mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2025-06-14 10:53:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

build: update client-go and other kube dependencies to 1.20.6

Browse Source 
client-go 1.20.6 has a fix for below CVE: This patch address this
via updating client-go and other dependencies.

CVE-2019-11250 : The MITRE CVE dictionary describes this issue as:

The Kubernetes client-go library logs request headers at verbosity
levels of 7 or higher. This can disclose credentials to unauthorized
users via logs or command output. Kubernetes components (such as
kube-apiserver) prior to v1.16.0, which make use of basic or bearer
token authentication, and run at high verbosity levels, are affected.

Ref# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11250

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
This commit is contained in:
Humble Chirammal
2021-05-10 16:15:47 +05:30
committed by mergify[bot]
parent fa1414d98f
commit 78211b694b
75 changed files with 1208 additions and 3652 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
go.mod
View File

@ -24,13 +24,13 @@ require (
golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83
golang.org/x/sys v0.0.0-20201112073958-5cba982894dd
google.golang.org/grpc v1.36.1
k8s.io/api v0.20.0
k8s.io/apimachinery v0.20.0
k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible
k8s.io/cloud-provider v0.20.0
k8s.io/api v0.20.6
k8s.io/apimachinery v0.20.6
k8s.io/client-go v0.20.6
k8s.io/cloud-provider v0.20.6
k8s.io/klog/v2 v2.4.0
k8s.io/kubernetes v1.20.0
k8s.io/mount-utils v0.20.0
k8s.io/kubernetes v1.20.6
k8s.io/mount-utils v0.20.6
k8s.io/utils v0.0.0-20201110183641-67b214c5f920
sigs.k8s.io/controller-runtime v0.6.0
)
@ -42,29 +42,29 @@ replace (
github.com/kubernetes-csi/external-snapshotter/v2 => github.com/kubernetes-csi/external-snapshotter/v2 v2.1.1-0.20200504125226-859696c419ff
github.com/kubernetes-incubator/external-storage => github.com/kubernetes-incubator/external-storage v5.5.0+incompatible
google.golang.org/grpc => google.golang.org/grpc v1.35.0
k8s.io/api => k8s.io/api v0.20.0
k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.20.0
k8s.io/apimachinery => k8s.io/apimachinery v0.20.0
k8s.io/apiserver => k8s.io/apiserver v0.20.0
k8s.io/cli-runtime => k8s.io/cli-runtime v0.20.0
k8s.io/client-go => k8s.io/client-go v0.20.0
k8s.io/cloud-provider => k8s.io/cloud-provider v0.20.0
k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.20.0
k8s.io/code-generator => k8s.io/code-generator v0.20.0
k8s.io/component-base => k8s.io/component-base v0.20.0
k8s.io/component-helpers => k8s.io/component-helpers v0.20.0
k8s.io/controller-manager => k8s.io/controller-manager v0.20.0
k8s.io/cri-api => k8s.io/cri-api v0.20.0
k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.20.0
k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.20.0
k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.20.0
k8s.io/kube-proxy => k8s.io/kube-proxy v0.20.0
k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.20.0
k8s.io/kubectl => k8s.io/kubectl v0.20.0
k8s.io/kubelet => k8s.io/kubelet v0.20.0
k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.20.0
k8s.io/metrics => k8s.io/metrics v0.20.0
k8s.io/mount-utils => k8s.io/mount-utils v0.20.0
k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.20.0
k8s.io/api => k8s.io/api v0.20.6
k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.20.6
k8s.io/apimachinery => k8s.io/apimachinery v0.20.6
k8s.io/apiserver => k8s.io/apiserver v0.20.6
k8s.io/cli-runtime => k8s.io/cli-runtime v0.20.6
k8s.io/client-go => k8s.io/client-go v0.20.6
k8s.io/cloud-provider => k8s.io/cloud-provider v0.20.6
k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.20.6
k8s.io/code-generator => k8s.io/code-generator v0.20.6
k8s.io/component-base => k8s.io/component-base v0.20.6
k8s.io/component-helpers => k8s.io/component-helpers v0.20.6
k8s.io/controller-manager => k8s.io/controller-manager v0.20.6
k8s.io/cri-api => k8s.io/cri-api v0.20.6
k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.20.6
k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.20.6
k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.20.6
k8s.io/kube-proxy => k8s.io/kube-proxy v0.20.6
k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.20.6
k8s.io/kubectl => k8s.io/kubectl v0.20.6
k8s.io/kubelet => k8s.io/kubelet v0.20.6
k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.20.6
k8s.io/metrics => k8s.io/metrics v0.20.6
k8s.io/mount-utils => k8s.io/mount-utils v0.20.6
k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.20.6
vbom.ml/util => github.com/fvbommel/util v0.0.0-20180919145318-efcd4e0f9787
)