Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade dependencies 2024-11-25 #6724

Closed
36 tasks done
azul-group opened this issue Nov 25, 2024 · 2 comments
Closed
36 tasks done

Upgrade dependencies 2024-11-25 #6724

azul-group opened this issue Nov 25, 2024 · 2 comments
Assignees
@dsotirho-ucsc
Labels
- [priority] Medium debt [type] A defect incurring continued engineering cost infra [subject] Project infrastructure like CI/CD, build and deployment scripts no demo [process] Not to be demonstrated at the end of the sprint operator [process] To be addressed by whoever is operator orange [process] Done by the Azul team

Comments

@azul-group
Copy link
Collaborator

azul-group commented Nov 25, 2024
edited by dsotirho-ucsc
Loading

  • Update PyCharm image
    • Bump base image tag (only same Debian release), if possible
    • Bump upstream version, if possible
    • Bump internal version
    • Remove unused dependencies with high or critical CVEs
    • Push commit to GitHub (directly to master branch, no PR needed)
    • GH Action workflow succeeded
    • Image is available on DockerHub
  • Update Elasticsearch image
    • Bump base image tag (only minor and patch versions), if possible
    • Bump internal version
    • Remove unused dependencies with high or critical CVEs
    • Push commit to GitHub (directly to main branch, no PR needed)
    • GH Action workflow succeeded
    • Image is available on DockerHub
  • Update BigQuery Emulator image
    • Bump base image tag, if possible
    • Bump internal version
    • Push commit to GitHub (directly to azul branch, no PR needed)
    • GH Action workflow succeeded
    • Image is available on DockerHub
  • Create Azul PR, connected to this issue, with …
  • Created tickets for any deferred updates to …
    • … to next major or minor Python version or such ticket already exists
    • … to next major Docker version or such ticket already exists
    • … to next major or minor Terraform version or such ticket already exists
@azul-group azul-group added debt [type] A defect incurring continued engineering cost enh infra [subject] Project infrastructure like CI/CD, build and deployment scripts operator [process] To be addressed by whoever is operator orange [process] Done by the Azul team labels Nov 25, 2024
@dsotirho-ucsc dsotirho-ucsc self-assigned this Nov 25, 2024
@dsotirho-ucsc dsotirho-ucsc added the - [priority] Medium label Nov 25, 2024
dsotirho-ucsc added a commit to DataBiosphere/azul-docker-pycharm that referenced this issue Nov 27, 2024
@dsotirho-ucsc
Upgrade dependencies 2024-11-25 DataBiosphere/azul#6724)
dd9e0f6
dsotirho-ucsc added a commit to DataBiosphere/azul-docker-elasticsearch that referenced this issue Nov 27, 2024
@dsotirho-ucsc
Upgrade dependencies 2024-11-25 DataBiosphere/azul#6724)
f956da6
dsotirho-ucsc added a commit to DataBiosphere/azul-bigquery-emulator that referenced this issue Nov 27, 2024
@dsotirho-ucsc
Upgrade dependencies 2024-11-25 DataBiosphere/azul#6724)
b56879d
dsotirho-ucsc added a commit that referenced this issue Nov 28, 2024
@dsotirho-ucsc
Update PyCharm to 2024.3-39 (#6724)
d9641f8
dsotirho-ucsc added a commit that referenced this issue Nov 28, 2024
@dsotirho-ucsc
Update Elasticsearch to 7.17.25-32 (#6724)
013877b
dsotirho-ucsc added a commit that referenced this issue Nov 28, 2024
@dsotirho-ucsc
Update Bigquery Emulator to 0.4.4-18 (#6724)
062b457
dsotirho-ucsc added a commit that referenced this issue Nov 28, 2024
@dsotirho-ucsc
Update GitLab to 17.6.1-ce.0 and runner to ubuntu-v17.6.0 (#6724)
b41a675
dsotirho-ucsc added a commit that referenced this issue Nov 28, 2024
@dsotirho-ucsc
Update ClamAV to 1.4.1-14 (#6724)
4a3085c
@dsotirho-ucsc dsotirho-ucsc mentioned this issue Nov 28, 2024
Merged
72 tasks
dsotirho-ucsc added a commit that referenced this issue Dec 9, 2024
@dsotirho-ucsc
Update PyCharm to 2024.3-39 (#6724)
7d67987
dsotirho-ucsc added a commit that referenced this issue Dec 9, 2024
@dsotirho-ucsc
Update Elasticsearch to 7.17.25-32 (#6724)
488b8bd
dsotirho-ucsc added a commit that referenced this issue Dec 9, 2024
@dsotirho-ucsc
Update Bigquery Emulator to 0.4.4-18 (#6724)
c4347c5
dsotirho-ucsc added a commit that referenced this issue Dec 9, 2024
@dsotirho-ucsc
Update GitLab to 17.6.1-ce.0 and runner to ubuntu-v17.6.0 (#6724)
10bb568
dsotirho-ucsc added a commit that referenced this issue Dec 9, 2024
@dsotirho-ucsc
Update ClamAV to 1.4.1-14 (#6724)
e158613
@hannes-ucsc hannes-ucsc added the no demo [process] Not to be demonstrated at the end of the sprint label Dec 10, 2024
achave11-ucsc pushed a commit that referenced this issue Dec 11, 2024
@dsotirho-ucsc @achave11-ucsc
Update PyCharm to 2024.3-39 (#6724)
f66cca3
achave11-ucsc pushed a commit that referenced this issue Dec 11, 2024
@dsotirho-ucsc @achave11-ucsc
Update Elasticsearch to 7.17.25-32 (#6724)
763a15b
achave11-ucsc pushed a commit that referenced this issue Dec 11, 2024
@dsotirho-ucsc @achave11-ucsc
Update Bigquery Emulator to 0.4.4-18 (#6724)
d0aaac4
achave11-ucsc pushed a commit that referenced this issue Dec 11, 2024
@dsotirho-ucsc @achave11-ucsc
Update GitLab to 17.6.1-ce.0 and runner to ubuntu-v17.6.0 (#6724)
fa13544
achave11-ucsc pushed a commit that referenced this issue Dec 11, 2024
@dsotirho-ucsc @achave11-ucsc
Update ClamAV to 1.4.1-14 (#6724)
1c0e425
achave11-ucsc added a commit that referenced this issue Dec 12, 2024
@achave11-ucsc
Upgrade dependencies 2024-11-25 (#6724, PR #6732)
27f58c7
@achave11-ucsc
Copy link
Member

Report added as tab 2024-11-25:
findings

@hannes-ucsc
Copy link
Member

CVE-2024-7592 is not exploitable in our system. Neither PyCharm nor Elasticsearch parse cookie headers with the vulnerable function.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dsotirho-ucsc dsotirho-ucsc

Labels
- [priority] Medium debt [type] A defect incurring continued engineering cost infra [subject] Project infrastructure like CI/CD, build and deployment scripts no demo [process] Not to be demonstrated at the end of the sprint operator [process] To be addressed by whoever is operator orange [process] Done by the Azul team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@hannes-ucsc @achave11-ucsc @dsotirho-ucsc @azul-group