-
Bug
-
Resolution: Done-Errata
-
Normal
-
4.14
-
Moderate
-
No
-
False
-
Description of problem:
Due to security vulnerability[1] affecting Azure CLI versions previous to 2.40.0(not included), it is recommended to update azure cli to higher version to avoid this issue. Currently, azure cli in CI is 2.38.0. [1] https://github.com/Azure/azure-cli/security/advisories/GHSA-47xc-9rr2-q7p4
Version-Release number of selected component (if applicable):
All supported version
How reproducible:
Always
Steps to Reproduce:
1. Trigger CI jobs on azure platform that contains steps using azure cli. 2. 3.
Actual results:
azure cli 2.38.0 is used now.
Expected results:
azure cli 2.40.0+ to be used in CI on all supported version
Additional info:
As azure cli 2.40.0+ is only available in rhel8-based repository, need to update its repo in upi-installer rhel8-based docker file[1] [1] https://github.com/openshift/installer/blob/master/images/installer/Dockerfile.upi.ci.rhel8#L23
- blocks
-
OCPBUGS-16640 Images: update azure cli to 2.40.0+ in upi-installer to avoid security vulnerability
- Closed
- is cloned by
-
OCPBUGS-16640 Images: update azure cli to 2.40.0+ in upi-installer to avoid security vulnerability
- Closed
- links to
-
RHSA-2023:5006 OpenShift Container Platform 4.14.z security update