Skip to content

update base image version of plugin binary to fix CVEs #272

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 25, 2022
Merged

update base image version of plugin binary to fix CVEs #272

merged 1 commit into from
Jan 25, 2022

Conversation

@humblec
Copy link
Contributor

@humblec humblec commented Jan 25, 2022 

+----------+------------------+----------+-------------------+------------------+--------------------------------------+
| LIBRARY  | VULNERABILITY ID | SEVERITY | INSTALLED VERSION |  FIXED VERSION   |                TITLE                 |
+----------+------------------+----------+-------------------+------------------+--------------------------------------+
| bsdutils | CVE-2021-3995    | MEDIUM   | 2.36.1-8          | 2.36.1-8+deb11u1 | util-linux: Unauthorized unmount     |
|          |                  |          |                   |                  | of FUSE filesystems belonging        |
|          |                  |          |                   |                  | to users with similar uid...         |
|          |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-3995 |
+          +------------------+          +                   +                  +--------------------------------------+
|          | CVE-2021-3996    |          |                   |                  | util-linux: Unauthorized unmount     |
|          |                  |          |                   |                  | of filesystems in libmount           |
|          |                  |          |                   |                  | -->avd.aquasec.com/nvd/cve-2021-3996 |
+----------+------------------+----------+-------------------+------------------+--------------------------------------+

Signed-off-by: Humble Chirammal [email protected]

-->

NONE

@k8s-ci-robot k8s-ci-robot added the release-note-none Denotes a PR that doesn't merit a release note. label Jan 25, 2022
@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Jan 25, 2022
@humblec
Copy link
Contributor Author

humblec commented Jan 25, 2022

/assign @andyzhangx

@coveralls
Copy link

coveralls commented Jan 25, 2022
edited
Loading

Pull Request Test Coverage Report for Build 1745084046

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 77.716%
Totals Coverage Status
Change from base Build 1744027036: 0.0%
Covered Lines: 558
Relevant Lines: 718
💛 - Coveralls

andyzhangx
andyzhangx approved these changes Jan 25, 2022
View reviewed changes
Copy link
Member

@andyzhangx andyzhangx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jan 25, 2022
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Jan 25, 2022

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: andyzhangx, humblec

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jan 25, 2022
@k8s-ci-robot k8s-ci-robot merged commit 6c3baa7 into kubernetes-csi:master Jan 25, 2022
andyzhangx added a commit to andyzhangx/csi-driver-nfs that referenced this pull request Feb 18, 2025
@andyzhangx
Squashed 'release-tools/' changes from 04965932..90efb2ca
4cf507a 
90efb2ca Merge pull request kubernetes-csi#272 from andyzhangx/patch-3
9b616fec Bump golang to 1.23.6 to fix CVE-2024-45336, CVE-2025-22866

git-subtree-dir: release-tools
git-subtree-split: 90efb2ca59900f19eba05e65da28beda79c5bb28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andyzhangx andyzhangx andyzhangx approved these changes

@pohly pohly Awaiting requested review from pohly

@xing-yang xing-yang Awaiting requested review from xing-yang

Assignees

@andyzhangx andyzhangx

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@humblec @coveralls @k8s-ci-robot @andyzhangx