From c9eabceb6783b04c0115f38fb73f3c014bbd5749 Mon Sep 17 00:00:00 2001 From: Dan Lorenc Date: Sun, 3 Dec 2023 09:31:55 -0500 Subject: [PATCH] Mark CVE-2023-46402 as fixed in packages. Signed-off-by: Dan Lorenc --- argo-cd-2.7.advisories.yaml | 9 +++++++++ argo-cd-2.8.advisories.yaml | 9 +++++++++ argo-cd-2.9.advisories.yaml | 9 +++++++++ argo-workflows.advisories.yaml | 9 +++++++++ flux-notification-controller.advisories.yaml | 9 +++++++++ melange.advisories.yaml | 9 +++++++++ pulumi-kubernetes-operator.advisories.yaml | 9 +++++++++ 7 files changed, 63 insertions(+) diff --git a/argo-cd-2.7.advisories.yaml b/argo-cd-2.7.advisories.yaml index 5255719db0..2bc9fd5c37 100644 --- a/argo-cd-2.7.advisories.yaml +++ b/argo-cd-2.7.advisories.yaml @@ -81,6 +81,15 @@ advisories: type: vulnerable-code-not-included-in-package note: Only affects Windows + - id: CVE-2023-46402 + aliases: + - GHSA-3f2q-6294-fmq5 + events: + - timestamp: 2023-12-03T14:31:09Z + type: fixed + data: + fixed-version: 2.7.15-r2 + - id: CVE-2023-47108 aliases: - GHSA-8pgv-569h-w5rw diff --git a/argo-cd-2.8.advisories.yaml b/argo-cd-2.8.advisories.yaml index 437c610006..8846db5f4d 100644 --- a/argo-cd-2.8.advisories.yaml +++ b/argo-cd-2.8.advisories.yaml @@ -71,6 +71,15 @@ advisories: type: vulnerable-code-not-included-in-package note: Only affects Windows + - id: CVE-2023-46402 + aliases: + - GHSA-3f2q-6294-fmq5 + events: + - timestamp: 2023-12-03T14:31:22Z + type: fixed + data: + fixed-version: 2.8.7-r2 + - id: CVE-2023-47108 aliases: - GHSA-8pgv-569h-w5rw diff --git a/argo-cd-2.9.advisories.yaml b/argo-cd-2.9.advisories.yaml index 29d94dc9d9..b09f3e1610 100644 --- a/argo-cd-2.9.advisories.yaml +++ b/argo-cd-2.9.advisories.yaml @@ -14,6 +14,15 @@ advisories: type: vulnerable-code-not-included-in-package note: The vulnerable code is specific to kubectl. + - id: CVE-2023-46402 + aliases: + - GHSA-3f2q-6294-fmq5 + events: + - timestamp: 2023-12-03T14:31:28Z + type: fixed + data: + fixed-version: 2.9.3-r1 + - id: CVE-2023-47108 aliases: - GHSA-8pgv-569h-w5rw diff --git a/argo-workflows.advisories.yaml b/argo-workflows.advisories.yaml index 4d6b05f037..0a2e7574cd 100644 --- a/argo-workflows.advisories.yaml +++ b/argo-workflows.advisories.yaml @@ -24,6 +24,15 @@ advisories: type: vulnerable-code-not-included-in-package note: Only affects Windows + - id: CVE-2023-46402 + aliases: + - GHSA-3f2q-6294-fmq5 + events: + - timestamp: 2023-12-03T14:31:33Z + type: fixed + data: + fixed-version: 3.5.2-r1 + - id: GHSA-2c7c-3mj9-8fqh events: - timestamp: 2023-11-23T08:30:52Z diff --git a/flux-notification-controller.advisories.yaml b/flux-notification-controller.advisories.yaml index 4170d60044..2b963bd37d 100644 --- a/flux-notification-controller.advisories.yaml +++ b/flux-notification-controller.advisories.yaml @@ -52,6 +52,15 @@ advisories: type: vulnerable-code-not-included-in-package note: Only affects Windows + - id: CVE-2023-46402 + aliases: + - GHSA-3f2q-6294-fmq5 + events: + - timestamp: 2023-12-03T14:31:38Z + type: fixed + data: + fixed-version: 1.1.0-r6 + - id: GHSA-6xv5-86q9-7xr8 events: - timestamp: 2023-09-09T15:18:10Z diff --git a/melange.advisories.yaml b/melange.advisories.yaml index df62145ffd..39bcb99a5b 100644 --- a/melange.advisories.yaml +++ b/melange.advisories.yaml @@ -51,6 +51,15 @@ advisories: type: vulnerable-code-not-included-in-package note: Only affects Windows + - id: CVE-2023-46402 + aliases: + - GHSA-3f2q-6294-fmq5 + events: + - timestamp: 2023-12-03T14:31:42Z + type: fixed + data: + fixed-version: 0.5.3-r1 + - id: CVE-2023-46737 aliases: - GHSA-vfp6-jrw2-99g9 diff --git a/pulumi-kubernetes-operator.advisories.yaml b/pulumi-kubernetes-operator.advisories.yaml index 8b0c1f9afa..7ae25c37d8 100644 --- a/pulumi-kubernetes-operator.advisories.yaml +++ b/pulumi-kubernetes-operator.advisories.yaml @@ -52,6 +52,15 @@ advisories: type: vulnerable-code-not-included-in-package note: Only affects Windows + - id: CVE-2023-46402 + aliases: + - GHSA-3f2q-6294-fmq5 + events: + - timestamp: 2023-12-03T14:31:47Z + type: fixed + data: + fixed-version: 1.14.0-r1 + - id: GHSA-6xv5-86q9-7xr8 events: - timestamp: 2023-09-09T15:18:19Z