Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[release-1.31] Bump traefik to v2.11.20 #11763

Merged
merged 1 commit into from
Feb 10, 2025
Merged

[release-1.31] Bump traefik to v2.11.20 #11763

merged 1 commit into from
Feb 10, 2025

Conversation

brandond
Copy link
Member

Proposed Changes

Bump traefik to v2.11.20 - fixes an apparent memory leak.

Types of Changes

version bump

Verification

check version

Testing

Linked Issues

User-Facing Change

Further Comments

@brandond
Bump traefik to v2.11.20
2ad5e62 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
@brandond brandond requested a review from a team as a code owner February 10, 2025 20:09
@codecov Codecov
Copy link

codecov bot commented Feb 10, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 46.35%. Comparing base (9f3a64f) to head (2ad5e62).
Report is 1 commits behind head on release-1.31.

Additional details and impacted files 
@@               Coverage Diff                @@
##           release-1.31   #11763      +/-   ##
================================================
- Coverage         48.25%   46.35%   -1.90%     
================================================
  Files               206      206              
  Lines             19552    19552              
================================================
- Hits               9434     9064     -370     
- Misses             8742     9174     +432     
+ Partials           1376     1314      -62
Flag Coverage Δ
e2etests 40.23% <ø> (-3.44%) ⬇️
inttests 34.90% <ø> (-0.01%) ⬇️
unittests 16.41% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@cwayne18
Copy link
Member

/trivy

@github-actions GitHub Actions
Copy link
Contributor 


For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your project that you believe are not actually exploitable, consider issuing a VEX (Vulnerability Exploitability eXchange) statement.
VEX allows you to communicate the actual status of vulnerabilities in your project, improving security transparency and reducing false positives for your users.
Learn more and start using VEX: https://aquasecurity.github.io/trivy/v0.57/docs/supply-chain/vex/repo#publishing-vex-documents

To disable this notice, set the TRIVY_DISABLE_VEX_NOTICE environment variable.


bin/containerd-shim-runc-v2 (gobinary)
======================================
Total: 0 (HIGH: 0, CRITICAL: 0)


Suppressed Vulnerabilities (Total: 1)
=====================================
┌──────────────────┬────────────────┬──────────┬──────────────┬─────────────────────────────────────┬──────────────────────┐
│     Library      │ Vulnerability  │ Severity │    Status    │              Statement              │        Source        │
├──────────────────┼────────────────┼──────────┼──────────────┼─────────────────────────────────────┼──────────────────────┤
│ golang.org/x/net │ CVE-2024-45338 │ HIGH     │ not_affected │ vulnerable_code_not_in_execute_path │ rancher.openvex.json │
└──────────────────┴────────────────┴──────────┴──────────────┴─────────────────────────────────────┴──────────────────────┘

bin/k3s (gobinary)
==================
Total: 0 (HIGH: 0, CRITICAL: 0)


Suppressed Vulnerabilities (Total: 2)
=====================================
┌─────────────────────┬────────────────┬──────────┬──────────────┬─────────────────────────────────────┬──────────────────────┐
│       Library       │ Vulnerability  │ Severity │    Status    │              Statement              │        Source        │
├─────────────────────┼────────────────┼──────────┼──────────────┼─────────────────────────────────────┼──────────────────────┤
│ golang.org/x/crypto │ CVE-2024-45337 │ CRITICAL │ not_affected │ vulnerable_code_not_present         │ rancher.openvex.json │
├─────────────────────┼────────────────┼──────────┤              ├─────────────────────────────────────┤                      │
│ golang.org/x/net    │ CVE-2024-45338 │ HIGH     │              │ vulnerable_code_not_in_execute_path │                      │
└─────────────────────┴────────────────┴──────────┴──────────────┴─────────────────────────────────────┴──────────────────────┘

bin/runc (gobinary)
===================
Total: 0 (HIGH: 0, CRITICAL: 0)


Suppressed Vulnerabilities (Total: 1)
=====================================
┌──────────────────┬────────────────┬──────────┬──────────────┬─────────────────────────────┬──────────────────────┐
│     Library      │ Vulnerability  │ Severity │    Status    │          Statement          │        Source        │
├──────────────────┼────────────────┼──────────┼──────────────┼─────────────────────────────┼──────────────────────┤
│ golang.org/x/net │ CVE-2024-45338 │ HIGH     │ not_affected │ vulnerable_code_not_present │ rancher.openvex.json │
└──────────────────┴────────────────┴──────────┴──────────────┴─────────────────────────────┴──────────────────────┘

@brandond brandond merged commit 39b54b9 into k3s-io:release-1.31 Feb 10, 2025
48 checks passed
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@VestigeJ VestigeJ VestigeJ approved these changes

@dereknola dereknola dereknola approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@brandond @cwayne18 @VestigeJ @dereknola