Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[23.11] kubernetes: 1.28.7 -> 1.28.9 #304897

Merged
merged 1 commit into from
Apr 19, 2024
Merged

[23.11] kubernetes: 1.28.7 -> 1.28.9 #304897

merged 1 commit into from
Apr 19, 2024

Conversation

LeSuisse
Copy link
Contributor

@LeSuisse LeSuisse commented Apr 17, 2024
edited
Loading

Description of changes

Fixes CVE-2024-3177 (also CVE-2023-45288).

Changes:
https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md#changelog-since-v1288

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 24.05 Release Notes (or backporting 23.05 and 23.11 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Result of nixpkgs-review pr 304897 run on x86_64-linux 1

11 packages built:
  • chart-testing
  • gsctl
  • kns
  • kubectl
  • kubectl-convert (kubectl-convert.convert ,kubectl-convert.man ,kubectl.convert)
  • kubectl.man
  • kubernetes
  • kubernetes.man
  • kubernetes.pause
  • kubetail
  • tubekit

Add a 👍 reaction to pull requests you find important.

@LeSuisse LeSuisse added the 1.severity: security Issues which raise a security issue, or PRs that fix one label Apr 17, 2024
@wegank wegank added 12.approvals: 1 This PR was reviewed and approved by one reputable person 12.approved-by: package-maintainer This PR was reviewed and approved by a maintainer listed in the package labels Apr 18, 2024
leona-ya
leona-ya requested changes Apr 18, 2024
View reviewed changes
Copy link
Member

@leona-ya leona-ya left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CVE-2024-3177 seems to be only fixed in 1.28.9 according to the changelog, so please use this version.

@LeSuisse LeSuisse changed the title [23.11] kubernetes: 1.28.7 -> 1.28.8 [23.11] kubernetes: 1.28.7 -> 1.28.9 Apr 19, 2024
@LeSuisse
Copy link
Contributor Author

Thanks for spotting my mistake!

@ofborg ofborg bot requested a review from saschagrunert April 19, 2024 07:42
leona-ya
leona-ya approved these changes Apr 19, 2024
View reviewed changes
Copy link
Member

@leona-ya leona-ya left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@leona-ya leona-ya merged commit c422e3d into NixOS:release-23.11 Apr 19, 2024
16 of 18 checks passed
@LeSuisse LeSuisse deleted the kubernetes-1.28.8-23.11 branch April 19, 2024 08:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@leona-ya leona-ya leona-ya approved these changes

@offlinehacker offlinehacker Awaiting requested review from offlinehacker

@srhb srhb Awaiting requested review from srhb

@johanot johanot Awaiting requested review from johanot

@saschagrunert saschagrunert Awaiting requested review from saschagrunert

Assignees
No one assigned
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one 10.rebuild-darwin: 1-10 10.rebuild-linux: 1-10 12.approvals: 1 This PR was reviewed and approved by one reputable person 12.approved-by: package-maintainer This PR was reviewed and approved by a maintainer listed in the package
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@LeSuisse @saschagrunert @leona-ya @wegank