Fix Zenko Critical CVEs

[williamlardier]

First commit: disable utapi from the ISO build as it is not used and outdated.

[bert-e]

Hello williamlardier,

My role is to assist you with the merge of this pull request. Please type @bert-e help to get information on this process, or consult the user documentation.

Status report is not available.

[bert-e]

Waiting for approval

The following approvals are needed before I can proceed with the merge:

• the author

• 2 peers

[williamlardier]

ping

[bert-e]

Integration data created

I have created the integration data for the additional destination branches.

• this pull request will merge improvement/ZENKO-4342-fix-cves into development/2.4
• w/2.5/improvement/ZENKO-4342-fix-cves will be merged into development/2.5

The following branches will NOT be impacted:

• development/2.3

You can set option create_pull_requests if you need me to create integration pull requests in addition to integration branches, with:

@bert-e create_pull_requests

[bert-e]

Waiting for approval

The following approvals are needed before I can proceed with the merge:

• the author

• 2 peers

[williamlardier]

/reset

[bert-e]

Reset complete

I have successfully deleted this pull request's integration branches.

[bert-e]

Waiting for approval

The following approvals are needed before I can proceed with the merge:

• the author

• 2 peers

[anurag4DSB]

Question: How come we need a fix in ARTESCA v1.5.X as well? As this maintenance should go in the next minor release only right ie. Artesca v1.6.X

[bert-e]

Incorrect fix version

The Fix Version/s in issue ZENKO-4342 contains:

• 2.5.1

Considering where you are trying to merge, I ignored possible hotfix versions and I expected to find:

• 2.4.30

• 2.5.1

Please check the Fix Version/s of ZENKO-4342, or the target branch of this pull request.

[bert-e]

Waiting for approval

The following approvals are needed before I can proceed with the merge:

• the author

• 2 peers

[williamlardier]

@anurag4DSB as we use the same projects branch versions and this PR includes the S3 permissions fix from Ring, it was discussed that the 2.4 branch would be targeted by this PR. I will update 2.5 only here as written in Jira, but at some point, the 2.4 branch will be updated with the changes. If we want to only fix in 2.5, then we should create all the Artesca 1.6 branches in our projects (Vault, Cloudserver, ...).

[williamlardier]

/approve

[bert-e]

In the queue

The changeset has received all authorizations and has been added to the relevant queue(s). The queue(s) will be merged in the target development branch(es) as soon as builds have passed.

The changeset will be merged in:

• :heavy_check_mark: development/2.5

The following branches will NOT be impacted:

• development/2.3
• development/2.4

There is no action required on your side. You will be notified here once the changeset has been merged. In the unlikely event that the changeset fails permanently on the queue, a member of the admin team will contact you to help resolve the matter.

IMPORTANT

Please do not attempt to modify this pull request.

• Any commit you add on the source branch will trigger a new cycle after the current queue is merged.
• Any commit you add on one of the integration branches will be lost.

If you need this pull request to be removed from the queue, please contact a member of the admin team now.

The following options are set: approve

[bert-e]

I have successfully merged the changeset of this pull request into targetted development branches:

• :heavy_check_mark: development/2.5

The following branches have NOT changed:

• development/2.3
• development/2.4

Please check the status of the associated issue ZENKO-4342.

Goodbye williamlardier.