Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pin Crypto package to fix critical vulnerability #2174

Merged
merged 1 commit into from
Dec 22, 2022

Conversation

jaydeokar
Copy link
Contributor

What type of PR is this?
bug

Which issue does this PR fix:
N/A

What does this PR do / Why do we need it:
Fixes security vulnerability with Crypto package. CVE-2020-9283

If an issue # is not available please add repro steps and logs from IPAMD/CNI showing the issue:
N/A

Testing done on this change:
N/A

Automation added to e2e:
N/A

Will this PR introduce any new dependencies?: N/A

Will this break upgrades or downgrades. Has updating a running cluster been tested?:
N/A

Does this change require updates to the CNI daemonset config files to work?:
N/A

Does this PR introduce any user-facing change?:
N/A

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@jaydeokar jaydeokar requested a review from a team as a code owner December 21, 2022 18:24
go.mod Outdated Show resolved Hide resolved
@jdn5126
Copy link
Contributor

jdn5126 commented Dec 21, 2022

@jdn5126
Copy link
Contributor

jdn5126 commented Dec 22, 2022

Integration tests passed. Will merge after rebase finishes build.

@jdn5126 jdn5126 merged commit d199465 into aws:master Dec 22, 2022
@jaydeokar jaydeokar deleted the fix_crypto_package branch December 22, 2022 16:51
jaydeokar added a commit that referenced this pull request Dec 22, 2022
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
jaydeokar added a commit that referenced this pull request Dec 22, 2022
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>

Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants