Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

argo-workflows/3.6.2-r7: cve remediation #41041

Closed
wants to merge 3 commits into from
Closed

argo-workflows/3.6.2-r7: cve remediation #41041

wants to merge 3 commits into from

Conversation

octo-sts[bot]
Copy link
Contributor

@octo-sts octo-sts bot commented Jan 31, 2025

argo-workflows/3.6.2-r7: fix CVE-2024-45341

Advisory data: https://github.com/wolfi-dev/advisories/blob/main/argo-workflows.advisories.yaml

Source code for this service: https://go/cve-remedy-automation-source

Logs for this execution: https://go/cve-remedy-automation-logs

Docs for this service: (not provided yet)

@octo-sts octo-sts bot added P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. automated pr CVE-2024-45341 go/bump request-cve-remediation argo-workflows/3.6.2-r7 bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. auto-approver-bot/initial-checks-failed labels Jan 31, 2025
@jamie-albert jamie-albert self-assigned this Feb 3, 2025
@jamie-albert
Copy link
Member

wolfi-dev/advisories#11895

@egibs egibs added the staging-build If this label is set on a PR, it will be built by elastic-build in staging label Feb 4, 2025
@philroche
Copy link
Member

@jamie-albert CVE remediation PRs will never auto close due to a CVE being remediated. They will close after 30 days of inactivity but not because of a CVE remediation. Please verify the advisory has been filed or the CVE has been remediated elsewhere - if so please close this PR. Marking in progress

@jamie-albert
Copy link
Member

advisory filed and merged

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@jamie-albert jamie-albert

Labels
argo-workflows/3.6.2-r7 auto-approver-bot/initial-checks-failed automated pr bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. CVE-2024-45341 go/bump manual/review-needed P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. request-cve-remediation staging-build If this label is set on a PR, it will be built by elastic-build in staging
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jamie-albert @philroche @egibs