github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2026-01-24 14:04:07 +00:00
Code Issues Projects Releases Wiki Activity
92,143 Commits 42 Branches 8,639 Tags
4069194aea66099e7ccb28fddf96d6bb31abb49e
Commit Graph

357 Commits

Author SHA1 Message Date
Stephen Augustus
2ec37d94fa Update go.etcd.io/bbolt to v1.3.5 
Signed-off-by: Stephen Augustus <saugustus@vmware.com>
 2020-06-20 21:09:52 -04:00
Robert Van Voorhees
3cef97e8b5 [security] Vulnerability in golang.org/x/text/encoding/unicode v0.3.2 
Hello gophers,

Version v0.3.3 of golang.org/x/text fixes a vulnerability in the golang.org/x/text/encoding/unicode package which could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory.

An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.

transform.String has also been hardened not to enter an infinite loop if a Transformer keeps returning ErrShortSrc even if atEOF is true.

This issue was first filed as Issue 39491 by GitHub user abacabadabacaba and reported to the security team by Anton Gyllenberg. It is tracked as CVE-2020-14040.

Cheers,

Katie for the Go team
 2020-06-17 07:57:05 -04:00
Kubernetes Prow Robot
81f84d3a17 Merge pull request #92069 from tapih/update-json-patch 
Update github.com/evanphx/json-patch to e83c0a1c26c884f8ec4fb743f6db9…
 2020-06-16 19:23:22 -07:00
Kubernetes Prow Robot
51aac92f69 Merge pull request #91922 from Jefftree/netproxy-009 
Upgrade apiserver-network-proxy to v0.0.9
 2020-06-16 19:22:39 -07:00
jingyih
fec3aa4a47 Pin go.etcd.io/etcd to 3.4.9 and rebuild vendor 2020-06-12 08:43:10 -07:00
Hiroshi Muraoka
5b06aaa7ab Update github.com/evanphx/json-patch to e83c0a1c26c884f8ec4fb743f6db92a941f605f1 
Signed-off-by: Hiroshi Muraoka <h.muraoka714@gmail.com>
 2020-06-12 11:11:08 +00:00
Kubernetes Prow Robot
2930723a25 Merge pull request #91856 from wawa0210/bump-corefile-migration 
update corefile-migration library to 1.0.8
 2020-06-11 05:31:10 -07:00
Kubernetes Prow Robot
5d7cac86b6 Merge pull request #91861 from andyzhangx/upgrade-43.0 
upgrade azure-sdk-for-go to v43.0.0
 2020-06-08 21:44:36 -07:00
Jefftree
508794cea6 Network proxy v0.0.9 2020-06-08 15:42:17 -07:00
andyzhangx
ceecc17001 chore: upgrade azure-sdk-for-go to v43.0.0 2020-06-06 14:03:40 +00:00
wawa0210
f83a7a743b update corefile-migration library to 1.0.8 2020-06-06 17:31:04 +08:00
Marek Siarkowicz
1e3918f1d0 Upgrade klog to v2.1.0 
Update contains fixes required for Structured Logging Effort
 2020-06-04 23:41:51 +02:00
Davanum Srinivas
9f00e5769e Update hcsshim to v0.8.9 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-19 19:53:55 -04:00
RainbowMango
283d9f7483 Pin transitive dependencies: 
pin dependency github.com/beorn7/perks from v1.0.0 to v1.0.1
pin dependency github.com/golang/protobuf from v1.3.3 to v1.4.2
pin denpendency github.com/json-iterator/go from v1.1.8 to v1.1.9
pin dependency github.com/prometheus/common from v0.4.1 to v0.9.1
pin dependency github.com/prometheus/procfs from v0.0.5 to v0.0.11
pin dependency github.com/alecthomas/template from v0.0.0-20160405071501-a0175ee3bccc to v0.0.0-20190718012654-fb15b899a751
pin dependency github.com/alecthomas/units from v0.0.0-20151022065526-2efee857e7cf to v0.0.0-20190717042225-c3de453c63f4
pin dependency github.com/go-kit/kit from v0.8.0 to v0.9.0
pin dependency github.com/go-logfmt/logfmt from v0.3.0 to v0.4.0

