Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update module github.com/cilium/cilium to v1.15.8 [security] (v1.1) #2810

Merged
merged 3 commits into from
Sep 2, 2024
Merged

fix(deps): update module github.com/cilium/cilium to v1.15.8 [security] (v1.1) #2810

merged 3 commits into from
Sep 2, 2024

Conversation

cilium-renovate[bot]
Copy link
Contributor

@cilium-renovate cilium-renovate bot commented Aug 16, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change
github.com/cilium/cilium require patch v1.15.6 -> v1.15.8

GitHub Vulnerability Alerts

CVE-2024-42488

Impact

A race condition in the Cilium agent can cause the agent to ignore labels that should be applied to a node. This could in turn cause CiliumClusterwideNetworkPolicies intended for nodes with the ignored label to not apply, leading to policy bypass.

Patches

This issue was fixed in https://github.com/cilium/cilium/pull/33511.

This issue affects:

  • All versions of Cilium before v1.14.14
  • Cilium v1.15 between v1.15.0 and v1.15.7 inclusive

This issue has been patched in:

  • Cilium v1.14.14
  • Cilium v1.15.8

Workarounds

As the underlying issue depends on a race condition, users unable to upgrade can restart the Cilium agent on affected nodes until the affected policies are confirmed to be working as expected.

Acknowledgements

The Cilium community has worked together with members of Google and Isovalent to prepare these mitigations. Special thanks to @​skmatti for raising and resolving this issue.

For more information

If you have any questions or comments about this advisory, please reach out on Slack.

If you think you have found a vulnerability affecting Cilium, we strongly encourage you to report it to our security mailing list at [email protected]. This is a private mailing list for the Cilium security team, and your report will be treated as top priority.

CVE-2024-42487

Impact

Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular, request headers are matched before request methods, when the specification describes that the request methods must be respected before headers are matched (HTTPRouteRule, GRPCRouteRule).

If users create Gateway API resources that use both request headers and request methods in order to route to different destinations, then traffic may be delivered to the incorrect backend. If the backend does not have Network Policy restricting acceptable traffic to receive, then requests may access information that you did not intend for them to access.

Patches

This issue was fixed in https://github.com/cilium/cilium/pull/34109.

This issue affects:

  • Cilium v1.15 between v1.15.0 and v1.15.7 inclusive
  • Cilium v1.16.0

This issue is fixed in:

  • Cilium v1.15.8
  • Cilium v1.16.1

Workarounds

There is no workaround for this issue.

Acknowledgements

The Cilium community has worked together with members of Cure53 and Isovalent to prepare these mitigations. Special thanks to @​sayboras for remediating this issue.

Further information

If you have any questions or comments about this advisory, please reach out on Slack.

If you think you have found a vulnerability affecting Cilium, we strongly encourage you to report it to our security mailing list at [email protected]. This is a private mailing list for the Cilium security team, and your report will be treated as top priority.

CVE-2024-42486

Impact

Due to ReferenceGrant changes not being immediately propagated in Cilium's GatewayAPI controller, Gateway resources are able to access secrets in other namespaces after the associated ReferenceGrant has been revoked. This can lead to Gateways continuing to establish sessions using secrets that they should no longer have access to.

Patches

This issue was resolved in https://github.com/cilium/cilium/pull/34032.

This issue affects:

  • Cilium v1.15 between v1.15.0 and v1.15.7 inclusive
  • Cilium v1.16.0

This issue has been patched in:

  • Cilium v1.15.8
  • Cilium v1.16.1

Workarounds

Any modification of a related Gateway/HTTPRoute/GRPCRoute/TCPRoute CRD (for example, adding any label to any of these resources) will trigger a reconciliation of ReferenceGrants on an affected cluster.

Acknowledgements

The Cilium community has worked together with members of Cure53 and Isovalent to prepare these mitigations. Special thanks to @​sayboras for resolving this issue.

For more information

If you have any questions or comments about this advisory, please reach out on Slack.

If you think you have found a vulnerability affecting Cilium, we strongly encourage you to report it to our security mailing list at [email protected]. This is a private mailing list for the Cilium security team, and your report will be treated as top priority.

Gateway API route matching order contradicts specification in github.com/cilium/cilium

BIT-cilium-2024-42487 / BIT-cilium-operator-2024-42487 / BIT-hubble-relay-2024-42487 / CVE-2024-42487 / GHSA-qcm3-7879-xcww / GO-2024-3071

More information

Details

Gateway API route matching order contradicts specification in github.com/cilium/cilium

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Cilium leaks information via incorrect ReferenceGrant update logic in Gateway API

BIT-cilium-2024-42486 / BIT-cilium-operator-2024-42486 / BIT-hubble-relay-2024-42486 / CVE-2024-42486 / GHSA-vwf8-q6fw-4wcm / GO-2024-3074

More information

Details

Impact

Due to ReferenceGrant changes not being immediately propagated in Cilium's GatewayAPI controller, Gateway resources are able to access secrets in other namespaces after the associated ReferenceGrant has been revoked. This can lead to Gateways continuing to establish sessions using secrets that they should no longer have access to.

Patches

This issue was resolved in https://github.com/cilium/cilium/pull/34032.

This issue affects:

  • Cilium v1.15 between v1.15.0 and v1.15.7 inclusive
  • Cilium v1.16.0

This issue has been patched in:

  • Cilium v1.15.8
  • Cilium v1.16.1
Workarounds

Any modification of a related Gateway/HTTPRoute/GRPCRoute/TCPRoute CRD (for example, adding any label to any of these resources) will trigger a reconciliation of ReferenceGrants on an affected cluster.

Acknowledgements

The Cilium community has worked together with members of Cure53 and Isovalent to prepare these mitigations. Special thanks to @​sayboras for resolving this issue.

For more information

If you have any questions or comments about this advisory, please reach out on Slack.

If you think you have found a vulnerability affecting Cilium, we strongly encourage you to report it to our security mailing list at [email protected]. This is a private mailing list for the Cilium security team, and your report will be treated as top priority.

Severity

  • CVSS Score: 5.4 / 10 (Medium)
  • Vector String: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Policy bypass for Host Firewall policy due to race condition in Cilium agent in github.com/cilium/cilium

BIT-cilium-2024-42488 / BIT-cilium-operator-2024-42488 / BIT-hubble-relay-2024-42488 / CVE-2024-42488 / GHSA-q7w8-72mr-vpgw / GO-2024-3072

More information

Details

Policy bypass for Host Firewall policy due to race condition in Cilium agent in github.com/cilium/cilium

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Gateway API route matching order contradicts specification

BIT-cilium-2024-42487 / BIT-cilium-operator-2024-42487 / BIT-hubble-relay-2024-42487 / CVE-2024-42487 / GHSA-qcm3-7879-xcww / GO-2024-3071

More information

Details

Impact

Gateway API HTTPRoutes and GRPCRoutes do not follow the match precedence specified in the Gateway API specification. In particular, request headers are matched before request methods, when the specification describes that the request methods must be respected before headers are matched (HTTPRouteRule, GRPCRouteRule).

If users create Gateway API resources that use both request headers and request methods in order to route to different destinations, then traffic may be delivered to the incorrect backend. If the backend does not have Network Policy restricting acceptable traffic to receive, then requests may access information that you did not intend for them to access.

Patches

This issue was fixed in https://github.com/cilium/cilium/pull/34109.

This issue affects:

  • Cilium v1.15 between v1.15.0 and v1.15.7 inclusive
  • Cilium v1.16.0

This issue is fixed in:

  • Cilium v1.15.8
  • Cilium v1.16.1
Workarounds

There is no workaround for this issue.

Acknowledgements

The Cilium community has worked together with members of Cure53 and Isovalent to prepare these mitigations. Special thanks to @​sayboras for remediating this issue.

Further information

If you have any questions or comments about this advisory, please reach out on Slack.

If you think you have found a vulnerability affecting Cilium, we strongly encourage you to report it to our security mailing list at [email protected]. This is a private mailing list for the Cilium security team, and your report will be treated as top priority.

Severity

  • CVSS Score: 4.0 / 10 (Medium)
  • Vector String: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Policy bypass for Host Firewall policy due to race condition in Cilium agent

BIT-cilium-2024-42488 / BIT-cilium-operator-2024-42488 / BIT-hubble-relay-2024-42488 / CVE-2024-42488 / GHSA-q7w8-72mr-vpgw / GO-2024-3072

More information

Details

Impact

A race condition in the Cilium agent can cause the agent to ignore labels that should be applied to a node. This could in turn cause CiliumClusterwideNetworkPolicies intended for nodes with the ignored label to not apply, leading to policy bypass.

Patches

This issue was fixed in https://github.com/cilium/cilium/pull/33511.

This issue affects:

  • All versions of Cilium before v1.14.14
  • Cilium v1.15 between v1.15.0 and v1.15.7 inclusive

This issue has been patched in:

  • Cilium v1.14.14
  • Cilium v1.15.8
Workarounds

As the underlying issue depends on a race condition, users unable to upgrade can restart the Cilium agent on affected nodes until the affected policies are confirmed to be working as expected.

Acknowledgements

The Cilium community has worked together with members of Google and Isovalent to prepare these mitigations. Special thanks to @​skmatti for raising and resolving this issue.

For more information

If you have any questions or comments about this advisory, please reach out on Slack.

If you think you have found a vulnerability affecting Cilium, we strongly encourage you to report it to our security mailing list at [email protected]. This is a private mailing list for the Cilium security team, and your report will be treated as top priority.

Severity

  • CVSS Score: 6.8 / 10 (Medium)
  • Vector String: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Cilium leaks information via incorrect ReferenceGrant update logic in Gateway API in github.com/cilium/cilium

BIT-cilium-2024-42486 / BIT-cilium-operator-2024-42486 / BIT-hubble-relay-2024-42486 / CVE-2024-42486 / GHSA-vwf8-q6fw-4wcm / GO-2024-3074

More information

Details

Cilium leaks information via incorrect ReferenceGrant update logic in Gateway API in github.com/cilium/cilium

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Release Notes

cilium/cilium (github.com/cilium/cilium)

v1.15.8: 1.15.8

Compare Source

Security Advisories

This release addresses the following security vulnerabilities:

Summary of Changes

Minor Changes:

Bugfixes:

  • add support for validation of stringToString values in ConfigMap (Backport PR #​33962, Upstream PR #​33779, @​alex-berger)
  • auth: Fix data race in Upsert (Backport PR #​34157, Upstream PR #​33905, @​chaunceyjiang)
  • auth: fix fatal error: concurrent map iteration and map write (Backport PR #​33809, Upstream PR #​33634, @​chaunceyjiang)
  • cert: Adding H2 Protocol Support when Get gRPC Config For Client (Backport PR #​33809, Upstream PR #​33616, @​mrproliu)
  • DNS Proxy: Allow SO_LINGER to be set to the socket to upstream (Backport PR #​33809, Upstream PR #​33592, @​gandro)
  • Fix an issue in updates to node addresses which may have caused missing NodePort frontend IP addresses. May have affected NodePort/LoadBalancer services for users running with runtime device detection enabled when node's IP addresses were changed after Cilium had started.
    Node IP as defined in the Kubernetes Node is now preferred when selecting the NodePort frontend IPs. (Backport PR #​33818, Upstream PR #​33629, @​joamaki)
  • Fix bug causing etcd upsertion/deletion events to be potentially missed during the initial synchronization, when Cilium operates in KVStore mode, or Cluster Mesh is enabled. (Backport PR #​34183, Upstream PR #​34091, @​giorio94)
  • Fix issue in picking node IP addresses from the loopback device. This fixes a regression in v1.15 and v1.16 where VIPs assigned to the lo device were not considered by Cilium.
    Fix spurious updates node addresses to avoid unnecessary datapath reinitializations. (Backport PR #​34086, Upstream PR #​34012, @​joamaki)
  • Fix rare race condition afflicting clustermesh while stopping the retrieval of the remote cluster configuration, possibly causing a deadlock (Backport PR #​33809, Upstream PR #​33735, @​giorio94)
  • Fixes a race condition during agent startup that causes the k8s node label updates to not get propagated to the host endpoint. (Backport PR #​33663, Upstream PR #​33511, @​skmatti)
  • gateway-api: Add HTTP method condition in sortable routes (Backport PR #​34157, Upstream PR #​34109, @​sayboras)
  • gateway-api: Enqueue gateway for Reference Grant changes (Backport PR #​34157, Upstream PR #​34032, @​sayboras)
  • helm: remove duplicate metrics for Envoy pod (Backport PR #​34157, Upstream PR #​33803, @​mhofstetter)
  • lbipam: fixed bug in sharing key logic (Backport PR #​34157, Upstream PR #​34106, @​dylandreimerink)
  • pkg/metrics: fix data race warning on metrics init hook. (Backport PR #​33962, Upstream PR #​33823, @​tommyp1ckles)
  • Reduce conntrack lifetime for closing service connections. (Backport PR #​33962, Upstream PR #​33907, @​julianwiedmann)
  • Skip regenerating host endpoint on k8s node labels update if identity labels are unchanged (Backport PR #​33809, Upstream PR #​33306, @​skmatti)
  • The cilium agent will now recover from stale nodeID mappings which could occur in clusters with high node churn, possibly manifesting itself in dropped IPsec traffic. (Backport PR #​34157, Upstream PR #​33666, @​bimmlerd)

CI Changes:

Misc Changes:

Other Changes:

Docker Manifests
cilium

quay.io/cilium/cilium:v1.15.8@​sha256:3b5b0477f696502c449eaddff30019a7d399f077b7814bcafabc636829d194c7

clustermesh-apiserver

quay.io/cilium/clustermesh-apiserver:v1.15.8@​sha256:4c1f33aae2b76392b57e867820471b5472f0886f7358513d47ee80c09af15a0e

docker-plugin

quay.io/cilium/docker-plugin:v1.15.8@​sha256:15b1b6e83e1c0eea97df179660c1898661c1d0da5d431c68f98c702581e29310

hubble-relay

quay.io/cilium/hubble-relay:v1.15.8@​sha256:47e8a19f60d0d226ec3d2c675ec63908f1f2fb936a39897f2e3255b3bab01ad6

operator-alibabacloud

quay.io/cilium/operator-alibabacloud:v1.15.8@​sha256:388ef72febd719bc9d16d5ee47fe6f846f73f0d8a6f9586ada04cb39eb2962d1

operator-aws

quay.io/cilium/operator-aws:v1.15.8@​sha256:3807dd23c2b5f90489824ddd13dca6e84e714dc9eae44e5718acfe86c855b7a1

operator-azure

quay.io/cilium/operator-azure:v1.15.8@​sha256:c517db3d12fcf038a9a4a81b88027a19672078bf8c2fcd6b2563f3eff9514d21

operator-generic

quay.io/cilium/operator-generic:v1.15.8@​sha256:e77ae6fc8a978f98363cf74d3c883dfaa6454c6e23ec417a60952f29408e2f18

operator

quay.io/cilium/operator:v1.15.8@​sha256:e9cf35fe3dc86933ccf3fdfdb7620d218c50aaca5f14e4ba5f422460ea4cb23c

v1.15.7: 1.15.7

Compare Source

Summary of Changes

We are pleased to release Cilium v1.15.7, which makes the load balancer class of the Clustermesh API server configurable and includes stability and bug fixes. Thanks to all contributors, reviewers, testers, and users!

Minor Changes:

Bugfixes:

CI Changes:

Misc Changes:

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@cilium-renovate
fix(deps): update module github.com/cilium/cilium to v1.15.8 [security]
2f59598 
Signed-off-by: cilium-renovate[bot] <134692979+cilium-renovate[bot]@users.noreply.github.com>
@cilium-renovate cilium-renovate bot requested a review from a team as a code owner August 16, 2024 09:27
@cilium-renovate cilium-renovate bot requested review from olsajiri and removed request for a team August 16, 2024 09:27
@cilium-renovate cilium-renovate bot added release-blocker This PR or issue is blocking the next release. release-note/dependency This PR updates one or multiple dependencies labels Aug 16, 2024
@cilium-renovate
Copy link
Contributor Author

ℹ Artifact update notice

File name: pkg/k8s/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 9 additional dependencies were updated

Details:

Package Change
github.com/go-logr/logr v1.4.1 -> v1.4.2
golang.org/x/mod v0.14.0 -> v0.17.0
golang.org/x/net v0.23.0 -> v0.26.0
golang.org/x/oauth2 v0.16.0 -> v0.20.0
golang.org/x/sys v0.18.0 -> v0.21.0
golang.org/x/term v0.18.0 -> v0.21.0
golang.org/x/text v0.14.0 -> v0.16.0
golang.org/x/tools v0.16.1 -> v0.21.1-0.20240508182429-e35e4ccd0d2d
google.golang.org/protobuf v1.33.0 -> v1.34.2
File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 18 additional dependencies were updated

Details:

Package Change
golang.org/x/sys v0.19.0 -> v0.21.0
google.golang.org/grpc v1.63.2 -> v1.64.0
google.golang.org/protobuf v1.34.1 -> v1.34.2
github.com/cncf/xds/go v0.0.0-20231128003011-0fa0005c9caa -> v0.0.0-20240318125728-8a4994d93e50
github.com/distribution/reference v0.5.0 -> v0.6.0
github.com/docker/docker v25.0.6+incompatible -> v27.1.1+incompatible
github.com/go-logr/logr v1.4.1 -> v1.4.2
github.com/rogpeppe/go-internal v1.11.0 -> v1.12.0
go.opentelemetry.io/otel v1.22.0 -> v1.28.0
go.opentelemetry.io/otel/metric v1.22.0 -> v1.28.0
go.opentelemetry.io/otel/trace v1.22.0 -> v1.28.0
golang.org/x/net v0.24.0 -> v0.26.0
golang.org/x/oauth2 v0.17.0 -> v0.20.0
golang.org/x/term v0.19.0 -> v0.21.0
golang.org/x/text v0.14.0 -> v0.16.0
golang.org/x/tools v0.20.0 -> v0.21.1-0.20240508182429-e35e4ccd0d2d
google.golang.org/genproto/googleapis/api v0.0.0-20240227224415-6ceb2ff114de -> v0.0.0-20240701130421-f6361c86f094
google.golang.org/genproto/googleapis/rpc v0.0.0-20240415180920-8c6c420018be -> v0.0.0-20240701130421-f6361c86f094

@olsajiri
Copy link
Contributor

olsajiri commented Sep 2, 2024

looks like little-vm-helper won't work with the new docker update? @kkourt @mtardy

@kkourt
Copy link
Contributor

kkourt commented Sep 2, 2024

looks like little-vm-helper won't work with the new docker update? @kkourt @mtardy

I guess we need cilium/little-vm-helper@5756be9, which is part of little-vm-helper v0.0.19

@kkourt
Copy link
Contributor

kkourt commented Sep 2, 2024

Pushed a patch for updating to lvh v0.0.19 🤞🏼

@kkourt
update lvh to v0.0.19
52cffbd 
A renovate PR wants to update the docker version. update to lvh so that
we can get
cilium/little-vm-helper@5756be9.

Signed-off-by: Kornilios Kourtis <[email protected]>
@kkourt kkourt force-pushed the renovate/v1.1-go-github.com-cilium-cilium-vulnerability branch from 1130bb8 to 52cffbd Compare September 2, 2024 12:40
@kkourt
Copy link
Contributor

kkourt commented Sep 2, 2024
edited
Loading

We have the following failures in golangci-lint:

Running [/home/runner/golangci-lint-1.57.2-linux-amd64/golangci-lint run --out-format=github-actions --config=.golangci.yml --verbose] in [] ...
cmd/tetra/common/client.go:62:15 staticcheck SA1019: grpc.DialContext is deprecated: use NewClient instead. Will be supported throughout 1.x.
pkg/bugtool/bugtool.go:590:15 staticcheck SA1019: grpc.DialContext is deprecated: use NewClient instead. Will be supported throughout 1.x.
pkg/bugtool/bugtool.go:594:3 staticcheck SA1019: grpc.WithBlock is deprecated: this DialOption is not supported by NewClient. Will be supported throughout 1.x.
pkg/multiplexer/multiplexer.go:79:17 staticcheck SA1019: grpc.DialContext is deprecated: use NewClient instead. Will be supported throughout 1.x.
tests/e2e/helpers/grpc/grpc.go:34:16 staticcheck SA1019: grpc.DialContext is deprecated: use NewClient instead. Will be supported throughout 1.x.
tests/e2e/helpers/grpc/grpc.go:37:4 staticcheck SA1019: grpc.WithBlock is deprecated: this DialOption is not supported by NewClient. Will be supported throughout 1.x.

Since this is a stable branch, I think that's OK.

@cilium-renovate
Copy link
Contributor Author

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

@mtardy
Copy link
Member

mtardy commented Sep 2, 2024
edited
Loading

We have the following failures in golangci-lint:

Running [/home/runner/golangci-lint-1.57.2-linux-amd64/golangci-lint run --out-format=github-actions --config=.golangci.yml --verbose] in [] ...
cmd/tetra/common/client.go:62:15 staticcheck SA1019: grpc.DialContext is deprecated: use NewClient instead. Will be supported throughout 1.x.
pkg/bugtool/bugtool.go:590:15 staticcheck SA1019: grpc.DialContext is deprecated: use NewClient instead. Will be supported throughout 1.x.
pkg/bugtool/bugtool.go:594:3 staticcheck SA1019: grpc.WithBlock is deprecated: this DialOption is not supported by NewClient. Will be supported throughout 1.x.
pkg/multiplexer/multiplexer.go:79:17 staticcheck SA1019: grpc.DialContext is deprecated: use NewClient instead. Will be supported throughout 1.x.
tests/e2e/helpers/grpc/grpc.go:34:16 staticcheck SA1019: grpc.DialContext is deprecated: use NewClient instead. Will be supported throughout 1.x.
tests/e2e/helpers/grpc/grpc.go:37:4 staticcheck SA1019: grpc.WithBlock is deprecated: this DialOption is not supported by NewClient. Will be supported throughout 1.x.

Since this is a stable branch, I think that's OK.

Yep this is something I fixed on main, let's just ignore it there by adding a line in the linter's config. Let me push a commit there.

@mtardy
golangci-lint: ignore deprecation notices in gRPC pkg
96c0ad7 
Those have been fixed on the main branch, let's ignore them safely on
the stable branch.

Signed-off-by: Mahe Tardy <[email protected]>
@mtardy mtardy merged commit d22baff into v1.1 Sep 2, 2024
36 checks passed
@mtardy mtardy deleted the renovate/v1.1-go-github.com-cilium-cilium-vulnerability branch September 2, 2024 15:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@olsajiri olsajiri olsajiri approved these changes

@mtardy mtardy mtardy approved these changes

Assignees
No one assigned
Labels
release-blocker This PR or issue is blocking the next release. release-note/dependency This PR updates one or multiple dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@olsajiri @kkourt @mtardy