ceph-csi icon indicating copy to clipboard operation
ceph-csi copied to clipboard
verified publisher icon ceph

rebase: x/text: ParseAcceptLanguage takes a long time to parse complex tags

Open nixpanic opened this issue 3 years ago • 1 comments

A vulnerability was found in golang.org/x/text/language package which could cause a denial of service. An attacker can craft an Accept-Language header which ParseAcceptLanguage will take significant time to parse. Version v0.3.8 of golang.org/x/text fixes a vulnerability.

See-also: https://go.dev/issue/56152 See-also: https://bugzilla.redhat.com/CVE-2022-32149

Show available bot commands

These commands are normally not required, but in case of issues, leave any of the following bot commands in an otherwise empty comment in this PR:

  • /retest ci/centos/<job-name>: retest the <job-name> after unrelated failure (please report the failure too!)
  • /retest all: run this in case the CentOS CI failed to start/report any test progress or results

nixpanic avatar Oct 17 '22 06:10 nixpanic

@nixpanic commitlint is failing ✖ header must not be longer than 72 characters, current length is 75 [header-max-length]

Rakshith-R avatar Oct 17 '22 07:10 Rakshith-R

@mergifyio rebase

Madhu-1 avatar Oct 17 '22 15:10 Madhu-1

rebase

✅ Branch has been successfully rebased

mergify[bot] avatar Oct 17 '22 15:10 mergify[bot]

/retest ci/centos/mini-e2e-helm/k8s-1.22

nixpanic avatar Oct 18 '22 06:10 nixpanic

/retest ci/centos/k8s-e2e-external-storage/1.23

nixpanic avatar Oct 18 '22 06:10 nixpanic

/retest ci/centos/upgrade-tests-cephfs

nixpanic avatar Oct 18 '22 06:10 nixpanic

@mergifyio rebase

Madhu-1 avatar Oct 18 '22 06:10 Madhu-1

rebase

✅ Branch has been successfully rebased

mergify[bot] avatar Oct 18 '22 06:10 mergify[bot]

@mergifyio rebase

nixpanic avatar Oct 18 '22 08:10 nixpanic

rebase

✅ Branch has been successfully rebased

mergify[bot] avatar Oct 18 '22 08:10 mergify[bot]