fix: GHSA-2gh3-rmm4-6rq5/CVE-2025-53605 - upgrade pprof to version 0.15.0 #1606
Conversation
…025-53605. Creator of upstream patch to fix CVE issue: tikv/pprof-rs@3d4e696 Signed-off-by: Kyle Steere <[email protected]>
|
😊 Welcome @kbsteere! This is either your first contribution to the Istio ztunnel repo, or it's been You can learn more about the Istio working groups, Code of Conduct, and contribution guidelines Thanks for contributing! Courtesy of your friendly welcome wagon. |
istio-testing
added
size/M
|
Hi @kbsteere. Thanks for your PR. I'm waiting for a istio member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/ok-to-test |
istio-testing
added
ok-to-test
|
/retest |
1 similar comment
|
/retest |
|
@kbsteere: The following test failed, say
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
@kbsteere please run make gen and redo your PR |
istio-testing
added
the
needs-rebase
|
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/retest |
fix: upgrade pprof to version 0.15.0 to fix GHSA-2gh3-rmm4-6rq5/CVE-2025-53605. Creator of upstream patch to fix CVE issue: tikv/pprof-rs@3d4e696