Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: ACM 2.9.5
Affects Version/s: ACM 2.9.0
Component/s: Observability
Labels:
- Obs-Core
- triaged

Story Points:
1
Blocked:
False
Blocked Reason:
None
Ready:
False
Intelligence Requested:
Market:

Sprint:
MCO Sprint 24, MCO Sprint 25, MCO Sprint 26, MCO Sprint 27
Severity:
Critical

Regression:
No

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Description of problem:

Need to ensure that CVE-2023-45288 is patched for all App/Cluster LC images:

upgrade go pkg golang.org/x/net to v0.23.0 or above

Observability Repos:

https://github.com/stolostron/multicluster-observability-operator

https://github.com/stolostron/observatorium-operator/

https://github.com/stolostron/observatorium

https://github.com/stolostron/thanos-receive-controller

https://github.com/stolostron/thanos

https://github.com/stolostron/kube-rbac-proxy

https://github.com/stolostron/kube-state-metrics

https://github.com/stolostron/prometheus

https://github.com/stolostron/prometheus-operator

https://github.com/stolostron/prometheus-alertmanager

https://github.com/stolostron/node-exporter

https://github.com/stolostron/grafana

https://github.com/stolostron/kube-thanos

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:

...

Actual results:

Expected results:

Additional info:

clones

ACM-12258 [release-2.10] Observability: fix CVE-2023-45288 if necessary

Closed

is cloned by

ACM-12260 [release-2.8] Observability: fix CVE-2023-45288 if necessary

Closed

Assignee:: Unassigned

Reporter:: Subbarao Meduri

QA Contact:: Xiang Yin

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2024/06/18 6:22 PM

Updated:: 2024/08/27 1:51 PM