Matthew Christopher

I don't believe there is a newer version of `kube-rbac-proxy` currently available. We will need to wait for the upstream fix of this issue before we can fix it.

ASO technically has some HTTP API, in that it exposes webhooks. With that said, yes it's very likely ASO is not at risk of this CVE. There is no usage...

@theunrepentantgeek will take a look at this

We're still interested in doing this

Redis should be included in the above list as well

This seems very similar to #2159. We think this needs to be done for ASOv2. We will not be doing this for ASOv1 as it is in maintenance mode.

We still need to do this. There's a stage in the pipeline that detects this and errors if it finds it.

We were just talking about this in #2489 and #2435. This is something that we want to do.

Originally this was filed for ASOv1, but it applies to ASOv2 too! We don't have an operator bundle for v2 yet but once we do, this will be required as...

We still want to do this