Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: upgrade metallb to 0.14.8 #904

Merged
merged 1 commit into from
Sep 14, 2024
Merged

fix: upgrade metallb to 0.14.8 #904

merged 1 commit into from
Sep 14, 2024

Conversation

supershal
Copy link
Contributor

What problem does this PR solve?:
The current metallb version 0.48.5 ships with ffrouting/frr image that has critical CVES

 trivy image quay.io/frrouting/frr:9.0.2
2024-09-13T13:44:13.574-0700	INFO	Vulnerability scanning is enabled
2024-09-13T13:44:13.574-0700	INFO	Secret scanning is enabled
2024-09-13T13:44:13.574-0700	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-09-13T13:44:13.574-0700	INFO	Please see also https://aquasecurity.github.io/trivy/v0.48/docs/scanner/secret/#recommendation for faster secret detection
2024-09-13T13:44:15.718-0700	INFO	Detected OS: alpine
2024-09-13T13:44:15.718-0700	INFO	Detecting Alpine vulnerabilities...
2024-09-13T13:44:15.723-0700	INFO	Number of language-specific files: 0

quay.io/frrouting/frr:9.0.2 (alpine 3.18.5)

Total: 57 (UNKNOWN: 3, LOW: 5, MEDIUM: 37, HIGH: 9, CRITICAL: 3)

