[release-4.16] OCPBUGS-82678, OCPBUGS-83594: Address CVE-2026-35469#9028
[release-4.16] OCPBUGS-82678, OCPBUGS-83594: Address CVE-2026-35469#9028shannon wants to merge 1 commit into
Conversation
|
Pipeline controller notification For optional jobs, comment This repository is configured in: LGTM mode |
|
@shannon: This pull request references Jira Issue OCPBUGS-82678, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. This pull request references Jira Issue OCPBUGS-83594, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
Please specify an area label DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: shannon The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Repository: openshift/coderabbit/.coderabbit.yaml Review profile: CHILL Plan: Enterprise Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
5caafe4 to
0388fc4
Compare
Update vendored dependencies to remediate CVE-2026-35469: - github.com/moby/spdystream v0.2.0 -> v0.5.1 Fixes: OCPBUGS-82678, OCPBUGS-83594
0388fc4 to
093a649
Compare
|
@shannon: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
What this PR does / why we need it:
Addresses CVE-2026-35469 by bumping spdystream to v0.5.1
Which issue(s) this PR fixes:
Fixes OCPBUGS-82678, OCPBUGS-83594
Special notes for your reviewer:
Commands used to generate this commit
Checklist: