Skip to content

strimzi-kafka-operator/0.49.1-r2: cve remediation #77379

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
octo-sts wants to merge 1 commit into from
Closed

strimzi-kafka-operator/0.49.1-r2: cve remediation #77379

octo-sts wants to merge 1 commit into from

Conversation

@octo-sts
Copy link
Contributor

@octo-sts octo-sts bot commented Jan 7, 2026

strimzi-kafka-operator/0.49.1-r2: fix GHSA-3677-xxcr-wjqv

Advisory data: https://github.com/wolfi-dev/advisories/blob/main/strimzi-kafka-operator.advisories.yaml

"Breadcrumbs" for this automated service

Inspected git repositories: https://github.com/strimzi/[email protected]

@octo-sts octo-sts bot added automated pr request-cve-remediation maven/pombump p:strimzi-kafka-operator GHSA-3677-xxcr-wjqv P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. approver-bot/manual-review-needed manual/review-needed staging-approver-bot/manual-review-needed labels Jan 7, 2026
@octo-sts
Copy link
Contributor Author

octo-sts bot commented Jan 7, 2026

This vulnerability remediation is stale and no longer needed. 👋

Advisory CGA-88rq-qcfv-cvwg has the latest event type of "fixed"

View with: cg advisory show CGA-88rq-qcfv-cvwg
Or view on GitHub: https://github.com/wolfi-dev/advisories/blob/main/strimzi-kafka-operator.advisories.yaml

ID:      CGA-88rq-qcfv-cvwg
Package: strimzi-kafka-operator
Aliases: CVE-2024-29371 GHSA-3677-xxcr-wjqv
Events:
  - "scan/v1" at 2025-12-19 12:34:02 UTC
  - "fixed" at 2025-12-22 15:28:46 UTC

@octo-sts octo-sts bot closed this Jan 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

approver-bot/manual-review-needed automated pr bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. GHSA-3677-xxcr-wjqv manual/review-needed maven/pombump p:strimzi-kafka-operator P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. request-cve-remediation service:cve-pr-closer staging-approver-bot/manual-review-needed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant