Prepare for Y Release

Prepare for Z Release

Remove Quarter

XML

Word

Printable

Type: Epic
Resolution: Done
Priority: Blocker
Fix Version/s: 1.2.1
Affects Version/s: 1.2.1
Component/s: Build
Labels:
- 2024-Q3

Epic Name:
RHDH 1.2.1 Release
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Epic Status:
In Progress
Planning:

QE Needed, Docs Needed, TE Needed, Customer Facing, PX Needed
Intelligence Requested:
Market:

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

EPIC Goal

Quick fix to solve two problems in 1.2.0:

CVE fixes released by freshmaker are not made available to Helm chart updates automatically, so a new chart release is required for these CVEs:
- https://errata.devel.redhat.com/advisory/133677
  - CVE-2023-6597 python: Path traversal on tempfile.TemporaryDirectory
  - CVE-2024-0450 python: The zipfile module is vulnerable to zip-bombs leading to denial of service
- https://errata.devel.redhat.com/advisory/133667
  - CVE-2023-6597 python: Path traversal on tempfile.TemporaryDirectory
- new container 1.2-105.1719294777: https://catalog.redhat.com/software/containers/rhdh/rhdh-hub-rhel9/645bd4c15c00598369c31aba?architecture=amd64&image=667a6d9e416c5da5c6408ffe&container-tabs=security

Chart was affected by ~~RHIDP-2931~~ and we needed to re-release the chart so that it didn't cause the static js files to be deleted from the deployed pod

update docs in 1.2 branch to reflect new chart version 1.2.1 as latest - https://github.com/redhat-developer/red-hat-developers-documentation-rhdh/pull/339 ==> https://docs.redhat.com/en/documentation/red_hat_developer_hub/1.2/html-single/release_notes_for_red_hat_developer_hub_1.2/index#con-relnotes-fixed-issues_release-notes-rhdh

Assignee:: Nick Boldt

Reporter:: Nick Boldt

Team:: RHIDP - Core Platform

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2024/06/25 4:59 PM

Updated:: 2024/06/26 4:23 PM

Resolved:: 2024/06/26 12:58 PM