Merge pull request #1369 from andyzhangx/CVE-2024-3177-1.23

[release-1.23] fix: CVE-2024-3177

Author: andyzhangx

go.mod

@@ -22,13 +22,13 @@ require (
 	golang.org/x/net v0.24.0
 	google.golang.org/grpc v1.59.0
 	google.golang.org/protobuf v1.33.0
-	k8s.io/api v0.29.2
-	k8s.io/apimachinery v0.29.2
-	k8s.io/client-go v0.29.2
-	k8s.io/component-base v0.29.2
+	k8s.io/api v0.29.4
+	k8s.io/apimachinery v0.29.4
+	k8s.io/client-go v0.29.4
+	k8s.io/component-base v0.29.4
 	k8s.io/klog/v2 v2.120.1
-	k8s.io/kubernetes v1.29.0
-	k8s.io/mount-utils v0.29.0
+	k8s.io/kubernetes v1.29.4
+	k8s.io/mount-utils v0.29.4
 	k8s.io/utils v0.0.0-20231127182322-b307cd553661
 	sigs.k8s.io/cloud-provider-azure v1.27.1-0.20240312050048-978ce44d3559
 	sigs.k8s.io/yaml v1.4.0
@@ -42,8 +42,8 @@ require (
 	github.com/onsi/ginkgo/v2 v2.16.0
 	github.com/pkg/errors v0.9.1
 	github.com/satori/go.uuid v1.2.0
-	k8s.io/apiserver v0.29.2
-	k8s.io/pod-security-admission v0.29.0
+	k8s.io/apiserver v0.29.4
+	k8s.io/pod-security-admission v0.29.4
 	sigs.k8s.io/cloud-provider-azure/pkg/azclient/configloader v0.0.0-20240218020800-ba9f211f36bf
 )
 
@@ -158,9 +158,9 @@ require (
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/apiextensions-apiserver v0.0.0 // indirect
 	k8s.io/cloud-provider v0.29.2 // indirect
-	k8s.io/component-helpers v0.29.2 // indirect
-	k8s.io/controller-manager v0.29.2 // indirect
-	k8s.io/kms v0.29.2 // indirect
+	k8s.io/component-helpers v0.29.4 // indirect
+	k8s.io/controller-manager v0.29.4 // indirect
+	k8s.io/kms v0.29.4 // indirect
 	k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
 	k8s.io/kubectl v0.0.0 // indirect
 	k8s.io/kubelet v0.29.2 // indirect
@@ -173,31 +173,31 @@ require (
 replace (
 	github.com/niemeyer/pretty => github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e
 	go.etcd.io/etcd => go.etcd.io/etcd v0.0.0-20200410171415-59f5fb25a533
-	k8s.io/api => k8s.io/api v0.29.0
-	k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.29.0
-	k8s.io/apimachinery => k8s.io/apimachinery v0.29.0
-	k8s.io/apiserver => k8s.io/apiserver v0.29.0
-	k8s.io/cli-runtime => k8s.io/cli-runtime v0.29.0
-	k8s.io/client-go => k8s.io/client-go v0.29.0
-	k8s.io/cloud-provider => k8s.io/cloud-provider v0.29.0
-	k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.29.0
-	k8s.io/code-generator => k8s.io/code-generator v0.29.0
-	k8s.io/component-base => k8s.io/component-base v0.29.0
-	k8s.io/component-helpers => k8s.io/component-helpers v0.29.0
-	k8s.io/controller-manager => k8s.io/controller-manager v0.29.0
-	k8s.io/cri-api => k8s.io/cri-api v0.29.0
-	k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.29.0
-	k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.29.0
-	k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.29.0
-	k8s.io/kube-proxy => k8s.io/kube-proxy v0.29.0
-	k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.29.0
-	k8s.io/kubectl => k8s.io/kubectl v0.29.0
-	k8s.io/kubelet => k8s.io/kubelet v0.29.0
-	k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.29.0
-	k8s.io/metrics => k8s.io/metrics v0.29.0
-	k8s.io/mount-utils => k8s.io/mount-utils v0.29.0
-	k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.29.0
-	k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.29.0
-	k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.29.0
-	k8s.io/sample-controller => k8s.io/sample-controller v0.29.0
+	k8s.io/api => k8s.io/api v0.29.4
+	k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.29.4
+	k8s.io/apimachinery => k8s.io/apimachinery v0.29.4
+	k8s.io/apiserver => k8s.io/apiserver v0.29.4
+	k8s.io/cli-runtime => k8s.io/cli-runtime v0.29.4
+	k8s.io/client-go => k8s.io/client-go v0.29.4
+	k8s.io/cloud-provider => k8s.io/cloud-provider v0.29.4
+	k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.29.4
+	k8s.io/code-generator => k8s.io/code-generator v0.29.4
+	k8s.io/component-base => k8s.io/component-base v0.29.4
+	k8s.io/component-helpers => k8s.io/component-helpers v0.29.4
+	k8s.io/controller-manager => k8s.io/controller-manager v0.29.4
+	k8s.io/cri-api => k8s.io/cri-api v0.29.4
+	k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.29.4
+	k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.29.4
+	k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.29.4
+	k8s.io/kube-proxy => k8s.io/kube-proxy v0.29.4
+	k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.29.4
+	k8s.io/kubectl => k8s.io/kubectl v0.29.4
+	k8s.io/kubelet => k8s.io/kubelet v0.29.4
+	k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.29.4
+	k8s.io/metrics => k8s.io/metrics v0.29.4
+	k8s.io/mount-utils => k8s.io/mount-utils v0.29.4
+	k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.29.4
+	k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.29.4
+	k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.29.4
+	k8s.io/sample-controller => k8s.io/sample-controller v0.29.4
 )

