rebase: update golang.org/x/net to v0.14 #4034

nixpanic · 2023-08-07T11:06:52Z

golang.org/x/net/html v0.12 is vulnerable against CVE-2023-3978. Exploiting it through Ceph-CSI is non-trivial, but rebasing golang.org/x/net should take away any concerns.

See-also: https://pkg.go.dev/vuln/GO-2023-1988

Show available bot commands

These commands are normally not required, but in case of issues, leave any of
the following bot commands in an otherwise empty comment in this PR:

/retest ci/centos/<job-name>: retest the <job-name> after unrelated
failure (please report the failure too!)

ceph-csi-bot · 2023-08-07T11:21:13Z

/test ci/centos/k8s-e2e-external-storage/1.25

ceph-csi-bot · 2023-08-07T11:21:14Z

/test ci/centos/k8s-e2e-external-storage/1.26

ceph-csi-bot · 2023-08-07T11:21:15Z

/test ci/centos/k8s-e2e-external-storage/1.27

ceph-csi-bot · 2023-08-07T11:21:16Z

/test ci/centos/mini-e2e-helm/k8s-1.25

ceph-csi-bot · 2023-08-07T11:21:17Z

/test ci/centos/mini-e2e-helm/k8s-1.26

ceph-csi-bot · 2023-08-07T11:21:18Z

/test ci/centos/mini-e2e-helm/k8s-1.27

ceph-csi-bot · 2023-08-07T11:21:19Z

/test ci/centos/mini-e2e/k8s-1.25

ceph-csi-bot · 2023-08-07T11:21:21Z

/test ci/centos/mini-e2e/k8s-1.26

ceph-csi-bot · 2023-08-07T11:21:22Z

/test ci/centos/mini-e2e/k8s-1.27

ceph-csi-bot · 2023-08-07T11:21:23Z

/test ci/centos/upgrade-tests-cephfs

ceph-csi-bot · 2023-08-07T11:21:24Z

/test ci/centos/upgrade-tests-rbd

nixpanic · 2023-08-07T12:26:36Z

There was a maintenance outage in the CentOS CI; restarting the jobs.

ceph-csi-bot · 2023-08-07T12:26:55Z

/test ci/centos/k8s-e2e-external-storage/1.25

ceph-csi-bot · 2023-08-07T12:26:56Z

/test ci/centos/k8s-e2e-external-storage/1.26

ceph-csi-bot · 2023-08-07T12:26:57Z

/test ci/centos/k8s-e2e-external-storage/1.27

ceph-csi-bot · 2023-08-07T12:26:58Z

/test ci/centos/mini-e2e-helm/k8s-1.25

ceph-csi-bot · 2023-08-07T12:26:59Z

/test ci/centos/mini-e2e-helm/k8s-1.26

ceph-csi-bot · 2023-08-07T12:27:00Z

/test ci/centos/mini-e2e-helm/k8s-1.27

ceph-csi-bot · 2023-08-07T12:27:01Z

/test ci/centos/mini-e2e/k8s-1.25

ceph-csi-bot · 2023-08-07T12:27:02Z

/test ci/centos/mini-e2e/k8s-1.26

ceph-csi-bot · 2023-08-07T12:27:03Z

/test ci/centos/mini-e2e/k8s-1.27

ceph-csi-bot · 2023-08-07T12:27:04Z

/test ci/centos/upgrade-tests-cephfs

ceph-csi-bot · 2023-08-07T15:34:44Z

@nixpanic "ci/centos/mini-e2e-helm/k8s-1.26" test failed. Logs are available at location for debugging

ceph-csi-bot · 2023-08-07T15:34:45Z

/retest ci/centos/upgrade-tests-rbd

ceph-csi-bot · 2023-08-07T15:34:46Z

@nixpanic "ci/centos/upgrade-tests-rbd" test failed. Logs are available at location for debugging

ceph-csi-bot · 2023-08-07T15:34:47Z

/retest ci/centos/upgrade-tests-cephfs

ceph-csi-bot · 2023-08-07T15:34:47Z

@nixpanic "ci/centos/upgrade-tests-cephfs" test failed. Logs are available at location for debugging

ceph-csi-bot · 2023-08-07T15:34:48Z

/retest ci/centos/mini-e2e-helm/k8s-1.25

ceph-csi-bot · 2023-08-07T15:34:49Z

@nixpanic "ci/centos/mini-e2e-helm/k8s-1.25" test failed. Logs are available at location for debugging

ceph-csi-bot · 2023-08-07T15:34:50Z

/retest ci/centos/mini-e2e/k8s-1.26

ceph-csi-bot · 2023-08-07T15:34:51Z

@nixpanic "ci/centos/mini-e2e/k8s-1.26" test failed. Logs are available at location for debugging

ceph-csi-bot · 2023-08-07T15:34:52Z

/retest ci/centos/k8s-e2e-external-storage/1.27

ceph-csi-bot · 2023-08-07T15:34:53Z

@nixpanic "ci/centos/k8s-e2e-external-storage/1.27" test failed. Logs are available at location for debugging

ceph-csi-bot · 2023-08-07T15:34:54Z

@Mergifyio requeue

mergify · 2023-08-07T15:35:07Z

requeue

❌ This pull request head commit has not been previously disembarked from queue.

golang.org/x/net/html v0.12 is vulnerable against CVE-2023-3978. Exploiting it through Ceph-CSI is non-trivial, but rebasing golang.org/x/net should take away any concerns. See-also: https://pkg.go.dev/vuln/GO-2023-1988 Signed-off-by: Niels de Vos <[email protected]>

ceph-csi-bot · 2023-08-07T19:12:22Z

/test ci/centos/k8s-e2e-external-storage/1.25

ceph-csi-bot · 2023-08-07T19:12:23Z

/test ci/centos/k8s-e2e-external-storage/1.26

ceph-csi-bot · 2023-08-07T19:12:24Z

/test ci/centos/k8s-e2e-external-storage/1.27

ceph-csi-bot · 2023-08-07T19:12:25Z

/test ci/centos/mini-e2e-helm/k8s-1.25

ceph-csi-bot · 2023-08-07T19:12:26Z

/test ci/centos/mini-e2e-helm/k8s-1.26

ceph-csi-bot · 2023-08-07T19:12:27Z

/test ci/centos/mini-e2e-helm/k8s-1.27

ceph-csi-bot · 2023-08-07T19:12:28Z

/test ci/centos/mini-e2e/k8s-1.25

ceph-csi-bot · 2023-08-07T19:12:29Z

/test ci/centos/mini-e2e/k8s-1.26

ceph-csi-bot · 2023-08-07T19:12:30Z

/test ci/centos/mini-e2e/k8s-1.27

ceph-csi-bot · 2023-08-07T19:12:31Z

/test ci/centos/upgrade-tests-cephfs

ceph-csi-bot · 2023-08-07T19:12:32Z

/test ci/centos/upgrade-tests-rbd

mergify bot added the rebase update the version of an external component label Aug 7, 2023

Madhu-1 approved these changes Aug 7, 2023

View reviewed changes

Madhu-1 requested a review from a team August 7, 2023 11:10

riya-singhal31 approved these changes Aug 7, 2023

View reviewed changes

nixpanic added the ok-to-test Label to trigger E2E tests label Aug 7, 2023

ceph-csi-bot removed the ok-to-test Label to trigger E2E tests label Aug 7, 2023

nixpanic added the security label Aug 7, 2023

nixpanic added the ok-to-test Label to trigger E2E tests label Aug 7, 2023

nixpanic force-pushed the rebase/golang.org/x/net branch from ecb41ef to 0d5c6e2 Compare August 7, 2023 19:11

mergify bot added the ok-to-test Label to trigger E2E tests label Aug 7, 2023

ceph-csi-bot removed the ok-to-test Label to trigger E2E tests label Aug 7, 2023

mergify bot merged commit a129b1c into ceph:devel Aug 7, 2023
14 checks passed

nixpanic mentioned this pull request Aug 8, 2023

Bug 2228807: rebase: update golang.org/x/net to v0.14 red-hat-storage/ceph-csi#179

Merged

4 tasks

rebase: update golang.org/x/net to v0.14 #4034

rebase: update golang.org/x/net to v0.14 #4034

Conversation

nixpanic commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

nixpanic commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

mergify bot commented Aug 7, 2023

❌ This pull request head commit has not been previously disembarked from queue.

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023

ceph-csi-bot commented Aug 7, 2023