Skip to content

grafana-alloy/1.12.1-r0: cve remediation #76217

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
dnegreira merged 2 commits into from
Dec 18, 2025
Merged

grafana-alloy/1.12.1-r0: cve remediation #76217

dnegreira merged 2 commits into from
Dec 18, 2025

Conversation

@octo-sts
Copy link
Contributor

@octo-sts octo-sts bot commented Dec 17, 2025

@octo-sts octo-sts bot added automated pr request-cve-remediation go/bump GHSA-cfpf-hrx2-8rv6 p:grafana-alloy P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. labels Dec 17, 2025
@octo-sts
Copy link
Contributor Author

octo-sts bot commented Dec 17, 2025
edited
Loading

🌐 Build Failed: Environment

Failed to verify and connect to VM: ssh: handshake failed: EOF failed to build: failed to build package: unable to start pod: qemu: could not get VM host key

Build Details

Category Details
Build System melange
Failure Point VM SSH connection establishment during QEMU virtual machine startup

Root Cause Analysis 🔍

The build system failed to establish a secure SSH connection to the QEMU virtual machine due to SSH handshake failure and inability to retrieve the VM host key. Multiple connection timeouts and connection refusals preceded this failure, indicating VM networking or SSH service configuration issues.

Was this comment helpful? Please use 👍 or 👎 reactions on this comment.

@octo-sts octo-sts bot added the ai/skip-comment Stop AI from commenting on PR label Dec 17, 2025
@octo-sts octo-sts bot added bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. approver-bot/manual-review-needed manual/review-needed staging-approver-bot/manual-review-needed labels Dec 18, 2025
@dnegreira dnegreira merged commit 543e1c8 into main Dec 18, 2025
24 checks passed
@dnegreira dnegreira deleted the cve-grafana-alloy-1.12.1-r0-f2d4f0c01b16d423a4e12f9a8589c0a6 branch December 18, 2025 14:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dnegreira dnegreira dnegreira approved these changes

Assignees

No one assigned

Labels

ai/skip-comment Stop AI from commenting on PR approver-bot/manual-review-needed automated pr bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. GHSA-cfpf-hrx2-8rv6 go/bump manual/review-needed p:grafana-alloy P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. request-cve-remediation staging-approver-bot/manual-review-needed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dnegreira