┌──────────────────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬─────────────────────────────────────────────────────────────┐
│       Library        │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version │                            Title                            │
├──────────────────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ busybox              │ CVE-2023-42363 │ MEDIUM   │ fixed  │ 1.36.1-r5         │ 1.36.1-r7     │ busybox: use-after-free in awk                              │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-42363                  │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-42364 │          │        │                   │               │ busybox: use-after-free                                     │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-42364                  │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-42365 │          │        │                   │               │ busybox: use-after-free                                     │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-42365                  │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-42366 │          │        │                   │ 1.36.1-r6     │ busybox: A heap-buffer-overflow                             │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-42366                  │
├──────────────────────┼────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│ busybox-binsh        │ CVE-2023-42363 │          │        │                   │ 1.36.1-r7     │ busybox: use-after-free in awk                              │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-42363                  │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-42364 │          │        │                   │               │ busybox: use-after-free                                     │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-42364                  │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-42365 │          │        │                   │               │ busybox: use-after-free                                     │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-42365                  │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-42366 │          │        │                   │ 1.36.1-r6     │ busybox: A heap-buffer-overflow                             │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-42366                  │
├──────────────────────┼────────────────┤          │        ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ c-ares               │ CVE-2024-25629 │          │        │ 1.19.1-r0         │ 1.19.1-r1     │ c-ares: Out of bounds read in ares__read_line()             │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-25629                  │
├──────────────────────┼────────────────┤          │        ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libcrypto3           │ CVE-2023-6129  │          │        │ 3.1.4-r1          │ 3.1.4-r3      │ mysql: openssl: POLY1305 MAC implementation corrupts vector │
│                      │                │          │        │                   │               │ registers on PowerPC                                        │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-6129                   │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-6237  │          │        │                   │ 3.1.4-r4      │ openssl: Excessive time spent checking invalid RSA public   │
│                      │                │          │        │                   │               │ keys                                                        │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-6237                   │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-0727  │          │        │                   │ 3.1.4-r5      │ openssl: denial of service via null dereference             │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-0727                   │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-4603  │          │        │                   │ 3.1.5-r0      │ openssl: Excessive time spent checking DSA keys and         │
│                      │                │          │        │                   │               │ parameters                                                  │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-4603                   │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-4741  │          │        │                   │ 3.1.6-r0      │ openssl: Use After Free with SSL_free_buffers               │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-4741                   │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-5535  │          │        │                   │               │ openssl: SSL_select_next_proto buffer overread              │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-5535                   │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-6119  │          │        │                   │ 3.1.7-r0      │ openssl: Possible denial of service in X.509 name checks    │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-6119                   │
│                      ├────────────────┼──────────┤        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-2511  │ LOW      │        │                   │ 3.1.4-r6      │ openssl: Unbounded memory growth with session handling in   │
│                      │                │          │        │                   │               │ TLSv1.3                                                     │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-2511                   │
├──────────────────────┼────────────────┼──────────┤        ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libexpat             │ CVE-2024-45490 │ CRITICAL │        │ 2.5.0-r1          │ 2.6.3-r0      │ libexpat: Negative Length Parsing Vulnerability in libexpat │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-45490                  │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-45491 │          │        │                   │               │ libexpat: Integer Overflow or Wraparound                    │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-45491                  │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-45492 │          │        │                   │               │ libexpat: integer overflow                                  │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-45492                  │
│                      ├────────────────┼──────────┤        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-52425 │ HIGH     │        │                   │ 2.6.0-r0      │ expat: parsing large tokens can trigger a denial of service │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-52425                  │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-28757 │          │        │                   │ 2.6.2-r0      │ expat: XML Entity Expansion                                 │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-28757                  │
│                      ├────────────────┼──────────┤        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-52426 │ MEDIUM   │        │                   │ 2.6.0-r0      │ expat: recursive XML entity expansion vulnerability         │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-52426                  │
├──────────────────────┼────────────────┤          │        ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ libssl3              │ CVE-2023-6129  │          │        │ 3.1.4-r1          │ 3.1.4-r3      │ mysql: openssl: POLY1305 MAC implementation corrupts vector │
│                      │                │          │        │                   │               │ registers on PowerPC                                        │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-6129                   │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-6237  │          │        │                   │ 3.1.4-r4      │ openssl: Excessive time spent checking invalid RSA public   │
│                      │                │          │        │                   │               │ keys                                                        │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-6237                   │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-0727  │          │        │                   │ 3.1.4-r5      │ openssl: denial of service via null dereference             │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-0727                   │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-4603  │          │        │                   │ 3.1.5-r0      │ openssl: Excessive time spent checking DSA keys and         │
│                      │                │          │        │                   │               │ parameters                                                  │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-4603                   │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-4741  │          │        │                   │ 3.1.6-r0      │ openssl: Use After Free with SSL_free_buffers               │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-4741                   │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-5535  │          │        │                   │               │ openssl: SSL_select_next_proto buffer overread              │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-5535                   │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-6119  │          │        │                   │ 3.1.7-r0      │ openssl: Possible denial of service in X.509 name checks    │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-6119                   │
│                      ├────────────────┼──────────┤        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-2511  │ LOW      │        │                   │ 3.1.4-r6      │ openssl: Unbounded memory growth with session handling in   │
│                      │                │          │        │                   │               │ TLSv1.3                                                     │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-2511                   │
├──────────────────────┼────────────────┼──────────┤        ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ python3              │ CVE-2024-6232  │ HIGH     │        │ 3.11.6-r0         │ 3.11.10-r0    │ python: cpython: tarfile: ReDos via excessive backtracking  │
