Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed x/net dependency vulnerability fix in submodules CNI, acceptance & control-plane #4452

Merged
merged 5 commits into from
Jan 8, 2025
Merged

Fixed x/net dependency vulnerability fix in submodules CNI, acceptance & control-plane #4452

merged 5 commits into from
Jan 8, 2025
+56 −50

Conversation

nitin-sachdev-29
Copy link
Collaborator

Changes proposed in this PR

How I've tested this PR

How I expect reviewers to test this PR

Checklist

@nitin-sachdev-29 nitin-sachdev-29 requested a review from a team as a code owner January 8, 2025 04:44
@nitin-sachdev-29 nitin-sachdev-29 added pr/no-changelog PR does not need a corresponding .changelog entry backport/1.6.x Changes are backported to 1.6 labels Jan 8, 2025
abhishek-hashicorp
abhishek-hashicorp reviewed Jan 8, 2025
View reviewed changes
Copy link
Collaborator

@abhishek-hashicorp abhishek-hashicorp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add a changelog for the vulnerability fix? That should be merged to main and then backported to other versions which need to be released.

Also, you can raise a separate PR for prepare release changes.

Example

@nitin-sachdev-29 nitin-sachdev-29 enabled auto-merge (squash) January 8, 2025 06:29
@nitin-sachdev-29 nitin-sachdev-29 merged commit 05989a9 into release/1.6.2 Jan 8, 2025
50 of 51 checks passed
@nitin-sachdev-29 nitin-sachdev-29 deleted the prepare-1.6.2 branch January 8, 2025 14:27
nitin-sachdev-29 added a commit that referenced this pull request Jan 10, 2025
@nitin-sachdev-29
Post release 1.6.2 (#4457)
84d34fc 
* updating api, envoyextensions & troubleshoot submodules to latest version.

* Updated consul/api, envoyextensions & troubleshoot submodules (#4451)

* updated consul-dataplane version to 1.6.2, executed go mod tidy and added CHANGELOG.md

* updated golang.org/x/net dependency to 0.34.0 to fix vulnerability https://pkg.go.dev/vuln/GO-2024-3333

* Fixed x/net dependency vulnerability fix in submodules CNI, acceptance & control-plane (#4452)

* updated consul-dataplane version to 1.6.2, executed go mod tidy and added CHANGELOG.md

* updated golang.org/x/net dependency to 0.34.0 to fix vulnerability https://pkg.go.dev/vuln/GO-2024-3333

* updated golang.org/x/net dependency to 0.34.0 to fix vulnerability https://pkg.go.dev/vuln/GO-2024-3333 in CNI, acceptance and control-plane submodule.

* added CHANGELOG.md

* suppressing vulnerability GO-2022-0635 for release (#4453)

* updated consul-dataplane version to 1.6.2, executed go mod tidy and added CHANGELOG.md

* updated golang.org/x/net dependency to 0.34.0 to fix vulnerability https://pkg.go.dev/vuln/GO-2024-3333

* updated golang.org/x/net dependency to 0.34.0 to fix vulnerability https://pkg.go.dev/vuln/GO-2024-3333 in CNI, acceptance and control-plane submodule.

* added CHANGELOG.md

* suppressing vulnerability GO-2022-0635 for release

* syncing with 1.6.2 & preparing release/1.6.x branch for next release
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@abhishek-hashicorp abhishek-hashicorp abhishek-hashicorp left review comments

@blake blake blake approved these changes

Assignees
No one assigned
Labels
backport/1.6.x Changes are backported to 1.6 pr/no-changelog PR does not need a corresponding .changelog entry
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nitin-sachdev-29 @blake @abhishek-hashicorp