k3s-1.32,k3s-1.33: mark CVE-2025-67499 as pending-upstream-fix (#27845)

OddBloke · dnegreira · web-flow · commit 4adb81502ff3 · 2025-12-11T09:18:52.000Z
Co-authored-by: David Negreira &lt;david.negreira@chainguard.dev&gt;
diff --git a/k3s-1.32.advisories.yaml b/k3s-1.32.advisories.yaml
@@ -153,6 +153,10 @@ advisories:
             componentType: go-module
             componentLocation: /usr/bin/cni
             scanner: grype
+      - timestamp: 2025-12-10T16:21:00Z
+        type: pending-upstream-fix
+        data:
+          note: k3s builds from a fork of containernetworking/plugins (https://github.com/rancher/plugins) and have not yet released a fixed version in their fork.
 
   - id: CGA-55fv-m3qp-xh5q
     aliases:
diff --git a/k3s-1.33.advisories.yaml b/k3s-1.33.advisories.yaml
@@ -117,6 +117,10 @@ advisories:
             componentType: go-module
             componentLocation: /usr/bin/cni
             scanner: grype
+      - timestamp: 2025-12-10T16:21:00Z
+        type: pending-upstream-fix
+        data:
+          note: k3s builds from a fork of containernetworking/plugins (https://github.com/rancher/plugins) and have not yet released a fixed version in their fork.
 
   - id: CGA-6rh4-p5rc-q7f6
     aliases:
