Commit Graph

4 Commits

Author SHA1 Message Date
Humble Chirammal
78211b694b build: update client-go and other kube dependencies to 1.20.6
client-go 1.20.6 has a fix for below CVE: This patch address this
via updating client-go and other dependencies.

CVE-2019-11250 : The MITRE CVE dictionary describes this issue as:

The Kubernetes client-go library logs request headers at verbosity
levels of 7 or higher. This can disclose credentials to unauthorized
users via logs or command output. Kubernetes components (such as
kube-apiserver) prior to v1.16.0, which make use of basic or bearer
token authentication, and run at high verbosity levels, are affected.

Ref# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11250

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-05-26 09:14:10 +00:00
mickymiek
8ee6bc4b91 added vendors 2018-12-19 15:29:25 +01:00
Serguei Bezverkhi
1f1e8cea37 Updated vednor files 2018-02-15 08:50:31 -05:00
Serguei Bezverkhi
7b24313bd6 vendor files 2018-01-10 13:42:26 -05:00