fix: CVE-2022-3172 #3693
Merged
fix: CVE-2022-3172 #3693
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Jorge Turrado <[email protected]>
|
/run-e2e internal* |
tomkerkhove
approved these changes
Sep 27, 2022
pedro-stanaka
pushed a commit
to pedro-stanaka/keda
that referenced
this pull request
Jan 18, 2023
7 tasks
pedro-stanaka
pushed a commit
to pedro-stanaka/keda
that referenced
this pull request
Jan 18, 2023
Signed-off-by: Pedro Tanaka <[email protected]>
pedro-stanaka
pushed a commit
to pedro-stanaka/keda
that referenced
this pull request
Jan 19, 2023
Signed-off-by: Pedro Tanaka <[email protected]>
pedro-stanaka
pushed a commit
to pedro-stanaka/keda
that referenced
this pull request
Jan 19, 2023
Signed-off-by: Pedro Tanaka <[email protected]>
JorTurFer
added a commit
that referenced
this pull request
Jan 19, 2023
* fix: CVE-2022-3172 (#3693) Signed-off-by: Pedro Tanaka <[email protected]> * fix: Respect optional parameter inside envs for ScaledJobs (#3694) Signed-off-by: Jorge Turrado <[email protected]> Signed-off-by: Pedro Tanaka <[email protected]> * fix(prometheus scaler): Detect Inf before casting float to int (#3762) * fix(prometheus scaler): Detect Inf before casting float to int Signed-off-by: Jorge Turrado <[email protected]> * Improve the log message Signed-off-by: Jorge Turrado <[email protected]> Signed-off-by: Jorge Turrado <[email protected]> Signed-off-by: Pedro Tanaka <[email protected]> * fix(nats-jetstream): correctly count messages that should be redelivered (waiting for ack) towards keda value (#3809) * fix: keda now include the messages that should be retried in the count of pending messages used for scaling Signed-off-by: Antoine Laffargue <[email protected]> * chore: update changelog Signed-off-by: Antoine Laffargue <[email protected]> Signed-off-by: Antoine Laffargue <[email protected]> Signed-off-by: Pedro Tanaka <[email protected]> * NewRelic scaler crashes on logging (#3946) Signed-off-by: Laszlo Kishalmi <[email protected]> Signed-off-by: Laszlo Kishalmi <[email protected]> Signed-off-by: Pedro Tanaka <[email protected]> Signed-off-by: Pedro Tanaka <[email protected]> * Fix stackdriver client returning 0 for metric types of double (#3788) * Update stackdriver client to handle metrics of value type double Signed-off-by: Eric Takemoto <[email protected]> * move change log note to below general Signed-off-by: Eric Takemoto <[email protected]> * parse activation value as float64 Signed-off-by: Eric Takemoto <[email protected]> * change target value to float64 for GCP pub/sub and stackdriver Signed-off-by: Eric Takemoto <[email protected]> Signed-off-by: Eric Takemoto <[email protected]> Signed-off-by: Pedro Tanaka <[email protected]> * Fixing conflicts after cherry-pick Signed-off-by: Pedro Tanaka <[email protected]> * fix: Close is called twice on PushScaler's deletion (#3599) Signed-off-by: ytz <[email protected]> Signed-off-by: taenyang <[email protected]> Signed-off-by: Pedro Tanaka <[email protected]> * fix/datadog-scaler-null-last-point (#3954) Signed-off-by: Tony Lee <[email protected]> Signed-off-by: Tony Lee <[email protected]> Signed-off-by: Zbynek Roubalik <[email protected]> Co-authored-by: Tony Lee <[email protected]> Co-authored-by: Zbynek Roubalik <[email protected]> Signed-off-by: Pedro Tanaka <[email protected]> * fix(mongodb): escape username and password (#3989) Fixes #3992 Signed-off-by: Pedro Tanaka <[email protected]> * Hacking generated files to version CI expects Signed-off-by: Pedro Tanaka <[email protected]> * Updating aws-sdk and golang packages to fix CVEs Signed-off-by: Pedro Tanaka <[email protected]> * Updating golang/text package to fix CVE Signed-off-by: Pedro Tanaka <[email protected]> * Using same version of aws sdk as in main Signed-off-by: Pedro Tanaka <[email protected]> Signed-off-by: Pedro Tanaka <[email protected]> Signed-off-by: Jorge Turrado <[email protected]> Signed-off-by: Antoine Laffargue <[email protected]> Signed-off-by: Pedro Tanaka <[email protected]> Signed-off-by: Laszlo Kishalmi <[email protected]> Signed-off-by: Eric Takemoto <[email protected]> Signed-off-by: ytz <[email protected]> Signed-off-by: taenyang <[email protected]> Signed-off-by: Tony Lee <[email protected]> Signed-off-by: Tony Lee <[email protected]> Signed-off-by: Zbynek Roubalik <[email protected]> Co-authored-by: Jorge Turrado Ferrero <[email protected]> Co-authored-by: Antoine LAFFARGUE <[email protected]> Co-authored-by: Laszlo Kishalmi <[email protected]> Co-authored-by: Eric Takemoto <[email protected]> Co-authored-by: taenyang <[email protected]> Co-authored-by: Tony Lee <[email protected]> Co-authored-by: Tony Lee <[email protected]> Co-authored-by: Zbynek Roubalik <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Signed-off-by: Jorge Turrado [email protected]
This PR bumps k8s deps to 0.24.5 and adds a replacement for ensuring
k8s.io/apimachineryuses a fixed versionChecklist
Fixes #3690