chore(deps): refresh rpm lockfiles [SECURITY]#983
Conversation
Signed-off-by: red-hat-konflux-kflux-prd-rh02 <190377777+red-hat-konflux-kflux-prd-rh02[bot]@users.noreply.github.com>
red-hat-konflux-kflux-prd-rh02
bot
added
approved
|
[APPROVALNOTIFIER] This PR is APPROVED Approval requirements bypassed by manually added approval. This pull-request has been approved by: red-hat-konflux-kflux-prd-rh02[bot] The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
1 similar comment
|
[APPROVALNOTIFIER] This PR is APPROVED Approval requirements bypassed by manually added approval. This pull-request has been approved by: red-hat-konflux-kflux-prd-rh02[bot] The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
Hi @red-hat-konflux-kflux-prd-rh02[bot]. Thanks for your PR. I'm waiting for a openshift-pipelines member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
This PR contains the following updates:
File .konflux/rpms/rpms.in.yaml:
2.43.5-2.el8_10->2.43.7-1.el8_102.43.5-2.el8_10->2.43.7-1.el8_102.43.5-2.el8_10->2.43.7-1.el8_102.43.5-2.el8_10->2.43.7-1.el8_108.0p1-25.el8_10->8.0p1-27.el8_108.0p1-25.el8_10->8.0p1-27.el8_10openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand
CVE-2025-61985
More information
Details
ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.
Severity
Moderate
References
openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand
CVE-2025-61984
More information
Details
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)
Severity
Moderate
References
🔧 This Pull Request updates lock files to use the latest dependency versions.
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
To execute skipped test pipelines write comment
/ok-to-test.Documentation
Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.