
Steps to Reproduce:
- ...