go.sum

@@ -422,42 +422,42 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C
 gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-k8s.io/api v0.29.0 h1:NiCdQMY1QOp1H8lfRyeEf8eOwV6+0xA6XEE44ohDX2A=
-k8s.io/api v0.29.0/go.mod h1:sdVmXoz2Bo/cb77Pxi71IPTSErEW32xa4aXwKH7gfBA=
-k8s.io/apiextensions-apiserver v0.29.0 h1:0VuspFG7Hj+SxyF/Z/2T0uFbI5gb5LRgEyUVE3Q4lV0=
-k8s.io/apiextensions-apiserver v0.29.0/go.mod h1:TKmpy3bTS0mr9pylH0nOt/QzQRrW7/h7yLdRForMZwc=
-k8s.io/apimachinery v0.29.0 h1:+ACVktwyicPz0oc6MTMLwa2Pw3ouLAfAon1wPLtG48o=
-k8s.io/apimachinery v0.29.0/go.mod h1:eVBxQ/cwiJxH58eK/jd/vAk4mrxmVlnpBH5J2GbMeis=
-k8s.io/apiserver v0.29.0 h1:Y1xEMjJkP+BIi0GSEv1BBrf1jLU9UPfAnnGGbbDdp7o=
-k8s.io/apiserver v0.29.0/go.mod h1:31n78PsRKPmfpee7/l9NYEv67u6hOL6AfcE761HapDM=
-k8s.io/client-go v0.29.0 h1:KmlDtFcrdUzOYrBhXHgKw5ycWzc3ryPX5mQe0SkG3y8=
-k8s.io/client-go v0.29.0/go.mod h1:yLkXH4HKMAywcrD82KMSmfYg2DlE8mepPR4JGSo5n38=
-k8s.io/cloud-provider v0.29.0 h1:Qgk/jHsSKGRk/ltTlN6e7eaNuuamLROOzVBd0RPp94M=
-k8s.io/cloud-provider v0.29.0/go.mod h1:gBCt7YYKFV4oUcJ/0xF9lS/9il4MxKunJ+ZKvh39WGo=
-k8s.io/component-base v0.29.0 h1:T7rjd5wvLnPBV1vC4zWd/iWRbV8Mdxs+nGaoaFzGw3s=
-k8s.io/component-base v0.29.0/go.mod h1:sADonFTQ9Zc9yFLghpDpmNXEdHyQmFIGbiuZbqAXQ1M=
-k8s.io/component-helpers v0.29.0 h1:Y8W70NGeitKxWwhsPo/vEQbQx5VqJV+3xfLpP3V1VxU=
-k8s.io/component-helpers v0.29.0/go.mod h1:j2coxVfmzTOXWSE6sta0MTgNSr572Dcx68F6DD+8fWc=
-k8s.io/controller-manager v0.29.0 h1:kEv9sKLnjDkoSqeouWp2lZ8P33an5wrDJpOMqoyD7pc=
-k8s.io/controller-manager v0.29.0/go.mod h1:UKtadWkULF5bfX7vu3hHppzY/hz88C03t70GItg/x08=
-k8s.io/csi-translation-lib v0.29.0 h1:we4X1yUlDikvm5Rv0dwMuPHNw6KwjwsQiAuOPWXha8M=
-k8s.io/csi-translation-lib v0.29.0/go.mod h1:Cp6t3CNBSm1dXS17V8IImUjkqfIB6KCj8Fs8wf6uyTA=
+k8s.io/api v0.29.4 h1:WEnF/XdxuCxdG3ayHNRR8yH3cI1B/llkWBma6bq4R3w=
+k8s.io/api v0.29.4/go.mod h1:DetSv0t4FBTcEpfA84NJV3g9a7+rSzlUHk5ADAYHUv0=
+k8s.io/apiextensions-apiserver v0.29.4 h1:M7hbuHU/ckbibR7yPbe6DyNWgTFKNmZDbdZKD8q1Smk=
+k8s.io/apiextensions-apiserver v0.29.4/go.mod h1:TTDC9fB+0kHY2rogf5hgBR03KBKCwED+GHUsXGpR7SM=
+k8s.io/apimachinery v0.29.4 h1:RaFdJiDmuKs/8cm1M6Dh1Kvyh59YQFDcFuFTSmXes6Q=
+k8s.io/apimachinery v0.29.4/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y=
+k8s.io/apiserver v0.29.4 h1:wPwGOO58GQOpRiZu59P5eRoDcB7QtV+QBglkRiXwCiM=
+k8s.io/apiserver v0.29.4/go.mod h1:VqTF9t98HVfhKZVRohCPezsdUt9u2g3bHKftxGcXoRo=
+k8s.io/client-go v0.29.4 h1:79ytIedxVfyXV8rpH3jCBW0u+un0fxHDwX5F9K8dPR8=
+k8s.io/client-go v0.29.4/go.mod h1:kC1thZQ4zQWYwldsfI088BbK6RkxK+aF5ebV8y9Q4tk=
+k8s.io/cloud-provider v0.29.4 h1:XRKl818NKQWan4UZ7fXFAkEJLJkBFq5sQROrbLbryM4=
+k8s.io/cloud-provider v0.29.4/go.mod h1:sC7wyt5z5IRoNuU9JhEuMdRnhDEz6cWAJCyMcNUH9X8=
+k8s.io/component-base v0.29.4 h1:xeKzuuHI/1tjleu5jycDAcYbhAxeGHCQBZUY2eRIkOo=
+k8s.io/component-base v0.29.4/go.mod h1:pYjt+oEZP9gtmwSikwAJgfSBikqKX2gOqRat0QjmQt0=
+k8s.io/component-helpers v0.29.4 h1:lbVFhywtv64KlaIYTKszkHaFAqwCjNn7xyRTeWorzfI=
+k8s.io/component-helpers v0.29.4/go.mod h1:rMOVMGYEju7/GKMV0USfYAYJBIQdxlMMN1VFl/Mf2so=
+k8s.io/controller-manager v0.29.4 h1:rzEwLboRTXBZhYUY02nNhORHQlcXGDE3EPS2IZRd0cg=
+k8s.io/controller-manager v0.29.4/go.mod h1:XG6oraSxieDl6XBdO2HnkA6DwEfoCKS3OCpqO4Xb0zU=
+k8s.io/csi-translation-lib v0.29.4 h1:ad0SlFsd0iB3PyXiAVVN4KxsTqgmPEHQyYGbJVQP1rA=
+k8s.io/csi-translation-lib v0.29.4/go.mod h1:xdLMENgzc213O3qba2fWYPgBv3JiPqRfjsRanu2Te64=
 k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw=
 k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
-k8s.io/kms v0.29.2 h1:MDsbp98gSlEQs7K7dqLKNNTwKFQRYYvO4UOlBOjNy6Y=
-k8s.io/kms v0.29.2/go.mod h1:s/9RC4sYRZ/6Tn6yhNjbfJuZdb8LzlXhdlBnKizeFDo=
+k8s.io/kms v0.29.4 h1:cFGEoCLwoXk/eqYZppLZxybCdmEWeRKMCbm9f13IdRQ=
+k8s.io/kms v0.29.4/go.mod h1:vWVImKkJd+1BQY4tBwdfSwjQBiLrnbNtHADcDEDQFtk=
 k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780=
 k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA=
-k8s.io/kubectl v0.29.0 h1:Oqi48gXjikDhrBF67AYuZRTcJV4lg2l42GmvsP7FmYI=
-k8s.io/kubectl v0.29.0/go.mod h1:0jMjGWIcMIQzmUaMgAzhSELv5WtHo2a8pq67DtviAJs=
-k8s.io/kubelet v0.29.0 h1:SX5hlznTBcGIrS1scaf8r8p6m3e475KMifwt9i12iOk=
-k8s.io/kubelet v0.29.0/go.mod h1:kvKS2+Bz2tgDOG1S1q0TH2z1DasNuVF+8p6Aw7xvKkI=
-k8s.io/kubernetes v1.29.0 h1:DOLN7g8+nnAYBi8JHoW0+/MCrZKDPIqAxzLCXDXd0cg=
-k8s.io/kubernetes v1.29.0/go.mod h1:9kztbUQf9stVDcIYXx+BX3nuGCsAQDsuClkGMpPs3pA=
-k8s.io/mount-utils v0.29.0 h1:KcUE0bFHONQC10V3SuLWQ6+l8nmJggw9lKLpDftIshI=
-k8s.io/mount-utils v0.29.0/go.mod h1:N3lDK/G1B8R/IkAt4NhHyqB07OqEr7P763z3TNge94U=
-k8s.io/pod-security-admission v0.29.0 h1:tY/ldtkbBCulMYVSWg6ZDLlgDYDWy6rLj8e/AgmwSj4=
-k8s.io/pod-security-admission v0.29.0/go.mod h1:bGIeKCzU0Q0Nl185NHmqcMCiOjTcqTrBfAQaeupwq0E=
+k8s.io/kubectl v0.29.4 h1:2LFrAznoDZjN8JFMSUcuhER5o+yjTLzWWbOiDzVjmd8=
+k8s.io/kubectl v0.29.4/go.mod h1:YTKRF9y1/ccqZ2bnpOWaJD8V7johKqZR/qOMq+0pfxU=
+k8s.io/kubelet v0.29.4 h1:6fTt4sTd5xqTtIhVoS7PkiFUBevQsyu3ZmENVvwY62M=
+k8s.io/kubelet v0.29.4/go.mod h1:lAu6Z17pxKwgM+9hsgGkqFjYTOhbc0dnZ6GNnlbjYW0=
+k8s.io/kubernetes v1.29.4 h1:n4VCbX9cUhxHI+zw+m2iZlzT73/mrEJBHIMeauh9g4U=
+k8s.io/kubernetes v1.29.4/go.mod h1:28sDhcb87LX5z3GWAKYmLrhrifxi4W9bEWua4DRTIvk=
+k8s.io/mount-utils v0.29.4 h1:tW/URea4gtXlaVW7VObr52NQhS+z3SXTg1GUaFZjRL4=
+k8s.io/mount-utils v0.29.4/go.mod h1:SHUMR9n3b6tLgEmlyT36cL6fV6Sjwa5CJhc0guCXvb0=
+k8s.io/pod-security-admission v0.29.4 h1:XatfG2zbye9SRaHQhE7EdiIu462ak3TctnkvdrUVk7I=
+k8s.io/pod-security-admission v0.29.4/go.mod h1:PNErt3eRnzVx2zxIdYmgk7vBos5Qm4c8U5QXKvXFfxQ=
 k8s.io/utils v0.0.0-20231127182322-b307cd553661 h1:FepOBzJ0GXm8t0su67ln2wAZjbQ6RxQGZDnzuLcrUTI=
 k8s.io/utils v0.0.0-20231127182322-b307cd553661/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
 sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0 h1:TgtAeesdhpm2SGwkQasmbeqDo8th5wOBA5h/AjTKA4I=