Skip to content

Replace unmaintained satori/go.uuid pakage #2931

New issue
Jump to bottom
New issue
Jump to bottom
Closed
#2932
Closed
Replace unmaintained satori/go.uuid pakage#2931
#2932
Assignees
sivanantha321
Labels
kind/bugkserve/sdlc
@sivanantha321

Description

@sivanantha321
sivanantha321
opened on May 23, 2023

/kind bug

What steps did you take and what happened:
[A clear and concise description of what the bug is.]
satori/go.uuid is no longer maintained since 2018. It has a critical vulnerability [CVE-2021-3538] (https://nvd.nist.gov/vuln/detail/CVE-2021-3538). https://pkg.go.dev/vuln/GO-2022-0244

What did you expect to happen:
We should switch to a different uuid package as suggested here satori/go.uuid#73 (comment)

What's the InferenceService yaml:
[To help us debug please run kubectl get isvc $name -n $namespace -oyaml and paste the output]

Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]

Environment:

  • Istio Version:
  • Knative Version:
  • KServe Version:
  • Kubeflow version:
  • Cloud Environment:[k8s_istio/istio_dex/gcp_basic_auth/gcp_iap/aws/aws_cognito/ibm]
  • Minikube/Kind version:
  • Kubernetes version: (use kubectl version):
  • OS (e.g. from /etc/os-release):

Metadata

Assignees

Labels

kind/bugkserve/sdlc

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions