Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update NGINX and OpenResty to v1.21.4 #8799

Closed
rikatz opened this issue Jul 10, 2022 · 13 comments · Fixed by #8889
Closed

Update NGINX and OpenResty to v1.21.4 #8799

rikatz opened this issue Jul 10, 2022 · 13 comments · Fixed by #8889
Assignees
@tao12345666333
Labels
area/stabilization Work for increasing stabilization of the ingress-nginx codebase kind/feature Categorizes issue or PR as related to a new feature. priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. triage/accepted Indicates an issue or PR is ready to be actively worked on.

Comments

@rikatz
Copy link
Contributor

rikatz commented Jul 10, 2022

As part of the stabilization process, let's update NGINX and Openresty to v1.21.4

/triage accepted
/priority critical-urgent
/area stabilization
@rikatz rikatz added the kind/feature Categorizes issue or PR as related to a new feature. label Jul 10, 2022
@k8s-ci-robot k8s-ci-robot added triage/accepted Indicates an issue or PR is ready to be actively worked on. priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. area/stabilization Work for increasing stabilization of the ingress-nginx codebase labels Jul 10, 2022
@rikatz
Copy link
Contributor Author

rikatz commented Jul 10, 2022

/project stabilization

@k8s-ci-robot
Copy link
Contributor

@rikatz: You must be a member of the kubernetes/ingress-nginx github team to set the project and column.

In response to this:

/project stabilization

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@tao12345666333
Copy link
Member

let me check it

@tao12345666333
Copy link
Member

/assign

@longwuyuan longwuyuan mentioned this issue Jul 14, 2022
Closed
@arontsang
Copy link

+1 Given that the current version of nginx is flagged by IT as being vulnerable to CVE-2021-23017

@tao12345666333
Copy link
Member

I'm working on this 😄

@longwuyuan longwuyuan mentioned this issue Jul 22, 2022
Closed
@Kanshiroron
Copy link

Is the idea here to upgrade to v1.21.4 as the title suggest (which is already quite old), or to the latest version available v1.23.1?
Because v1.21 security support has expired 2 months ago: https://endoflife.date/nginx and we're looking for a bug fix that has been released on a newer version than v1.21.4.
Thanks

#8856

@tao12345666333
Copy link
Member

The current plan is to upgrade to v1.21 as the title, I will submit a PR within this week.

In fact this version is consistent with openrestry

@Kanshiroron
Copy link

Thanks @tao12345666333 for your quick answer.
If I understand correctly, the ingress nginx is build on top of OpenRestry, so we'll need to wait for OpenRestry to deliver a version based on the 1.23.1 version of nginx to have a chance to later see it in the ingress nginx right?

@tao12345666333
Copy link
Member

right

@tao12345666333 tao12345666333 mentioned this issue Jul 30, 2022
Merged
9 tasks
@tao12345666333
Copy link
Member

Open a PR #8889 for this one.
I need some time to finish it ASAP

@ElvinEfendi ElvinEfendi mentioned this issue Oct 21, 2022
Closed
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue or PR as fresh with /remove-lifecycle stale
  • Mark this issue or PR as rotten with /lifecycle rotten
  • Close this issue or PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Oct 28, 2022
@tooptoop4
Copy link

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Oct 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tao12345666333 tao12345666333

Labels
area/stabilization Work for increasing stabilization of the ingress-nginx codebase kind/feature Categorizes issue or PR as related to a new feature. priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore: bump NGINX version v1.21.4 tao12345666333/ingress-nginx
7 participants
@tao12345666333 @arontsang @Kanshiroron @rikatz @k8s-ci-robot @tooptoop4 @k8s-triage-robot