Co-Authored-By: Jordan Liggitt <jordan@liggitt.net>
 2020-05-19 09:38:29 +08:00
RainbowMango
d8062e076e bump github.com/prometheus/client_golang to v1.6.0 2020-05-19 09:37:10 +08:00
Davanum Srinivas
07d88617e5 Run hack/update-vendor.sh 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:54:33 -04:00
Davanum Srinivas
3992c8669f Updating dependency golang.org/x/mod to version v0.1.0 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:53:02 -04:00
Davanum Srinivas
e3a1dde5a1 Updating dependency golang.org/x/mobile to version v0.0.0-20190719004257-d2bd2a29d028 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:53:02 -04:00
Davanum Srinivas
4fca8bba14 Updating dependency golang.org/x/image to version v0.0.0-20190802002840-cff245a6509b 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:53:02 -04:00
Davanum Srinivas
15fa9902e9 Updating dependency golang.org/x/oauth2 to version v0.0.0-20191202225959-858c2ad4c8b6 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:53:01 -04:00
Davanum Srinivas
a31d23dce3 Updating dependency golang.org/x/lint to version v0.0.0-20191125180803-fdd1cda4f05f 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:53:01 -04:00
Davanum Srinivas
cd596c5bdf Updating dependency golang.org/x/exp to version v0.0.0-20191227195350-da58074b4299 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:53:00 -04:00
Davanum Srinivas
75091f6153 Updating dependency github.com/ianlancetaylor/demangle to version v0.0.0-20181102032728-5e5cf60278f6 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:53:00 -04:00
Davanum Srinivas
4335e46738 Updating dependency honnef.co/go/tools to version v0.0.1-2019.2.3 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:53:00 -04:00
Davanum Srinivas
f541ac3139 Updating dependency google.golang.org/appengine to version v1.6.5 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:52:59 -04:00
Davanum Srinivas
3a44a2ab41 Updating dependency go.opencensus.io to version v0.22.2 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:52:59 -04:00
Davanum Srinivas
a185928a25 Updating dependency github.com/jstemmer/go-junit-report to version v0.9.1 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:52:58 -04:00
Davanum Srinivas
584cccad8b Updating dependency github.com/google/pprof to version v0.0.0-20191218002539-d4f498aebedc 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:52:58 -04:00
Davanum Srinivas
9bdefa900a Updating dependency github.com/golang/groupcache to version v0.0.0-20191227052852-215e87163ea7 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:52:58 -04:00
Davanum Srinivas
f25cb97234 Updating dependency google.golang.org/genproto to version v0.0.0-20200115191322-ca5a22157cba 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:52:57 -04:00
Davanum Srinivas
8a9bbd691e Updating dependency cloud.google.com/go to version v0.51.0 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:52:57 -04:00
Davanum Srinivas
f1036ad75e Updating dependency sigs.k8s.io/apiserver-network-proxy/konnectivity-client to version 33b9978 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:52:56 -04:00
Davanum Srinivas
082578c22f Updating dependency github.com/google/cadvisor to version 6a8d614 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:52:56 -04:00
Davanum Srinivas
449810c785 Updating dependency k8s.io/utils to version 2df71eb 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:52:56 -04:00
Davanum Srinivas
ca8ec8a623 Updating dependency github.com/GoogleCloudPlatform/k8s-cloud-provider to version 7901bc8 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:52:55 -04:00
Davanum Srinivas
815c6d4c90 Updating dependency k8s.io/kube-openapi to version 656914f 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:52:55 -04:00
Davanum Srinivas
b158354e8a Updating dependency k8s.io/gengo to version 8167cfd 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-05-16 07:52:51 -04:00
Kubernetes Prow Robot
678415a8a7 Merge pull request #91044 from gongguan/cobra-1.0.0 
update spf13/cobra dependency to 1.0.0
 2020-05-15 02:48:48 -07:00
louisgong
205ded20da update spf13/cobra dependency to 1.0.0 2020-05-14 11:03:30 +08:00
Satish Matti
8f75fce78c Update dependency google.golang.org/api to v0.15.1 
Steps:
./hack/pin-dependency.sh google.golang.org/api v0.15.1
./hack/update-vendor.sh
./hack/verify-vendor.sh
./hack/pin-dependency.sh github.com/googleapis/gax-go/v2 v2.0.5
./hack/update-vendor.sh
./hack/verify-vendor.sh
./hack/lint-dependencies.sh
 2020-05-12 10:26:19 -07:00
Kubernetes Prow Robot
b6514880d4 Merge pull request #90555 from andrewsykim/update-moby-ipvs 
update github.com/moby/ipvs to v1.0.1 to fix IPVS compatiblity issue with older kernels
 2020-05-01 00:40:51 -07:00
Andrew Sy Kim
4c3d9dad5f update github.com/moby/ipvs to v1.0.1 to fix IPVS compatiblity issue with old kernels 
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
 2020-04-28 10:31:36 -04:00
Sascha Grunert
519686faeb Update runtime-spec to v1.0.2 
We can now use the new version since v1.0.2 has be officially released.

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
 2020-04-27 09:34:54 +02:00
Davanum Srinivas
be5279947c go-isatty to v0.0.4 as needed by lint-dependencies 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-04-20 13:45:46 -04:00
Davanum Srinivas
f981628ce8 move linting dependencies to hack/tools/tools.go 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-04-20 13:45:38 -04:00
Davanum Srinivas
12146cb4df Do not include bazel related deps in root go.mod 
- add ./hack/tools/go.mod, this makes ./hack/tools a distinct module
- hack/tools/tools.go undescore imports bazel related tools, over time we
can add others.
- hack/*.sh scripts will cd to hack/tools and go install tools from there

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-04-19 22:01:50 -04:00
Kubernetes Prow Robot
ec00b4fcc2 Merge pull request #89833 from liggitt/json-raw 
preserve integers decoding raw JSON values
 2020-04-09 12:53:47 -07:00
Kubernetes Prow Robot
b3837f858a Merge pull request #89942 from dims/update-fsnotify-to-pick-up-bug-fixes 
Updating dependency github.com/fsnotify/fsnotify to version v1.4.9
 2020-04-08 16:47:57 -07:00
Lubomir I. Ivanov
8183787493 update system-validators to v1.1.2 
Version v1.1.0 added support for validating cgroups v2.
v1.1.1 includes a fix for a broken cross-build on !linux.
v1.1.2 reverted a breaking API change with the introduction of CgroupsSpec.
 2020-04-08 20:41:23 +03:00
Davanum Srinivas
eee5235d25 Updating dependency github.com/fsnotify/fsnotify to version v1.4.9 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-04-07 20:50:27 -04:00