- 
                Notifications
    You must be signed in to change notification settings 
- Fork 1.6k
Open
Labels
sig/docsCategorizes an issue or PR as relevant to SIG Docs.Categorizes an issue or PR as relevant to SIG Docs.sig/securityCategorizes an issue or PR as relevant to SIG Security.Categorizes an issue or PR as relevant to SIG Security.stage/betaDenotes an issue tracking an enhancement targeted for Beta statusDenotes an issue tracking an enhancement targeted for Beta statustracked/out-of-treeDenotes an out-of-tree enhancement issue, which does not need to be tracked by the Release TeamDenotes an out-of-tree enhancement issue, which does not need to be tracked by the Release Team
Description
Enhancement Description
- One-line enhancement description (can be used as a release note): Auto-refreshing official CVE feed
- Slack thread about Code Freeze discussion: https://kubernetes.slack.com/archives/C2C40FMNF/p1659035059991979
- Kubernetes Enhancement Proposal: https://github.com/kubernetes/enhancements/tree/master/keps/sig-security/3203-auto-refreshing-official-cve-feed
- Discussion Link: https://docs.google.com/document/d/1GgmmNYN88IZ2v2NBiO3gdU8Riomm0upge_XNVxEYXp0/edit#heading=h.ash02v8wrjia
- Primary contact (assignee): @PushkarJ
- Responsible SIGs: @kubernetes/sig-security
- Tracking issue: Create a periodically auto-refreshing list of fixed CVEs sig-security#1
- Enhancement target (which target equals to which milestone):
- Alpha release target (x.y): 1.25
- Beta release target (x.y): 1.27
- Stable release target (x.y):
 
-  Alpha
-  KEP (k/enhancements) update PR(s): KEP-3203: Add Auto-refreshing Official CVE feed #3204
-  Code (k/k) update PR(s): N/A
-  Docs (k/website) update PR(s): [KEP-3203] Fetch and Render CVE JSON Feed website#35228
-  Org k/k8s.ioPR(s): kubernetes-public: add bucket k8s-cve-feed k8s.io#4009
-  Infra k/test-infraPR(s):
-  Security k/sig-securityPR(s):
- Feature blog: Announce (auto-refreshing) Official CVE Feed alpha website#35608 and Implementing Official CVE Feed alpha contributor-site#330
 
-  KEP (
-  Beta
-  KEP (k/enhancements) update PR(s): KEP-3203: Alpha->Beta Graduation Updates #3828
-  Code (k/k) update PR(s): N/A
-  Docs (k/website) update(s):
-  Security k/sig-securityPR(s):- Fix CVE feed: comply with the JSON feed specifications and add the full JSON feed object in the script output to add last_updatedroot fields sig-security#76
- Fix CVE feed: comply with the JSON feed specifications sig-security#75
- CVE feed: Add a link to the testgrid.k8s.io prow job as metadata sig-security#83
 
- Fix CVE feed: comply with the JSON feed specifications and add the full JSON feed object in the script output to add 
- Feature blog PR: Add Blog Post for KEP-3202 beta (CVE feed) website#39644
 
-  KEP (
Please keep this description up to date. This will help the Enhancement Team to track the evolution of the enhancement efficiently.
sftimnehaLohia27
Metadata
Metadata
Assignees
Labels
sig/docsCategorizes an issue or PR as relevant to SIG Docs.Categorizes an issue or PR as relevant to SIG Docs.sig/securityCategorizes an issue or PR as relevant to SIG Security.Categorizes an issue or PR as relevant to SIG Security.stage/betaDenotes an issue tracking an enhancement targeted for Beta statusDenotes an issue tracking an enhancement targeted for Beta statustracked/out-of-treeDenotes an out-of-tree enhancement issue, which does not need to be tracked by the Release TeamDenotes an out-of-tree enhancement issue, which does not need to be tracked by the Release Team