Skip to content

Commit 0a25e14

Browse files
andyzhangxandyzhangx
authored
Merge pull request #1423 from andyzhangx/CVE-2024-35255-1.22
[release-1.22] fix: CVE-2024-35255
2 parents f1491fa + c16d592 commit 0a25e14

File tree

247 files changed

+14692
-5905
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

247 files changed

+14692
-5905
lines changed

.trivyignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,3 @@
11
CVE-2024-24789
22
CVE-2024-24790
3+
CVE-2024-35255

go.mod

Lines changed: 16 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ go 1.20
44

55
require (
66
github.com/Azure/azure-sdk-for-go v68.0.0+incompatible
7-
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0
7+
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.6.0
88
github.com/Azure/go-autorest/autorest v0.11.29
99
github.com/Azure/go-autorest/autorest/adal v0.9.23
1010
github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect
@@ -17,25 +17,25 @@ require (
1717
github.com/onsi/gomega v1.29.0
1818
github.com/pborman/uuid v1.2.1
1919
github.com/pelletier/go-toml v1.9.5
20-
github.com/stretchr/testify v1.8.4
21-
golang.org/x/net v0.19.0
20+
github.com/stretchr/testify v1.9.0
21+
golang.org/x/net v0.26.0
2222
google.golang.org/grpc v1.59.0
2323
google.golang.org/protobuf v1.33.0
2424
k8s.io/api v0.28.3
2525
k8s.io/apimachinery v0.28.3
2626
k8s.io/client-go v0.28.3
2727
k8s.io/component-base v0.28.3
2828
k8s.io/klog/v2 v2.100.1
29-
k8s.io/kubernetes v1.28.2
29+
k8s.io/kubernetes v1.28.4
3030
k8s.io/mount-utils v0.28.3
3131
k8s.io/utils v0.0.0-20230505201702-9f6742963106
3232
sigs.k8s.io/cloud-provider-azure v1.27.1-0.20230907063607-e9994a5f9c7a
3333
sigs.k8s.io/yaml v1.3.0
3434
)
3535

3636
require (
37-
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.8.0
38-
github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 // indirect
37+
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.12.0
38+
github.com/Azure/azure-sdk-for-go/sdk/internal v1.9.0 // indirect
3939
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.2.0 // indirect
4040
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerregistry/armcontainerregistry v1.1.0 // indirect
4141
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v4 v4.4.0 // indirect
@@ -60,7 +60,7 @@ require (
6060
github.com/Azure/go-autorest/autorest/validation v0.3.1 // indirect
6161
github.com/Azure/go-autorest/logger v0.2.1 // indirect
6262
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
63-
github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1 // indirect
63+
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect
6464
github.com/NYTimes/gziphandler v1.1.1 // indirect
6565
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a // indirect
6666
github.com/beorn7/perks v1.0.1 // indirect
@@ -83,13 +83,13 @@ require (
8383
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
8484
github.com/gogo/protobuf v1.3.2 // indirect
8585
github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
86-
github.com/golang-jwt/jwt/v5 v5.0.0 // indirect
86+
github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
8787
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
8888
github.com/google/cel-go v0.16.1 // indirect
8989
github.com/google/go-cmp v0.6.0 // indirect
9090
github.com/google/gofuzz v1.2.0 // indirect
9191
github.com/google/pprof v0.0.0-20230602010524-ada837c32108 // indirect
92-
github.com/google/uuid v1.4.0 // indirect
92+
github.com/google/uuid v1.6.0 // indirect
9393
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect
9494
github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 // indirect
9595
github.com/inconshreveable/mousetrap v1.1.0 // indirect
@@ -105,7 +105,7 @@ require (
105105
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
106106
github.com/opencontainers/go-digest v1.0.0 // indirect
107107
github.com/opencontainers/selinux v1.10.0 // indirect
108-
github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect
108+
github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
109109
github.com/pmezard/go-difflib v1.0.0 // indirect
110110
github.com/prometheus/client_golang v1.16.0 // indirect
111111
github.com/prometheus/client_model v0.4.0 // indirect
@@ -129,15 +129,15 @@ require (
129129
go.uber.org/atomic v1.10.0 // indirect
130130
go.uber.org/multierr v1.11.0 // indirect
131131
go.uber.org/zap v1.19.0 // indirect
132-
golang.org/x/crypto v0.16.0 // indirect
132+
golang.org/x/crypto v0.24.0 // indirect
133133
golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect
134134
golang.org/x/oauth2 v0.11.0 // indirect
135-
golang.org/x/sync v0.5.0 // indirect
136-
golang.org/x/sys v0.15.0 // indirect
137-
golang.org/x/term v0.15.0 // indirect
138-
golang.org/x/text v0.14.0 // indirect
135+
golang.org/x/sync v0.7.0 // indirect
136+
golang.org/x/sys v0.21.0 // indirect
137+
golang.org/x/term v0.21.0 // indirect
138+
golang.org/x/text v0.16.0 // indirect
139139
golang.org/x/time v0.3.0 // indirect
140-
golang.org/x/tools v0.16.1 // indirect
140+
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
141141
google.golang.org/appengine v1.6.7 // indirect
142142
google.golang.org/genproto v0.0.0-20231030173426-d783a09b4405 // indirect
143143
google.golang.org/genproto/googleapis/api v0.0.0-20231016165738-49dd2c1f3d0b // indirect

0 commit comments

Comments
 (0)