1908001 – [CVE-2020-10749] Update github.com/containernetworking/plugins to v.0.8.6 in egress-router-cni

Bug 1908001 - [CVE-2020-10749] Update github.com/containernetworking/plugins to v.0.8.6 in egress-router-cni

Summary: [CVE-2020-10749] Update github.com/containernetworking/plugins to v.0.8.6 in ...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Networking
Sub Component:
Version:	4.7
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	4.7.0
Assignee:	Daniel Mellado
QA Contact:	Anurag saxena
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1907995 (view as bug list)
Depends On:
Blocks:	1907995
TreeView+	depends on / blocked

Reported:	2020-12-15 16:28 UTC by Daniel Mellado
Modified:	2021-02-24 15:44 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-02-24 15:44:28 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift egress-router-cni pull 21	0	None	closed	Update github.com/containernetworking/plugins	2021-01-11 12:59:03 UTC
Red Hat Product Errata	RHSA-2020:5633	0	None	None	None	2021-02-24 15:44:50 UTC

Description Daniel Mellado 2020-12-15 16:28:19 UTC

Description of problem:

Description of problem:

Update github.com/containernetworking/plugins to v.0.8.6 in
order to fix CVE-2020-10749.

Comment 2 Daniel Mellado 2020-12-16 11:21:45 UTC

*** Bug 1907995 has been marked as a duplicate of this bug. ***

Comment 5 Weibin Liang 2021-01-11 16:02:10 UTC

Tested and verified in 4.7.0-0.nightly-2021-01-10-070949

[weliang@weliang egress-router-cni]$ git log
commit 6b11e3f57656814b385df95c4274cf76fe718f02
Merge: 5b0810c e144bc3
Author: OpenShift Merge Robot <openshift-merge-robot.github.com>
Date:   Thu Nov 26 18:42:36 2020 +0100

    Merge pull request #20 from danielmellado/remove_cgo_flag
    
    Remove CGO flag from rhel Dockerfile

commit 5b0810c4c318a6f4c4d8df12ad0fdc87b61b734c
Merge: 949e22c b8a5521
Author: OpenShift Merge Robot <openshift-merge-robot.github.com>
Date:   Thu Nov 26 12:10:49 2020 +0100

    Merge pull request #21 from danielmellado/update_containernetworking_plugins
    
    Update github.com/containernetworking/plugins

commit b8a55212ce9087601752642926fc1c96b436172d
Author: Daniel Mellado <dmellado>
Date:   Wed Nov 25 17:25:02 2020 +0100

    Update github.com/containernetworking/plugins
    
    This PR updates github.com/containernetworking/plugins to v.0.8.6 in
    order to fix CVE-2020-10749.

Comment 8 errata-xmlrpc 2021-02-24 15:44:28 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:5633

Note You need to log in before you can comment on or make changes to this bug.