Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mitigate Rapid Reset CVE-2023-44487 in devfiles org #1303

Closed
9 tasks done
thepetk opened this issue Oct 25, 2023 · 1 comment
Closed
9 tasks done

Mitigate Rapid Reset CVE-2023-44487 in devfiles org #1303

thepetk opened this issue Oct 25, 2023 · 1 comment
Assignees
@thepetk
Labels
area/alizer Enhancement or issue related to the alizer repo area/api Enhancement or issue related to the api/devfile specification area/ci area/devworkspace Improvent or additions to the DevWorkspaces CRD area/library Common devfile library for interacting with devfiles area/registry Devfile registry for stacks and infrastructure kind/epic A high level requirement that can/should be split into smaller issues

Comments

@thepetk
Copy link
Contributor

thepetk commented Oct 25, 2023
edited by rm3l
Loading

/kind epic

Which area this feature is related to?

/area ci
/area api
/area library
/area registry
/area alizer
/area devworkspace

Which functionality do you think we should add?

This EPIC is created to cover all action items required to mitigate the Rapid Reset CVE-2023-44487.

In order to achieve our goal we will need to update specific repo dependencies and also golang images that we may use inside our repos.

Acceptance Criteria
@openshift-ci openshift-ci bot added kind/epic A high level requirement that can/should be split into smaller issues area/ci area/api Enhancement or issue related to the api/devfile specification area/library Common devfile library for interacting with devfiles area/registry Devfile registry for stacks and infrastructure area/alizer Enhancement or issue related to the alizer repo area/devworkspace Improvent or additions to the DevWorkspaces CRD labels Oct 25, 2023
This was referenced Oct 25, 2023
Closed
Closed
Closed
Closed
Closed
Closed
@thepetk thepetk self-assigned this Oct 26, 2023
@rm3l rm3l mentioned this issue Oct 27, 2023
Closed
@thepetk thepetk changed the title Migitate Rapid Reset CVE-2023-44487 in devfiles org Mitigate Rapid Reset CVE-2023-44487 in devfiles org Nov 6, 2023
This was referenced Nov 9, 2023
Merged
Merged
@thepetk
Copy link
Contributor Author

thepetk commented Nov 28, 2023

@kim-tsao I'm closing the EPIC as all of the suggested actions have been completed. We can re-open in case we find an extra step we need to do for the mitigation for this CVE.

@thepetk thepetk closed this as completed Nov 28, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@thepetk thepetk

Labels
area/alizer Enhancement or issue related to the alizer repo area/api Enhancement or issue related to the api/devfile specification area/ci area/devworkspace Improvent or additions to the DevWorkspaces CRD area/library Common devfile library for interacting with devfiles area/registry Devfile registry for stacks and infrastructure kind/epic A high level requirement that can/should be split into smaller issues
Projects
Devfile Project
Status: Done ✅
Milestone
No milestone
Development

No branches or pull requests
1 participant
@thepetk