Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

chore: update git -> 2.43.4 and terraform -> 1.7.5#13299

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged

Conversation

coadler
Copy link
Contributor

@coadlercoadler commentedMay 16, 2024
edited
Loading

This fixes an RCE in git and gets us one minor version closer to fixing
a critical Terraform vulnerability. In the next release we'll bump to
1.8.x.

Fixes#13291

@coadlerGraphite App
Copy link
ContributorAuthor

This stack of pull requests is managed by Graphite.Learn more about stacking.

Join@coadler and the rest of your teammates onGraphiteGraphite

@coadlercoadler marked this pull request as ready for reviewMay 16, 2024 16:54
@coadlercoadler requested a review fromkylecarbsMay 16, 2024 16:55
@coadlercoadler changed the titlechore: update git -> 2.43.4 and terraform -> 1.7.3chore: update git -> 2.43.4 and terraform -> 1.7.4May 16, 2024
@matifali
Copy link
Member

Why not jump to1.7.5?

@coadlercoadler changed the titlechore: update git -> 2.43.4 and terraform -> 1.7.4chore: update git -> 2.43.4 and terraform -> 1.7.5May 16, 2024
@matifali
Copy link
Member

A few more places:

  1. ARG TERRAFORM_VERSION=1.5.6
  2. RUN wget -O /tmp/terraform.zip"https://releases.hashicorp.com/terraform/1.6.6/terraform_1.6.6_linux_amd64.zip" && \

@coadlercoadlerforce-pushed thecolin/chore_update_git_-_2.43.4_and_terraform_-_1.7.3 branch from4c5b659 tod2224e7CompareMay 16, 2024 18:49
This fixes an RCE in git and gets us one minor version closer to fixinga critical Terraform vulnerability. In the next release we'll bump to1.8.x.
@coadlercoadlerforce-pushed thecolin/chore_update_git_-_2.43.4_and_terraform_-_1.7.3 branch fromd2224e7 tod3eba18CompareMay 16, 2024 18:49
@coadlercoadlerenabled auto-merge (squash)May 16, 2024 18:53
@coadlercoadler merged commit80538c0 intomainMay 16, 2024
@coadlercoadler deleted the colin/chore_update_git_-_2.43.4_and_terraform_-_1.7.3 branchMay 16, 2024 19:07
@github-actionsgithub-actionsbot locked and limited conversation to collaboratorsMay 16, 2024
Sign up for freeto subscribe to this conversation on GitHub. Already have an account?Sign in.

Reviewers

@matifalimatifalimatifali left review comments

@kylecarbskylecarbskylecarbs approved these changes

Assignees

@coadlercoadler

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Critical CVE-2024-32002 and CVE-2024-3817 in Trivy Scan

3 participants

@coadler@matifali@kylecarbs
[8]ページ先頭
©2009-2025 Movatter.jp