github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
107,932 Commits 1 Branch 31 Tags 1,019 MiB
fba69f7eb9
Commit Graph

26 Commits

Author SHA1 Message Date
Joe Betz
d73403dc12 Pin new dependency: github.com/google/cel-go v0.9.0 2021-11-10 13:15:40 -05:00
Davanum Srinivas
f924906173
Bump golang.org/x/text to v0.3.6 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2021-05-31 18:00:12 -04:00
Benjamin Elder
56e092e382 hack/update-bazel.sh 2021-02-28 15:17:29 -08:00
David Porter
8af7405f17 vendor: cadvisor v0.38.4 2020-11-13 19:52:57 +00:00
Robert Van Voorhees
3cef97e8b5
[security] Vulnerability in golang.org/x/text/encoding/unicode v0.3.2 
Hello gophers,

Version v0.3.3 of golang.org/x/text fixes a vulnerability in the golang.org/x/text/encoding/unicode package which could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory.

An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.

transform.String has also been hardened not to enter an infinite loop if a Transformer keeps returning ErrShortSrc even if atEOF is true.

This issue was first filed as Issue 39491 by GitHub user abacabadabacaba and reported to the security team by Anton Gyllenberg. It is tracked as CVE-2020-14040.

Cheers,

Katie for the Go team
 2020-06-17 07:57:05 -04:00
Jordan Liggitt
297570e06a hack/update-vendor.sh 2019-11-06 17:42:34 -05:00
Jordan Liggitt
55d52fd5c3 golang.org/x/text v0.3.1-0.20181227161524-e6919f6577db (release-branch.go1.12) 2019-04-08 15:20:45 -04:00
Jordan Liggitt
5627034673 github.com/PuerkitoBio/purell v1.1.0 
Used only by github.com/go-openapi/..., all expecting v1.1.0
 2019-04-08 15:20:43 -04:00
Jordan Liggitt
d0261b1077 generated: hack/update-vendor.sh 2019-04-03 10:19:40 -04:00
David Ashpole
fec22bbb25 update gomega godep 2019-02-19 13:22:45 -08:00
Jeff Grafton
23ceebac22 Run hack/update-bazel.sh 2018-06-22 16:22:57 -07:00
Jeff Grafton
a725660640 Update to gazelle 0.12.0 and run hack/update-bazel.sh 2018-06-22 16:22:18 -07:00
Jeff Grafton
aee5f457db update BUILD files 2017-10-15 18:18:13 -07:00
Renaud Gaubert
1daaeb352f Bumped gRPC version to 1.3.0 2017-08-23 09:55:55 -07:00
Shyam JVS
3b014e103b Revert "Updated gRPC vendoring to support Keep Alive" 2017-08-22 15:16:52 +02:00
Renaud Gaubert
faee6d6d5d Updated gRPC version to support Keep Alive 2017-08-18 15:26:38 -07:00
Jeff Grafton
653d05c169 Regenerate all BUILD files in vendor/ from scratch using gazelle 2017-08-16 15:48:25 -07:00
Jeff Grafton
a7f49c906d Use buildozer to delete licenses() rules except under third_party/ 2017-08-11 09:32:39 -07:00
Jeff Grafton
33276f06be Use buildozer to remove deprecated automanaged tags 2017-08-11 09:31:50 -07:00
Jeff Grafton
cf55f9ed45 Autogenerate BUILD files 2017-08-11 09:30:23 -07:00
Mike Danese
a05c3c0efd autogenerated 2017-04-14 10:40:57 -07:00
Timothy St. Clair
93c051e28f Level sets dependency graph to consume etcd 3.1.5 2017-04-11 08:34:40 -05:00
Brendan Burns
7201562cc3 bump(golang.org/x/text): 2910a502d2bf9e43193af9d68ca516529614eed3 2016-12-21 14:57:26 -08:00
Saad Ali
d41b3b0929 Revert "Add missing vendor files to make godeps happy" 2016-11-02 20:56:06 -07:00
saadali
e9afbd5cdf Add missing vendor files to make godeps happy 2016-11-02 18:55:10 -07:00
mbohlool
0c51663aac Add go-openapi dependencies and update Godeps 2016-08-18 13:50:50 -07:00