Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE: Bump Werkzeug Flask Pip requirements to 2.2.3 #505

Closed
sadsfae opened this issue Jun 26, 2024 · 2 comments
Closed

CVE: Bump Werkzeug Flask Pip requirements to 2.2.3 #505

sadsfae opened this issue Jun 26, 2024 · 2 comments
Assignees
@sadsfae
Labels
flask security
Milestone
2.x Series - Bowie

Comments

@sadsfae
Copy link
Member

sadsfae commented Jun 26, 2024

  • Dependabot has flagged our version of Flask Werkzeug for being potentially vulnerable, note that this does not affect QUADS in any way as we rely on OS packages and do not ship this software, it's only used for internal CI or container builds that do not get utilized anywhere.
@sadsfae sadsfae added this to the 2.0 Series - Bowie milestone Jun 26, 2024
@sadsfae sadsfae self-assigned this Jun 26, 2024
@sadsfae
Copy link
Member Author

sadsfae commented Jun 26, 2024

Addressed here: https://review.gerrithub.io/c/redhat-performance/quads/+/1196738

@sadsfae
Copy link
Member Author

sadsfae commented Jun 26, 2024

22bb54a

@sadsfae sadsfae closed this as completed Jun 26, 2024
@github-project-automation github-project-automation bot moved this from To do to Done in QUADS 2.0 Series Jun 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sadsfae sadsfae

Labels
flask security
Projects
QUADS 2.0 Series
Status: Done
Milestone
2.x Series - Bowie
Development

No branches or pull requests
1 participant
@sadsfae