-
Notifications
You must be signed in to change notification settings - Fork 34
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): update module golang.org/x/net to v0.33.0 [security] (release-v0.12) #582
Conversation
Signed-off-by: null <[email protected]>
ℹ Artifact update noticeFile name: modules/copy-template/go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
File name: modules/create-vm/go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
File name: modules/disk-virt-customize/go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
File name: modules/disk-virt-sysprep/go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
File name: modules/execute-in-vm/go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
File name: modules/generate-ssh-keys/go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
File name: modules/modify-data-object/go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
File name: modules/modify-vm-template/go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
File name: modules/shared/go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
File name: modules/sharedtest/go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
File name: modules/wait-for-vmi-status/go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: redhat-renovate-bot The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
@redhat-renovate-bot: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
This PR requires an updated common-templates URL, so I've resolved it manually in #587. /close |
@codingben: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
1 similar comment
@codingben: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Renovate Ignore NotificationBecause you closed this PR without merging, Renovate will ignore this update ( If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR. |
This PR contains the following updates:
v0.23.0
->v0.33.0
Non-linear parsing of case-insensitive content in golang.org/x/net/html
CVE-2024-45338 / GHSA-w32m-9786-jp63 / GO-2024-3333
More information
Details
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.
Severity
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
References
This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).
Non-linear parsing of case-insensitive content in golang.org/x/net/html
CVE-2024-45338 / GHSA-w32m-9786-jp63 / GO-2024-3333
More information
Details
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.
Severity
Unknown
References
This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.