github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-17 07:03:31 +00:00
Code Issues Projects Releases Wiki Activity

Update debian-iptables to pick CVE fixes

Browse Source 
- This image has fixes for CVE-2021-3711, CVE-2021-3712
- This will allow kube-proxy to be built on newer base image
  which has fixes for these CVEs
This commit is contained in:
Pushkar Joglekar
2021-09-13 11:13:08 -07:00
parent 4916b6cd74
commit 64938ea160
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
build/common.sh
View File

@@ -90,7 +90,7 @@ readonly KUBE_RSYNC_PORT="${KUBE_RSYNC_PORT:-}"
readonly KUBE_CONTAINER_RSYNC_PORT=8730
# These are the default versions (image tags) for their respective base images.
readonly __default_debian_iptables_version=buster-v1.6.6
readonly __default_debian_iptables_version=buster-v1.6.7
readonly __default_go_runner_version=v2.3.1-go1.17-buster.0
readonly __default_setcap_version=buster-v2.0.4

2
build/dependencies.yaml
View File

@@ -134,7 +134,7 @@ dependencies:
match: BASEIMAGE\?\=k8s\.gcr\.io\/build-image\/debian-base-s390x:[a-zA-Z]+\-v((([0-9]+)\.([0-9]+)\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)
- name: "k8s.gcr.io/debian-iptables: dependents"
version: buster-v1.6.6
version: buster-v1.6.7
refPaths:
- path: build/common.sh
match: __default_debian_iptables_version=