│                      │                │          │        │                   │               │ while parsing header values                                 │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-6232                   │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-7592  │          │        │                   │               │ cpython: python: Uncontrolled CPU resource consumption when │
│                      │                │          │        │                   │               │ in http.cookies module                                      │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-7592                   │
│                      ├────────────────┼──────────┤        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-27043 │ MEDIUM   │        │                   │               │ python: Parsing errors in email/_parseaddr.py lead to       │
│                      │                │          │        │                   │               │ incorrect value in email address...                         │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-27043                  │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-6923  │          │        │                   │               │ cpython: python: email module doesn't properly quotes       │
│                      │                │          │        │                   │               │ newlines in email headers, allowing...                      │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-6923                   │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-8088  │          │        │                   │ 3.11.8-r1     │ python: cpython: Iterating over a malicious ZIP file may    │
│                      │                │          │        │                   │               │ lead to Denial...                                           │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-8088                   │
│                      ├────────────────┼──────────┤        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-4032  │ LOW      │        │                   │ 3.11.10-r0    │ python: incorrect IPv4 and IPv6 private ranges              │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-4032                   │
│                      ├────────────────┼──────────┤        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2015-2104  │ UNKNOWN  │        │                   │               │ Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.          │
│                      │                │          │        │                   │               │ ConsultIDs: none. Reason: This...                           │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2015-2104                   │
├──────────────────────┼────────────────┼──────────┤        │                   │               ├─────────────────────────────────────────────────────────────┤
│ python3-pyc          │ CVE-2024-6232  │ HIGH     │        │                   │               │ python: cpython: tarfile: ReDos via excessive backtracking  │
│                      │                │          │        │                   │               │ while parsing header values                                 │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-6232                   │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-7592  │          │        │                   │               │ cpython: python: Uncontrolled CPU resource consumption when │
│                      │                │          │        │                   │               │ in http.cookies module                                      │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-7592                   │
│                      ├────────────────┼──────────┤        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-27043 │ MEDIUM   │        │                   │               │ python: Parsing errors in email/_parseaddr.py lead to       │
│                      │                │          │        │                   │               │ incorrect value in email address...                         │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-27043                  │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-6923  │          │        │                   │               │ cpython: python: email module doesn't properly quotes       │
│                      │                │          │        │                   │               │ newlines in email headers, allowing...                      │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-6923                   │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-8088  │          │        │                   │ 3.11.8-r1     │ python: cpython: Iterating over a malicious ZIP file may    │
│                      │                │          │        │                   │               │ lead to Denial...                                           │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-8088                   │
│                      ├────────────────┼──────────┤        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-4032  │ LOW      │        │                   │ 3.11.10-r0    │ python: incorrect IPv4 and IPv6 private ranges              │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-4032                   │
│                      ├────────────────┼──────────┤        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2015-2104  │ UNKNOWN  │        │                   │               │ Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.          │
│                      │                │          │        │                   │               │ ConsultIDs: none. Reason: This...                           │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2015-2104                   │
├──────────────────────┼────────────────┼──────────┤        │                   │               ├─────────────────────────────────────────────────────────────┤
│ python3-pycache-pyc0 │ CVE-2024-6232  │ HIGH     │        │                   │               │ python: cpython: tarfile: ReDos via excessive backtracking  │
│                      │                │          │        │                   │               │ while parsing header values                                 │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-6232                   │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-7592  │          │        │                   │               │ cpython: python: Uncontrolled CPU resource consumption when │
│                      │                │          │        │                   │               │ in http.cookies module                                      │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-7592                   │
│                      ├────────────────┼──────────┤        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-27043 │ MEDIUM   │        │                   │               │ python: Parsing errors in email/_parseaddr.py lead to       │
│                      │                │          │        │                   │               │ incorrect value in email address...                         │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-27043                  │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-6923  │          │        │                   │               │ cpython: python: email module doesn't properly quotes       │
│                      │                │          │        │                   │               │ newlines in email headers, allowing...                      │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-6923                   │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-8088  │          │        │                   │ 3.11.8-r1     │ python: cpython: Iterating over a malicious ZIP file may    │
│                      │                │          │        │                   │               │ lead to Denial...                                           │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-8088                   │
│                      ├────────────────┼──────────┤        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2024-4032  │ LOW      │        │                   │ 3.11.10-r0    │ python: incorrect IPv4 and IPv6 private ranges              │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2024-4032                   │
│                      ├────────────────┼──────────┤        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2015-2104  │ UNKNOWN  │        │                   │               │ Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.          │
│                      │                │          │        │                   │               │ ConsultIDs: none. Reason: This...                           │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2015-2104                   │
├──────────────────────┼────────────────┼──────────┤        ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ sqlite-libs          │ CVE-2023-7104  │ HIGH     │        │ 3.41.2-r2         │ 3.41.2-r3     │ sqlite: heap-buffer-overflow at sessionfuzz                 │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-7104                   │
├──────────────────────┼────────────────┼──────────┤        ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ ssl_client           │ CVE-2023-42363 │ MEDIUM   │        │ 1.36.1-r5         │ 1.36.1-r7     │ busybox: use-after-free in awk                              │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-42363                  │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-42364 │          │        │                   │               │ busybox: use-after-free                                     │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-42364                  │
│                      ├────────────────┤          │        │                   │               ├─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-42365 │          │        │                   │               │ busybox: use-after-free                                     │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-42365                  │
│                      ├────────────────┤          │        │                   ├───────────────┼─────────────────────────────────────────────────────────────┤
│                      │ CVE-2023-42366 │          │        │                   │ 1.36.1-r6     │ busybox: A heap-buffer-overflow                             │
│                      │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2023-42366                  │
└──────────────────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴─────────────────────────────────────────────────────────────┘

