Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport of [NET-8601] Upgrade vault/api and docker/docker to resolve open CVEs into release/1.2.7 #3844

Merged
merged 3 commits into from
Mar 29, 2024
Merged

Backport of [NET-8601] Upgrade vault/api and docker/docker to resolve open CVEs into release/1.2.7 #3844

merged 3 commits into from
Mar 29, 2024

Conversation

zalimeni
Copy link
Member

Backport

This PR is a manual backport of #3837.

The below text is copied from the body of the original PR.

Changes proposed in this PR

Created by running:

make go-mod-get DEP_VERSION=github.com/hashicorp/vault/api@v1.12.2
make go-mod-get DEP_VERSION=github.com/docker/docker@v25.0.5+incompatible

These unblock the 1.4.1 patch release, so will be backported to .x and point-release branches.

How I've tested this PR

CI and Security Scan pass.

Also ran scan repository . to confirm CVEs are resolved.

How I expect reviewers to test this PR

👀

Checklist

Overview of commits

@zalimeni zalimeni added the pr/no-backport signals that a PR will not contain a backport label label Mar 29, 2024
@zalimeni zalimeni changed the title Backport of [NET-8601] Upgrade vault/api and docker/docker to resolve open CVEs into release/ Backport of [NET-8601] Upgrade vault/api and docker/docker to resolve open CVEs into release/1.2.7 Mar 29, 2024
@zalimeni zalimeni merged commit f25b934 into release/1.2.7 Mar 29, 2024
50 of 51 checks passed
@zalimeni zalimeni deleted the backport/zalimeni/fix-multiple-cves/1.2.7 branch March 29, 2024 18:10
kisunji pushed a commit that referenced this pull request Apr 3, 2024
@zalimeni @emilymianeil
1.2.7 sync to 1.2.x (#3822)
14d145d 
* Prerelease 1.2.7

* [prerelease-1.2.7] Disable CE test (#3826)

* [1.2.7] Disable all CE tests (#3834)

Disable CE tests on all workflows

* Backport of [NET-8601] Upgrade `vault/api` and `docker/docker` to resolve open CVEs into release/1.2.7 (#3844)

* backport of commit 1711f31

* backport of commit 9049c0d

* backport of commit cacd09b

* [1.2.7] Remove Duplicate UBI Tags (#3265) (#3859)

Remove Duplicate UBI Tags (#3265)

- Amalgamate UBI with Dockerhub and Redhat tags into one step
- Avoids a production incident that errors on duplicate tags:
hashicorp/releng-support#123

Co-authored-by: emily neil <63985869+emilymianeil@users.noreply.github.com>

* Re-add get-go-version (#3863)

---------

Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>
Co-authored-by: emily neil <63985869+emilymianeil@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@skpratt skpratt skpratt approved these changes

@NicoletaPopoviciu NicoletaPopoviciu Awaiting requested review from NicoletaPopoviciu

Assignees
No one assigned
Labels
pr/no-backport signals that a PR will not contain a backport label
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@zalimeni @skpratt