mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2024-09-19 15:09:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
78211b694b
ceph-csi/go.mod
Humble Chirammal 78211b694b build: update client-go and other kube dependencies to 1.20.6 
client-go 1.20.6 has a fix for below CVE: This patch address this
via updating client-go and other dependencies.

CVE-2019-11250 : The MITRE CVE dictionary describes this issue as:

The Kubernetes client-go library logs request headers at verbosity
levels of 7 or higher. This can disclose credentials to unauthorized
users via logs or command output. Kubernetes components (such as
kube-apiserver) prior to v1.16.0, which make use of basic or bearer
token authentication, and run at high verbosity levels, are affected.

Ref# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11250

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-05-26 09:14:10 +00:00

71 lines
3.2 KiB
Modula-2
Raw Blame History

module github.com/ceph/ceph-csi
go 1.16
require (
github.com/aws/aws-sdk-go v1.38.8
github.com/ceph/go-ceph v0.8.0
github.com/container-storage-interface/spec v1.3.0
github.com/csi-addons/replication-lib-utils v0.2.0
github.com/csi-addons/spec v0.1.0
github.com/go-logr/logr v0.2.1 // indirect
github.com/golang/protobuf v1.5.2
github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0
github.com/hashicorp/vault/api v1.0.5-0.20200902155336-f9d5ce5a171a
github.com/kubernetes-csi/csi-lib-utils v0.7.0
github.com/kubernetes-csi/external-snapshotter/v2 v2.1.1
github.com/libopenstorage/secrets v0.0.0-20201006135900-af310b01fe47
github.com/onsi/ginkgo v1.12.0
github.com/onsi/gomega v1.9.0
github.com/pborman/uuid v1.2.0
github.com/prometheus/client_golang v1.7.1
github.com/stretchr/testify v1.7.0
golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83
golang.org/x/sys v0.0.0-20201112073958-5cba982894dd
google.golang.org/grpc v1.36.1
k8s.io/api v0.20.6
k8s.io/apimachinery v0.20.6
k8s.io/client-go v0.20.6
k8s.io/cloud-provider v0.20.6
k8s.io/klog/v2 v2.4.0
k8s.io/kubernetes v1.20.6
k8s.io/mount-utils v0.20.6
k8s.io/utils v0.0.0-20201110183641-67b214c5f920
sigs.k8s.io/controller-runtime v0.6.0
)
replace (
github.com/golang/protobuf => github.com/golang/protobuf v1.4.3
github.com/hashicorp/vault/api => github.com/hashicorp/vault/api v1.0.5-0.20200902155336-f9d5ce5a171a
github.com/hashicorp/vault/sdk => github.com/hashicorp/vault/sdk v0.1.14-0.20201116234512-b4d4137dfe8b
github.com/kubernetes-csi/external-snapshotter/v2 => github.com/kubernetes-csi/external-snapshotter/v2 v2.1.1-0.20200504125226-859696c419ff
github.com/kubernetes-incubator/external-storage => github.com/kubernetes-incubator/external-storage v5.5.0+incompatible
google.golang.org/grpc => google.golang.org/grpc v1.35.0
k8s.io/api => k8s.io/api v0.20.6
k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.20.6
k8s.io/apimachinery => k8s.io/apimachinery v0.20.6
k8s.io/apiserver => k8s.io/apiserver v0.20.6
k8s.io/cli-runtime => k8s.io/cli-runtime v0.20.6
k8s.io/client-go => k8s.io/client-go v0.20.6
k8s.io/cloud-provider => k8s.io/cloud-provider v0.20.6
k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.20.6
k8s.io/code-generator => k8s.io/code-generator v0.20.6
k8s.io/component-base => k8s.io/component-base v0.20.6
k8s.io/component-helpers => k8s.io/component-helpers v0.20.6
k8s.io/controller-manager => k8s.io/controller-manager v0.20.6
k8s.io/cri-api => k8s.io/cri-api v0.20.6
k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.20.6
k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.20.6
k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.20.6
k8s.io/kube-proxy => k8s.io/kube-proxy v0.20.6
k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.20.6
k8s.io/kubectl => k8s.io/kubectl v0.20.6
k8s.io/kubelet => k8s.io/kubelet v0.20.6
k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.20.6
k8s.io/metrics => k8s.io/metrics v0.20.6
k8s.io/mount-utils => k8s.io/mount-utils v0.20.6
k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.20.6
vbom.ml/util => github.com/fvbommel/util v0.0.0-20180919145318-efcd4e0f9787
)
Reference in New Issue View Git Blame Copy Permalink