Commit Graph

14 Commits

Author SHA1 Message Date
Niels de Vos
e08005f402 rebase: ParseAcceptLanguage takes a long time to parse complex tags
A vulnerability was found in golang.org/x/text/language package which
could cause a denial of service. An attacker can craft an
Accept-Language header which ParseAcceptLanguage will take significant
time to parse.
Version v0.3.8 of golang.org/x/text fixes a vulnerability.

See-also: https://go.dev/issue/56152
See-also: https://bugzilla.redhat.com/CVE-2022-32149
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2022-10-18 11:58:37 +00:00
Rakshith R
e72ed593be rebase: vendor files required for kmip
Signed-off-by: Rakshith R <rar@redhat.com>
2022-08-18 07:41:42 +00:00
Madhu Rajanna
c4f79d455f rebase: update kubernetes dep to 1.24.0
As kubernetes 1.24.0 is released, updating
kubernetes dependencies to 1.24.0

updates: #3086

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-05-09 09:16:12 +00:00
Madhu Rajanna
5762da3e91 rebase: update kubernetes to v1.23.0
updating go dependency to latest kubernetes
released version i.e v1.23.0

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-12-13 07:32:54 +00:00
Madhu Rajanna
fb7dc13dfe rebase: update packages in go.mod to latest releases
updated few packages in go.mod to latest
available release.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-06-04 11:52:22 +00:00
Madhu Rajanna
83559144b1 rebase: update kubernetes to v1.20.0
updated kubernetes packages to latest
release.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-12-17 16:04:54 +00:00
Niels de Vos
91774fc936 rebase: vendor dependencies for Vault API
Uses github.com/libopenstorage/secrets to communicate with Vault. This
removes the need for maintaining our own limited Vault APIs.

By adding the new dependency, several other packages got updated in the
process. Unused indirect dependencies have been removed from go.mod.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2020-11-29 04:03:59 +00:00
Mudit Agarwal
8e434bb3ee build: update vendor with latest version
Updating the version of golang.org/x/text to version v0.3.3.
It fixes the vulnerability in http://golang.org/x/text/encoding/unicode
which leads UTF-16 decoder entering an infinite loop causing
the program to crash or run out of memory.

Signed-off-by: Mudit Agarwal <muagarwa@redhat.com>
2020-09-21 10:49:28 +00:00
Madhu Rajanna
d5a0606c33 Migrate from dep to go module
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-03-17 10:44:07 +00:00
Humble Chirammal
3af1e26d7c Update to kube v1.17
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2020-01-17 12:06:02 +00:00
Madhu Rajanna
d300da19b7 vendor update for E2E framework
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2019-06-04 11:39:42 +05:30
Madhu Rajanna
b10ba188e7 vendor cleanup: remove unused,non-go and test files 2019-01-16 00:19:28 +05:30
Serguei Bezverkhi
e9033989a0 vendor updates 2018-03-07 11:43:06 -05:00
Serguei Bezverkhi
7b24313bd6 vendor files 2018-01-10 13:42:26 -05:00