8000 upgrade ubi base image to fix CVEs by sujay-hashicorp · Pull Request #22409 · hashicorp/consul · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

upgrade ubi base image to fix CVEs #22409

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 16, 2025
Merged

upgrade ubi base image to fix CVEs #22409

merged 3 commits into from
Jun 16, 2025
+15 −1

Conversation

sujay-hashicorp
Copy link
Contributor
@sujay-hashicorp sujay-hashicorp commented Jun 15, 2025
edited
Loading

Description

Upgraded UBI base image from 9.5 to 9.6-1749489516 to fix following CVEs:

CVE-2025-4802
CVE-2024-40896
CVE-2024-12243
CVE-2025-24528
CVE-2025-3277
CVE-2024-12133
CVE-2024-57970
CVE-2025-31115

Testing & Reproduction steps

Used hashicorp/security/scan tool to scan binaries and containers

Links

N/A

PR Checklist

  • updated test coverage
  • external facing docs updated
  • appropriate backport labels added
  • not a security concern

@sujay-hashicorp sujay-hashicorp requested a review from a team as a code owner June 15, 2025 16:19
@sujay-hashicorp sujay-hashicorp added backport/all Apply backports for all active releases per .release/versions.hcl backport/ent/1.21 changes are backported to 1.21 ent labels Jun 15, 2025
@github-actions github-actions bot added the pr/dependencies PR specifically updates dependencies of project label Jun 15, 2025
sujay-hashicorp added a commit that referenced this pull request Jun 15, 2025
@sujay-hashicorp
added changelog for #22409
3fa7a2f
sujay-hashicorp added a commit that referenced this pull request Jun 15, 2025
@sujay-hashicorp
added changelog for #22409
716dbfc
sujay-hashicorp added a commit that referenced this pull request Jun 15, 2025
@sujay-hashicorp
added changelog for #22409
c6e1fe7
@sujay-hashicorp sujay-hashicorp changed the title upgrade go and base container to fix CVEs upgrade ubibase container to fix CVEs Jun 15, 2025
@sujay-hashicorp sujay-hashicorp changed the title upgrade ubibase container to fix CVEs upgrade ubi base image to fix CVEs Jun 15, 2025
sujay-hashicorp added a commit that referenced this pull request Jun 15, 2025
@sujay-hashicorp
added changelog for #22409
3a681cb
@sujay-hashicorp sujay-hashicorp requested a review from a team as a code owner June 16, 2025 03:53
@sujay-hashicorp sujay-hashicorp requested a review from shore June 16, 2025 03:53
@sujay-hashicorp sujay-hashicorp merged commit 2262c66 into main Jun 16, 2025
113 of 117 checks passed
@sujay-hashicorp sujay-hashicorp deleted the sujay/upgrade-go branch June 16, 2025 04:52
@hc-github-team-consul-core hc-github-team-consul-core added backport/1.21 Changes are backported to 1.21 backport/ent/1.18 Changes are backported to 1.18 ent backport/ent/1.19 Changes are backported to 1.19 ent backport/ent/1.20 backport to ent 1.20 labels Jun 16, 2025
@hc-github-team-consul-core hc-github-team-consul-core mentioned this pull request Jun 16, 2025
Merged
4 tasks
sujay-hashicorp added a commit that referenced this pull request Jun 16, 2025
@sujay-hashicorp
added changelog for #22409
0686c7f
sujay-hashicorp added a commit that referenced this pull request Jun 16, 2025
@hc-github-team-consul-core @sujay-hashicorp
Backport of upgrade ubi base image to fix CVEs into release/1.21.x (#…
78fb6e3 
…22410)

* upgrade UBI base container to fix CVEs

* added changelog for #22409

---------

Co-authored-by: Sujay Kumar Suman <sujaykumar.suman@hashicorp.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Vikramarjuna Vikramarjuna Vikramarjuna approved these changes

@shore shore Awaiting requested review from shore shore is a code owner automatically assigned from hashicorp/team-selfmanaged-releng

Assignees
No one assigned
Labels
backport/all Apply backports for all active releases per .release/versions.hcl backport/ent/1.18 Changes are backported to 1.18 ent backport/ent/1.19 Changes are backported to 1.19 ent backport/ent/1.20 backport to ent 1.20 backport/ent/1.21 changes are backported to 1.21 ent backport/1.21 Changes are backported to 1.21 pr/dependencies PR specifically updates dependencies of project
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sujay-hashicorp @Vikramarjuna @hc-github-team-consul-core
0