From e6227f9a250339e068eb89d602c656c0e993ae3f Mon Sep 17 00:00:00 2001 From: Yaron Kaikov Date: Sun, 23 Feb 2025 10:06:03 +0200 Subject: [PATCH] install-dependencies.sh: update node_exporter to 1.9.0 Update node_exporter to 1.9.0 to resolve the following CVE's https://github.com/advisories/GHSA-49gw-vxvf-fc2g https://github.com/advisories/GHSA-8xfx-rj4p-23jm https://github.com/advisories/GHSA-crqm-pwhx-j97f https://github.com/advisories/GHSA-j7vj-rw65-4v26 Fixes: https://github.com/scylladb/scylladb/issues/22884 regenerate frozen toolchain with optimized clang from * https://devpkg.scylladb.com/clang/clang-19.1.7-Fedora-41-aarch64.tar.gz * https://devpkg.scylladb.com/clang/clang-19.1.7-Fedora-41-x86_64.tar.gz Closes scylladb/scylladb#22987 --- install-dependencies.sh | 8 ++++---- tools/toolchain/image | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/install-dependencies.sh b/install-dependencies.sh index 1c4582bfd7..dade86565b 100755 --- a/install-dependencies.sh +++ b/install-dependencies.sh @@ -219,11 +219,11 @@ go_arch() { echo ${GO_ARCH["$(arch)"]} } -NODE_EXPORTER_VERSION=1.8.2 +NODE_EXPORTER_VERSION=1.9.0 declare -A NODE_EXPORTER_CHECKSUM=( - ["x86_64"]=6809dd0b3ec45fd6e992c19071d6b5253aed3ead7bf0686885a51d85c6643c66 - ["aarch64"]=627382b9723c642411c33f48861134ebe893e70a63bcc8b3fc0619cd0bfac4be - ["s390x"]=971481f06a985e9fcaee9bcd8da99a830d5b9e5f21e5225694de7e23401327c4 + ["x86_64"]=e7b65ea30eec77180487d518081d3dcb121b975f6d95f1866dfb9156c5b24075 + ["aarch64"]=5314fae1efff19abf807cfc8bd7dadbd47a35565c1043c236ffb0689dc15ef4f + ["s390x"]=089d2c2f87b4d716dd5ff006b89ab4424e7917f67830a8dd580d528f1d99ca58 ) NODE_EXPORTER_DIR=/opt/scylladb/dependencies diff --git a/tools/toolchain/image b/tools/toolchain/image index 8bc3727ee4..094ab46de7 100644 --- a/tools/toolchain/image +++ b/tools/toolchain/image @@ -1 +1 @@ -docker.io/scylladb/scylla-toolchain:fedora-41-20250209 +docker.io/scylladb/scylla-toolchain:fedora-41-20250223