eks-distro icon indicating copy to clipboard operation
eks-distro copied to clipboard

Published 20 hours ago verified publisher icon aws

Addresses coredns CVEs 2024-24786 & 2024-22189 in applicable versions only

Open adityavenneti opened this issue 9 months ago • 1 comments

Description of changes:

Addresses CVEs 2024-24786 in K8s 1.26 to 1.30 Addresses CVEs 2024-22189 in K8S 1.29 and 1.30 only.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

adityavenneti avatar May 09 '24 02:05 adityavenneti

@adityavenneti can you please change the CVE 2024-22189 patch name to Fix for CVE 2024-22189 from Fix for GHSA-c33x-xqrf-c478 CVE? Even though they are same CVEs, as all our past patches' naming convention has the CVE ID, not the GitHub Advisories ID, it will be easier to search these fixes in future and will show consistency on the patch names.

zafs23 avatar May 09 '24 14:05 zafs23

Presuming you are referring to the name of the file. Will change to keep convention.

adityavenneti avatar May 09 '24 15:05 adityavenneti

/lgtm /approve

zafs23 avatar May 10 '24 00:05 zafs23

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: zafs23

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

eks-distro-bot avatar May 10 '24 00:05 eks-distro-bot