tomsweeneyredhat
670947188f
[release-1.16] Fix CVE-2025-27144
...
Addresses CVE-2025-27144 by bumping github.com/go-jose/go-jose/v3 to
v3.0.4 and github.com/go-jose/go-jose/v4 to v4.0.5
Fixes: https://issues.redhat.com/browse/OCPBUGS-51251 ,
https://issues.redhat.com/browse/OCPBUGS-51252
[NO NEW TESTS NEEDED]
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
2025-03-03 21:12:23 -05:00
tomsweeneyredhat
a47ee582a3
[release-1.16] Bump c/common to v0.60.2, c/image to v5.32.2
...
Bumping to the latest version of c/common and c/image to get
the latest updates for zstd:chunked and the multiple
signature keys updates.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
2024-08-21 14:43:05 -04:00
renovate[bot]
299848119c
fix(deps): update module github.com/containers/image/v5 to v5.32.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-27 15:02:36 +00:00
renovate[bot]
b97655fa16
chore(deps): update module google.golang.org/grpc to v1.64.1 [security]
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-11 17:15:06 +00:00
renovate[bot]
0847edc556
fix(deps): update module golang.org/x/term to v0.22.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-04 21:52:57 +00:00
renovate[bot]
527a8655a5
fix(deps): update module github.com/containers/ocicrypt to v1.2.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-01 15:18:10 +00:00
renovate[bot]
4d940944fb
fix(deps): update module golang.org/x/term to v0.21.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-06-04 19:13:05 +00:00
renovate[bot]
25a4f08ee2
fix(deps): update module github.com/containers/common to v0.59.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-23 13:34:45 +00:00
renovate[bot]
3ccc89bb4a
fix(deps): update module github.com/containers/image/v5 to v5.31.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-21 19:44:54 +00:00
Miloslav Trmač
7649059a0d
Update c/image after https://github.com/containers/image/pull/2408
...
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2024-05-14 00:27:15 +02:00
renovate[bot]
ea61840040
fix(deps): update module golang.org/x/exp to v0.0.0-20240506185415-9bf2ced13842
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-06 23:20:45 +00:00
renovate[bot]
273e2d0c60
fix(deps): update module golang.org/x/term to v0.20.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-05 15:04:33 +00:00
renovate[bot]
3cb058221f
fix(deps): update module golang.org/x/exp to v0.0.0-20240416160154-fe59bbe5cc7f
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-05-02 19:15:36 +00:00
renovate[bot]
5848194b9b
chore(deps): update module golang.org/x/net to v0.23.0 [security]
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-22 18:19:00 +00:00
renovate[bot]
d84b1267ef
fix(deps): update module golang.org/x/term to v0.19.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-04-04 17:21:30 +00:00
renovate[bot]
086701bd75
fix(deps): update module github.com/containers/image/v5 to v5.30.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-03-05 15:28:48 +00:00
renovate[bot]
a80f634f60
fix(deps): update module golang.org/x/term to v0.18.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-03-04 22:37:09 +00:00
renovate[bot]
4d80bf8c7d
fix(deps): update github.com/containers/image/v5 digest to faa4f4f
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-03-01 18:22:38 +00:00
Miloslav Trmač
c3e2b20299
Update c/image after https://github.com/containers/image/pull/2273
...
This is necessary so that c/image tests can pass.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2024-02-08 00:19:58 +01:00
renovate[bot]
149fec0a88
fix(deps): update golang.org/x/exp digest to 1b97071
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-01 01:09:02 +00:00
renovate[bot]
58ff9fdb27
fix(deps): update module github.com/containers/storage to v1.52.0
...
... and c/image/v5 to main
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2024-01-20 00:15:27 +01:00
renovate[bot]
e51dbbd89f
fix(deps): update module golang.org/x/term to v0.16.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-04 16:31:25 +00:00
renovate[bot]
48d11dac3f
fix(deps): update golang.org/x/exp digest to 6522937
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-12-04 14:05:30 +00:00
renovate[bot]
9f52e728f7
fix(deps): update module golang.org/x/term to v0.15.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-11-27 19:58:24 +00:00
Miloslav Trmač
518181e595
Update c/image and c/common to latest
...
... to include https://github.com/containers/image/pull/2173
and https://github.com/containers/common/pull/1731 .