Updates metallb to 0.14.8 which comes with frrouting/frr 9.0.1 which also have Critical CVES
overriding the frrouging/frr 9.1.2 that is free of CVES

❯ trivy image quay.io/frrouting/frr:9.1.2
2024-09-13T13:47:06.137-0700	INFO	Vulnerability scanning is enabled
2024-09-13T13:47:06.138-0700	INFO	Secret scanning is enabled
2024-09-13T13:47:06.138-0700	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-09-13T13:47:06.138-0700	INFO	Please see also https://aquasecurity.github.io/trivy/v0.48/docs/scanner/secret/#recommendation for faster secret detection
2024-09-13T13:47:07.457-0700	INFO	Detected OS: alpine
2024-09-13T13:47:07.457-0700	INFO	Detecting Alpine vulnerabilities...
2024-09-13T13:47:07.460-0700	INFO	Number of language-specific files: 0

quay.io/frrouting/frr:9.1.2 (alpine 3.18.9)

Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)

Which issue(s) this PR fixes:
Fixes #

How Has This Been Tested?:

Special notes for your reviewer:

@supershal supershal self-assigned this Sep 13, 2024
@github-actions github-actions bot added the fix label Sep 13, 2024
jimmidyson
jimmidyson approved these changes Sep 14, 2024
View reviewed changes
Copy link
Member

@jimmidyson jimmidyson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

@jimmidyson jimmidyson merged commit fb24da8 into release/v0.14.x Sep 14, 2024
17 checks passed
@jimmidyson jimmidyson deleted the shain/upgrade-metallb branch September 14, 2024 19:13
@supershal supershal mentioned this pull request Sep 17, 2024
Merged
dkoshkin pushed a commit that referenced this pull request Sep 19, 2024
@supershal @jimmidyson
release(release/v0.14.x): v0.14.8 (#910)
9404bd0 
🤖 I have created a release *beep* *boop*
---


## 0.14.8 (2024-09-18)

<!-- Release notes generated using configuration in .github/release.yaml
at release/v0.14.x -->

## What's Changed
### Fixes 🔧
* fix: upgrade metallb to 0.14.8 by @supershal in
#904
### Other Changes
* ci: Fix up release please trigger for release branches by @jimmidyson
in
#894


**Full Changelog**:
v0.14.7...v0.14.8

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: Jimmi Dyson <jimmi.dyson@nutanix.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jimmidyson jimmidyson jimmidyson approved these changes

@dlipovetsky dlipovetsky dlipovetsky approved these changes

@dkoshkin dkoshkin Awaiting requested review from dkoshkin

@thunderboltsid thunderboltsid Awaiting requested review from thunderboltsid

@deepakm-ntnx deepakm-ntnx Awaiting requested review from deepakm-ntnx

Assignees

@supershal supershal

Labels
fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@supershal @jimmidyson @dlipovetsky