From 072560c25c0b19569f276ee9d638bc993fc69755 Mon Sep 17 00:00:00 2001
From: lucabello <lucabello@users.noreply.github.com>
Date: Thu, 12 Dec 2024 15:08:41 +0000
Subject: [PATCH 1/4] chore: Add new loki releases

---
 oci/loki/image.yaml | 32 ++++++++++++++------------------
 1 file changed, 14 insertions(+), 18 deletions(-)

diff --git a/oci/loki/image.yaml b/oci/loki/image.yaml
index d46fb5bc..375e4e35 100644
--- a/oci/loki/image.yaml
+++ b/oci/loki/image.yaml
@@ -1,34 +1,30 @@
 version: 1
 upload:
   - source: canonical/loki-rock
-    commit: fefb865d4becf7f9621330dc7b2e0aadd57e4099
-    directory: 2.9.6
+    commit: 9f98daaad718bda9bad58db15ffe87661379c47a
+    directory: 3.1.1
     release:
-      2.9.6-22.04:
-        end-of-life: "2025-05-28T00:00:00Z"
+      3.1-24.04:
+        end-of-life: '2025-03-13T00:00:00Z'
         risks:
           - stable
-      2.9-22.04:
-        end-of-life: "2025-05-28T00:00:00Z"
-        risks:
-          - stable
-      2-22.04:
-        end-of-life: "2025-05-28T00:00:00Z"
+      3.1.1-24.04:
+        end-of-life: '2025-03-13T00:00:00Z'
         risks:
           - stable
   - source: canonical/loki-rock
-    commit: fefb865d4becf7f9621330dc7b2e0aadd57e4099
-    directory: 3.0.0
+    commit: 9f98daaad718bda9bad58db15ffe87661379c47a
+    directory: 3.3.0
     release:
-      3.0.0-22.04:
-        end-of-life: "2025-05-28T00:00:00Z"
+      3-24.04:
+        end-of-life: '2025-03-13T00:00:00Z'
         risks:
           - stable
-      3.0-22.04:
-        end-of-life: "2025-05-28T00:00:00Z"
+      3.3-24.04:
+        end-of-life: '2025-03-13T00:00:00Z'
         risks:
           - stable
-      3-22.04:
-        end-of-life: "2025-05-28T00:00:00Z"
+      3.3.0-24.04:
+        end-of-life: '2025-03-13T00:00:00Z'
         risks:
           - stable

From eba5cb35e9fb78d7a4a50cb1e169949667c75e84 Mon Sep 17 00:00:00 2001
From: Noctua <webops+observability-noctua-bot@canonical.com>
Date: Fri, 13 Dec 2024 12:11:53 +0100
Subject: [PATCH 2/4] Update .trivyignore

---
 oci/loki/.trivyignore | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/oci/loki/.trivyignore b/oci/loki/.trivyignore
index 86da98f2..e9fbd4e4 100644
--- a/oci/loki/.trivyignore
+++ b/oci/loki/.trivyignore
@@ -10,3 +10,13 @@ CVE-2023-45142
 CVE-2023-39325
 # google.golang.org/grpc - gRPC-Go HTTP/2 Rapid Reset vulnerability
 GHSA-m425-mq94-257g
+# github.com/docker/distribution - DoS from malicious API request
+CVE-2023-2253
+# github.com/docker/docker - Encrypted overlay network may be unauthenticated
+CVE-2023-28840
+# go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp - opentelemetry: DoS vulnerability in otelhttp
+CVE-2023-45142
+# golang.org/x/net - golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)
+CVE-2023-39325
+# google.golang.org/grpc - gRPC-Go HTTP/2 Rapid Reset vulnerability
+GHSA-m425-mq94-257g

From 5e2e728951f580692823257319885234eadf7503 Mon Sep 17 00:00:00 2001
From: Noctua <webops+observability-noctua-bot@canonical.com>
Date: Fri, 13 Dec 2024 12:23:07 +0100
Subject: [PATCH 3/4] Update .trivyignore

---
 oci/loki/.trivyignore | 12 ++----------
 1 file changed, 2 insertions(+), 10 deletions(-)

diff --git a/oci/loki/.trivyignore b/oci/loki/.trivyignore
index e9fbd4e4..aca3df4e 100644
--- a/oci/loki/.trivyignore
+++ b/oci/loki/.trivyignore
@@ -10,13 +10,5 @@ CVE-2023-45142
 CVE-2023-39325
 # google.golang.org/grpc - gRPC-Go HTTP/2 Rapid Reset vulnerability
 GHSA-m425-mq94-257g
-# github.com/docker/distribution - DoS from malicious API request
-CVE-2023-2253
-# github.com/docker/docker - Encrypted overlay network may be unauthenticated
-CVE-2023-28840
-# go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp - opentelemetry: DoS vulnerability in otelhttp
-CVE-2023-45142
-# golang.org/x/net - golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)
-CVE-2023-39325
-# google.golang.org/grpc - gRPC-Go HTTP/2 Rapid Reset vulnerability
-GHSA-m425-mq94-257g
+# golang.org/x/crypto - Applications and libraries which misuse the ServerConfig.PublicKeyCall ...
+CVE-2024-45337

From a73673aa35ed096c62467eeef3e737a9c48b4ab8 Mon Sep 17 00:00:00 2001
From: Noctua <webops+observability-noctua-bot@canonical.com>
Date: Fri, 13 Dec 2024 13:16:34 +0100
Subject: [PATCH 4/4] Update .trivyignore

---
 oci/loki/.trivyignore | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/oci/loki/.trivyignore b/oci/loki/.trivyignore
index aca3df4e..6f1dff08 100644
--- a/oci/loki/.trivyignore
+++ b/oci/loki/.trivyignore
@@ -12,3 +12,5 @@ CVE-2023-39325
 GHSA-m425-mq94-257g
 # golang.org/x/crypto - Applications and libraries which misuse the ServerConfig.PublicKeyCall ...
 CVE-2024-45337
+# stdlib - encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures ...
+CVE-2024-34156