Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-25593

Images: update azure cli to 2.40.0+ in upi-installer to avoid security vulnerability

XMLWordPrintable

    • Moderate
    • No
    • False
    • Hide

      None

      Show
      None

      This is a clone of issue OCPBUGS-16640. The following is the description of the original issue:

      This is a clone of issue OCPBUGS-14932. The following is the description of the original issue:

      Description of problem:

      Due to security vulnerability[1] affecting Azure CLI versions previous to 2.40.0(not included), it is recommended to update azure cli to higher version to avoid this issue. Currently, azure cli in CI is 2.38.0.
      
      [1] https://github.com/Azure/azure-cli/security/advisories/GHSA-47xc-9rr2-q7p4

      Version-Release number of selected component (if applicable):

      All supported version

      How reproducible:

      Always

      Steps to Reproduce:

      1. Trigger CI jobs on azure platform that contains steps using azure cli.
      2. 
      3.
      

      Actual results:

      azure cli 2.38.0 is used now.

      Expected results:

      azure cli 2.40.0+ to be used in CI on all supported version

      Additional info:

      As azure cli 2.40.0+ is only available in rhel8-based repository, need to update its repo in upi-installer rhel8-based docker file[1]
      
      [1] https://github.com/openshift/installer/blob/master/images/installer/Dockerfile.upi.ci.rhel8#L23

              Unassigned Unassigned
              openshift-crt-jira-prow OpenShift Prow Bot
              Jinyun Ma Jinyun Ma
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: