Skip to content

Commit 7282430

Browse files
author
octo-sts[bot]
committed
Adding CVE patch for package kubeflow-pipelines-visualization-server to fix CVE: GHSA-8w49-h785-mj3c
<!--ci-cve-scan:must-fix: GHSA-8w49-h785-mj3c-->
1 parent db229d3 commit 7282430

File tree

2 files changed

+10
-1
lines changed

2 files changed

+10
-1
lines changed

kubeflow-pipelines-visualization-server.yaml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
package:
22
name: kubeflow-pipelines-visualization-server
33
version: 2.3.0
4-
epoch: 100
4+
epoch: 101 # GHSA-8w49-h785-mj3c
55
description: Machine Learning Pipelines for Kubeflow
66
copyright:
77
- license: Apache-2.0
@@ -30,6 +30,10 @@ pipeline:
3030
tag: ${{package.version}}
3131
expected-commit: 4467df5f9c8242d389f20214f75fecfc4119e8cd
3232

33+
- uses: patch
34+
with:
35+
patches: GHSA-8w49-h785-mj3c.patch
36+
3337
- uses: patch
3438
with:
3539
patches: 0001-Bump-dependencies.patch

kubeflow-pipelines-visualization-server/GHSA-8w49-h785-mj3c.patch

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
--- a/backend/src/apiserver/visualization/requirements.txt
2+
+++ b/backend/src/apiserver/visualization/requirements.txt
3+
@@ -517 +517 @@
4+
-tornado==6.3.3
5+
+tornado==6.4.2

0 commit comments

Comments
 (0)