UNCLASSIFIED - NO CUI

Skip to content

chore(deps): updated redis dependency; bumped chart; regenerated readme

General MR

Summary

This MR bumps the redis image to mitigate CVE-2025-49844.

Relevant logs/screenshots

200 With Authservice Session Cookie

❯ curl -X GET -I 'https://prometheus.dev.bigbang.mil/query' \
  -b '__Host-prometheus-authservice-session-id-cookie=90DitEfSSWsCtaj8197MOZo25KsM6eLVGbw4c7Jdi1dKbkx0yhr6zStt6lf5pIls'
HTTP/2 200
date: Fri, 10 Oct 2025 15:09:26 GMT
content-length: 1752
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
referrer-policy: strict-origin

302 Without Authservice Session Cookie

❯ curl -X GET -I 'https://prometheus.dev.bigbang.mil/query'
HTTP/2 302
cache-control: no-cache
pragma: no-cache
location: https://login.dso.mil/auth/realms/baby-yoda/protocol/openid-connect/auth?client_id=platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-prometheus&code_challenge=adZje0u2S9iaYg0TnlLIY9oc8wXmO8oi3SoE6Y-E-ao&code_challenge_method=S256&nonce=DXTXMwusKMHwLGpFjZ5KqSceqj1FlJQ5&redirect_uri=https%3A%2F%2Fprometheus.dev.bigbang.mil%2Flogin%2Fgeneric_oauth&response_type=code&scope=openid&state=znitnWpX0YrX2VDyoGjjnjRWloUw7zKY
set-cookie: __Host-prometheus-authservice-session-id-cookie=dJbiSQ9B6SeoMGnZKD5ZSirvu3JEbwuhaOtLfRS2SnhUZz14CLLkbuuJRiocifiz; HttpOnly; Secure; Path=/; SameSite=Lax
date: Fri, 10 Oct 2025 15:09:38 GMT
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
referrer-policy: strict-origin

Linked Issue

#194 (closed)

Relates to https://repo1.dso.mil/big-bang/bigbang/-/issues/2904

Upgrade Notices

N/A

Edited by Zach Callahan

Merge request reports

Loading