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2023-11-16 18:21:43 +01:00
renovate[bot]
a8e7d94ebe
fix(deps): update module golang.org/x/term to v0.14.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-11-08 08:11:46 +00:00
renovate[bot]
fa3e62f21b
chore(deps): update module golang.org/x/net to v0.17.0 [security]
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-10-16 14:21:02 +00:00
renovate[bot]
538dd6f3b4
fix(deps): update module golang.org/x/term to v0.13.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-10-05 19:58:47 +00:00
renovate[bot]
32c8a05a24
fix(deps): update module github.com/containers/image/v5 to v5.28.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-13 19:19:23 +02:00
renovate[bot]
427e58f5f5
fix(deps): update golang.org/x/exp digest to 9212866
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-06 00:23:35 +00:00
renovate[bot]
897619f6b5
fix(deps): update github.com/containers/image/v5 digest to 58d5eb6
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-09-04 18:19:51 +00:00
Miloslav Trmač
4ee2946bbc
Update c/image after https://github.com/containers/image/pull/2070
...
> go get github.com/containers/image/v5@main
> make vendor
This moves c/image to a commit that includes both the work on main
that we were already vendoring, and the last tagged version 5.27.0.
That should prevent Renovate from proposing downgrades which fail tests:
- https://github.com/containers/skopeo/pull/2065
- https://github.com/containers/skopeo/pull/2066
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2023-08-14 20:24:51 +02:00
renovate[bot]
276b80955a
fix(deps): update module golang.org/x/term to v0.11.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-08-04 16:44:37 +00:00
Miloslav Trmač
60ee543f7f
Update c/image for golang.org/x/exp
...
> go get github.com/containers/image/v5@main
> go mod tidy && go mod vendor
This updates c/image with a new version of x/exp.
That package has changed API in an incompatible way,
so just bumping x/exp (as in https://github.com/containers/skopeo/pull/2060 )
would break Skopeo builds.
This updates both c/image and x/exp in lockstep (and nothing
needs updating in Skopeo itself for the x/exp breakage).
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2023-08-02 22:41:44 +02:00
renovate[bot]
2945e9e039
Update module golang.org/x/term to v0.10.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-07-06 13:10:13 +00:00
renovate[bot]
bfa04ea246
Update module github.com/containers/common to v0.54.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-06-28 23:02:07 +00:00
renovate[bot]
1d5458fa7c
Update module github.com/containers/image/v5 to v5.26.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-06-28 19:04:12 +00:00
renovate[bot]
ceeeb67e6b
Update module golang.org/x/term to v0.9.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-06-14 16:09:34 +00:00
renovate[bot]
1c7388064a
Update github.com/containers/image/v5 digest to e14c1c5
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-06-01 01:10:03 +00:00
Miloslav Trmač
44ed4cea0a
Update c/image with https://github.com/containers/image/pull/1944
...
... to update github.com/opencontainers/image-spec to v1.1.0-rc3.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2023-05-05 20:07:59 +02:00
renovate[bot]
2825ffd9ea
Update module golang.org/x/term to v0.8.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-05-04 17:54:52 +00:00
renovate[bot]
03e18aa99c
Update golang.org/x/exp digest to 47ecfdc
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-05-01 02:12:10 +00:00
renovate[bot]
5f0314f342
Update module github.com/containers/common to v0.52.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-04-11 17:35:08 +00:00
renovate[bot]
03ca2871fe
fix(deps): update module golang.org/x/term to v0.7.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-04-05 15:45:36 +00:00
Lokesh Mandvekar
20447df139
bump golang.org/x/net to v0.8.0
...
Resolves: CVE-2022-41723
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-41723
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
2023-03-15 18:58:10 +05:30
renovate[bot]
3481a5b927
Update module golang.org/x/term to v0.6.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-03-05 03:40:10 +00:00
Miloslav Trmač
643a2359e4
Update c/image after https://github.com/containers/image/pull/1816
...
... to work around some of the "unexpected EOF" failures.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2023-02-09 20:36:27 +01:00
renovate[bot]
2acac8a6c2
Update module golang.org/x/term to v0.5.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-02-07 21:58:55 +00:00
renovate[bot]
f9e2c67648
Update golang.org/x/exp digest to 46f607a
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-02-06 22:14:39 +00:00
Miloslav Trmač
f2b3a9c04b
Use golang.org/x/exp
...
... instead of open-coding loops.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2023-02-02 22:27:35 +01:00
