Skip to content

Add Enterprise Gateway manifest injection fix references#8192

Open
cookesan wants to merge 1 commit into
github:cookesan/advisory-improvement-8192from
cookesan:jupyter-cfw7-fix-references
Open

Add Enterprise Gateway manifest injection fix references#8192
cookesan wants to merge 1 commit into
github:cookesan/advisory-improvement-8192from
cookesan:jupyter-cfw7-fix-references

Conversation

@cookesan

@cookesan cookesan commented Jun 29, 2026

Copy link
Copy Markdown

Adds Enterprise Gateway manifest injection fix references to GHSA-cfw7-6c5v-2wjq.

Audit refresh, July 8, 2026:

  • Confirmed the live PR is open, ready for review, merge-clean, and the visible advisory check is green.
  • Rechecked the merge-base diff: exactly one advisory JSON file changes (advisories/github-reviewed/2026/06/GHSA-cfw7-6c5v-2wjq/GHSA-cfw7-6c5v-2wjq.json), JSON parses, git diff --check passes, and the exact-head worktree is clean.
  • Revalidated the added public references and package-version evidence in the diff; all resolve through their source site or registry.

@github-actions github-actions Bot changed the base branch from main to cookesan/advisory-improvement-8192 June 29, 2026 00:10
@cookesan

cookesan commented Jul 7, 2026

Copy link
Copy Markdown
Author

Rechecked this reference-only PR while keeping the open Advisory Database queue current.

  • The patch only adds the Enterprise Gateway v3.3.0 release reference and fix commit reference; it does not change affected ranges, package metadata, or severity.
  • The release tag resolves as v3.3.0, and the commit resolves to 2258a41f9840ccf8754ed184b8b35fda9efb221a.
  • The commit subject explicitly matches this advisory: Fix YAML injection via KERNEL_* env vars (GHSA-cfw7-6c5v-2wjq).

No other advisory fields are changed.

@cookesan cookesan force-pushed the jupyter-cfw7-fix-references branch from 060b21f to abaa5af Compare July 7, 2026 13:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant