Skip to content

fix: update SRIOV-NO version to fix CVE #1884

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rollandf merged 2 commits into from
Jan 1, 2026
Merged

fix: update SRIOV-NO version to fix CVE #1884

rollandf merged 2 commits into from
Jan 1, 2026

Conversation

@rollandf
Copy link
Member

@rollandf rollandf commented Dec 10, 2025

Fixes: CVE-2022-1706 Ignition config accessible to unprivileged software on VMware

@coveralls
Copy link
Collaborator

coveralls commented Dec 10, 2025
edited
Loading

Pull Request Test Coverage Report for Build 20092043363

Details

  • 5 of 35 (14.29%) changed or added relevant lines in 4 files are covered.
  • 27 unchanged lines in 5 files lost coverage.
  • Overall coverage decreased (-0.6%) to 61.732%
Changes Missing Coverage Covered Lines Changed/Added Lines %
main.go 0 13 0.0%
pkg/testing/mocks/Client.go 0 17 0.0%
Files with Coverage Reduction New Missed Lines %
controllers/macvlannetwork_controller.go 2 86.25%
controllers/drain_controller.go 4 74.63%
pkg/state/state_skel.go 4 83.82%
api/v1alpha1/zz_generated.deepcopy.go 8 43.14%
controllers/nicclusterpolicy_controller.go 9 75.84%
Totals Coverage Status
Change from base Build 20030356282: -0.6%
Covered Lines: 4141
Relevant Lines: 6708
💛 - Coveralls

@e0ne
Copy link
Collaborator

e0ne commented Dec 10, 2025

/retest-nic_operator_kind

2 similar comments
@e0ne
Copy link
Collaborator

e0ne commented Dec 10, 2025

/retest-nic_operator_kind

@e0ne
Copy link
Collaborator

e0ne commented Dec 10, 2025

/retest-nic_operator_kind

@e0ne e0ne closed this Dec 10, 2025
@e0ne e0ne reopened this Dec 10, 2025
@e0ne
Copy link
Collaborator

e0ne commented Dec 10, 2025

/retest-nic_operator_kind

3 similar comments
@rollandf
Copy link
Member Author

rollandf commented Dec 11, 2025

/retest-nic_operator_kind

@maze88
Copy link
Collaborator

maze88 commented Dec 11, 2025

/retest-nic_operator_kind

@rollandf
Copy link
Member Author

rollandf commented Dec 11, 2025

/retest-nic_operator_kind

@heyvister1
Copy link
Collaborator

heyvister1 commented Dec 14, 2025

/retest-nic_operator_helm

1 similar comment
@rollandf
Copy link
Member Author

rollandf commented Dec 15, 2025

/retest-nic_operator_helm

@rollandf rollandf added the on hold This enhancement is currently on hold pending additional clarification and evaluation label Dec 16, 2025
@rollandf rollandf changed the title fix: update SRIOV-NO version to fix CVE [DNM] fix: update SRIOV-NO version to fix CVE Dec 16, 2025
@rollandf
Copy link
Member Author

rollandf commented Dec 16, 2025

Let's wait for k8snetworkplumbingwg/sriov-network-operator#952 to be merged

@rollandf rollandf changed the title [DNM] fix: update SRIOV-NO version to fix CVE fix: update SRIOV-NO version to fix CVE Dec 24, 2025
@rollandf rollandf removed the on hold This enhancement is currently on hold pending additional clarification and evaluation label Dec 24, 2025
heyvister1
heyvister1 reviewed Dec 31, 2025
View reviewed changes
Makefile Outdated
SETUP_ENVTEST_PKG := sigs.k8s.io/controller-runtime/tools/setup-envtest
SETUP_ENVTEST_BIN := setup-envtest
SETUP_ENVTEST_VER := v0.0.0-20240110160329-8f8247fdc1c3
SETUP_ENVTEST_VER := release-0.20
Copy link
Collaborator

@heyvister1 heyvister1 Dec 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Isn't there already a v0.22? Is there a reason to use an older version here?

Copy link
Member Author

@rollandf rollandf Dec 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

@heyvister1
Copy link
Collaborator

heyvister1 commented Dec 31, 2025

LGTM with a small nit regarding envtest version
Also need to rebase to resolve conflicts

@rollandf
chore: update k8s and controller-gen version
ead14c9 
Signed-off-by: Fred Rolland <[email protected]>
@rollandf
fix: update SRIOV-NO version to fix CVE
619f1ff 
Fixes: CVE-2022-1706 Ignition config accessible to unprivileged software on VMware

Signed-off-by: Fred Rolland <[email protected]>
@rollandf rollandf merged commit 4bf8850 into Mellanox:master Jan 1, 2026
23 of 24 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@e0ne e0ne e0ne approved these changes

@almaslennikov almaslennikov almaslennikov approved these changes

@heyvister1 heyvister1 heyvister1 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@rollandf @coveralls @e0ne @maze88 @heyvister1 @almaslennikov