This repository has been archived by the owner on Jan 9, 2025. It is now read-only.

(PA-5852) Apply CVE-2023-38545 patch for curl vulnerablity #738

Merged

cthorn42 merged 1 commit into puppetlabs:master from amitkarsale:PA-5852-curl-cve-patch-fix

Oct 12, 2023

Contributor

amitkarsale commented Oct 11, 2023

apply patch for curl CVE-2023-38545

ref: curl/curl#12026
https://curl.se/docs/CVE-2023-38545.html

Contributor Author

amitkarsale commented Oct 11, 2023 •

edited

Loading

agent-runtime-7.x build for rhel9-arm: https://jenkins-platform.delivery.puppetlabs.net/job/platform_vanagon-generic-builder_vanagon-packaging_generic-builder/2411/

agent-runtime-main build for rhel9-arm : https://jenkins-platform.delivery.puppetlabs.net/job/platform_vanagon-generic-builder_vanagon-packaging_generic-builder/BUILD_TARGET=el-9-aarch64,SLAVE_LABEL=k8s-worker/2413/console

pxp-agent-main : https://jenkins-platform.delivery.puppetlabs.net/job/platform_vanagon-generic-builder_vanagon-packaging-ship-repos_generic-builder/1249/

pxp-agent-7.x : https://jenkins-platform.delivery.puppetlabs.net/job/platform_vanagon-generic-builder_vanagon-packaging-ship-repos_generic-builder/1250/

puppet-agent-main : https://jenkins-platform.delivery.puppetlabs.net/job/platform_vanagon-generic-builder_vanagon-packaging-ship-repos_generic-builder/1251/

puppet-agent-7.x : https://jenkins-platform.delivery.puppetlabs.net/view/vanagon-generic-builder/job/platform_vanagon-generic-builder_vanagon-packaging-ship-repos_generic-builder/1256/

amitkarsale force-pushed the PA-5852-curl-cve-patch-fix branch 2 times, most recently from 43a75aa to 4fc4f33 Compare

October 11, 2023 17:59

mhashizume reviewed

View reviewed changes

resources/patches/curl/CVE-2023-38545.patch Outdated Show resolved Hide resolved


          (PA-5852) Apply CVE-2023-38545 patch for curl vulnerablity

bea280e

amitkarsale force-pushed the PA-5852-curl-cve-patch-fix branch from 4fc4f33 to bea280e Compare

October 12, 2023 11:38

cthorn42 marked this pull request as ready for review

October 12, 2023 18:15

cthorn42 requested review from a team as code owners

October 12, 2023 18:15

cthorn42 approved these changes

View reviewed changes

Collaborator

cthorn42 left a comment

Ran the two agent runtime builds through with the recent changes that dropped testing and they built fine. We're good to go.

cthorn42 merged commit 192c686 into puppetlabs:master

2 checks passed

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet