full diff: 92cb4ed978..61b7af7564
This adds new dependency github.com/fsnotify/fsnotify since 4ce334aa49
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
- relates to moby/buildkit 1111
- relates to moby/buildkit 1079
- relates to docker/buildx 129
full diff: 9461782956...e31b211e4f
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This version contains a fix for CVE-2020-9283, but the code-path
is not in use in this repository.
Updating the dependency in case people are concerned that we
use a version of the dependency that doesn't have the fix.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: https://github.com/go-yaml/yaml/compare/v2.2.4...v2.2.8
includes:
- go-yaml/yaml@f90ceb4 Fix check for non-map alias merging in v2
- fix for "yaml.Unmarshal crashes on "assignment to entry in nil map""
- go-yaml/yaml 543 Port stale simple_keys fix to v2
- go-yaml/yaml@1f64d61 Fix issue in simple_keys improvements
- fixes "Invalid simple_keys now cause panics later in decode"
- go-yaml/yaml 555 Optimize cases with long potential simple_keys
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: 60c769a6c5...69ecbb4d6d
Includes 69ecbb4d6d
(forward-port of 8b5121be2f),
to address CVE-2020-7919:
Panic in crypto/x509 certificate parsing and golang.org/x/crypto/cryptobyte
On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing
functions of golang.org/x/crypto/cryptobyte can lead to a panic.
The malformed certificate can be delivered via a crypto/tls connection to a
client, or to a server that accepts client certificates. net/http clients can
be made to crash by an HTTPS server, while net/http servers that accept client
certificates will recover the panic and are unaffected.
Thanks to Project Wycheproof for providing the test cases that led to the
discovery of this issue. The issue is CVE-2020-7919 and Go issue golang.org/issue/36837.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
List generated by running:
`git diff c9d45e652619589b4bf9 vendor.conf`
in the containerd/cri repositoru
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
full diff: f4fb1b73fb...v0.9.4
version v0.9.0 is the minimum tagged version to work with go-metrics v0.0.1,
as it depends on `prometheus.Observer`:
vendor/github.com/docker/go-metrics/timer.go:39:4: undefined: prometheus.Observer
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: 4c0e84591b...v1.0.1
- beorn7/perks#3 Avoid iterating on maps
- Speed up InsertTargeted* functions by at least 2x by avoiding iterating on maps.
- beorn7/perks#4 Fixed format error
- Use 1000000 instead of 1e6 for int constant
- Add go module support
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
+ archive: don't convert syscall.Timespec to unix.Timespec
archive/tar_unix.go:179:76: error: invalid type conversion (cannot use type syscall.Timespec as type unix.Timespec)
179 | timespec := []unix.Timespec{unix.Timespec(fs.StatAtime(st)), unix.Timespec(fs.StatMtime(st))}
+ gccgo has no plugin support
https://github.com/golang/go/issues/36403
+ update github.com/containerd/continuity
to include same fix for Timespec
Signed-off-by: Shengjing Zhu <zhsj@debian.org>
* only shim v2 runc v2 ("io.containerd.runc.v2") is supported
* only PID metrics is implemented. Others should be implemented in separate PRs.
* lots of code duplication in v1 metrics and v2 metrics. Dedupe should be separate PR.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
