Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-22357

Fix and bump library-go for storage operators

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done-Errata
    • Undefined
    • 4.15.0
    • 4.15.0
    • Storage / Operators
    • None
    • No
    • False
    • Hide

      None

      Show
      None

    Description

      We need to fix and bump library-go for http2 vulnerability CVE-2023-44487. This effectively turns off HTTP/2 in library-go http endpoints, i.e. metrics and health.

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-23078 4.14: Fix and bump library-go for storage operators

          • Undefined - Priority not specified.
          • Closed
          is depended on by

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-23078 4.14: Fix and bump library-go for storage operators

          • Undefined - Priority not specified.
          • Closed
          links to

          GitHub openshift/alibaba-disk-csi-driver-operator#69: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/aws-ebs-csi-driver-operator#290: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/aws-efs-csi-driver-operator#97: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/azure-disk-csi-driver-operator#106: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/azure-file-csi-driver-operator#81: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/cluster-csi-snapshot-controller-operator#172: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/cluster-storage-operator#411: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/csi-driver-manila-operator#207: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/csi-driver-shared-resource-operator#90: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/gcp-filestore-csi-driver-operator#57: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/gcp-pd-csi-driver-operator#93: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/ibm-powervs-block-csi-driver-operator#47: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/ibm-vpc-block-csi-driver-operator#86: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/openstack-cinder-csi-driver-operator#140: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/secrets-store-csi-driver-operator#19: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/vmware-vsphere-csi-driver-operator#181: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          GitHub openshift/vsphere-problem-detector#136: OCPBUGS-22357: CVE-2023-44487: bump github.com/openshift/library-go to master

          Web Link RHSA-2023:7198 OpenShift Container Platform 4.15 security update

          Activity

            People

              hekumar@redhat.com Hemant Kumar
              hekumar@redhat.com Hemant Kumar
              Wei Duan Wei Duan
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: