Bug 2091213

Summary: Dependabot alert: Unhandled exception in gopkg.in/yaml.v3
Product: OpenShift Container Platform Reporter: Jack Ding <jacding>
Component: Cloud Native EventsAssignee: nwaizer
Cloud Native Events sub component: Cloud Event Proxy QA Contact: nwaizer
Status: CLOSED ERRATA Docs Contact:
Severity: medium    
Priority: medium CC: aos-bugs, aputtur, ijolliff, jacding, nwaizer, yliu1
Version: 4.10   
Target Milestone: ---   
Target Release: 4.10.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 2091106 Environment:
Last Closed: 2022-09-13 14:23:25 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2091106    
Bug Blocks:    

Description Jack Ding 2022-05-27 21:01:42 UTC 
+++ This bug was initially created as a clone of Bug #2091106 +++

Description of problem:

An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.
Need to upgrade gopkg.in/yaml.v3 to version 3.0.0 or later. For example:
   require gopkg.in/yaml.v3 v3.0.0

https://github.com/redhat-cne/cloud-event-proxy/security/dependabot/2

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 13 errata-xmlrpc 2022-09-13 14:23:25 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.10.32 extras update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:6373