Skip to content

Commit 132f2a6

Browse files
andyzhangxandyzhangx
authored
Merge pull request #1502 from andyzhangx/CVE-2024-5321-1.22
[release-1.22] fix: CVE-2024-5321
2 parents 9d79bf5 + a7621b0 commit 132f2a6

File tree

45 files changed

+470
-294
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

45 files changed

+470
-294
lines changed

go.mod

+42-42
Original file line numberDiff line numberDiff line change
@@ -23,13 +23,13 @@ require (
2323
golang.org/x/net v0.27.0
2424
google.golang.org/grpc v1.65.0
2525
google.golang.org/protobuf v1.34.2
26-
k8s.io/api v0.28.3
27-
k8s.io/apimachinery v0.28.3
28-
k8s.io/client-go v0.28.3
29-
k8s.io/component-base v0.28.3
26+
k8s.io/api v0.28.12
27+
k8s.io/apimachinery v0.28.12
28+
k8s.io/client-go v0.28.12
29+
k8s.io/component-base v0.28.12
3030
k8s.io/klog/v2 v2.100.1
31-
k8s.io/kubernetes v1.28.4
32-
k8s.io/mount-utils v0.28.3
31+
k8s.io/kubernetes v1.28.12
32+
k8s.io/mount-utils v0.28.12
3333
k8s.io/utils v0.0.0-20230505201702-9f6742963106
3434
sigs.k8s.io/cloud-provider-azure v1.27.1-0.20230907063607-e9994a5f9c7a
3535
sigs.k8s.io/yaml v1.3.0
@@ -51,8 +51,8 @@ require (
5151
github.com/onsi/ginkgo/v2 v2.13.0
5252
github.com/pkg/errors v0.9.1
5353
github.com/satori/go.uuid v1.2.0
54-
k8s.io/apiserver v0.28.3
55-
k8s.io/pod-security-admission v0.28.3
54+
k8s.io/apiserver v0.28.12
55+
k8s.io/pod-security-admission v0.28.12
5656
)
5757

5858
require (
@@ -148,13 +148,13 @@ require (
148148
gopkg.in/yaml.v2 v2.4.0 // indirect
149149
gopkg.in/yaml.v3 v3.0.1 // indirect
150150
k8s.io/apiextensions-apiserver v0.0.0 // indirect
151-
k8s.io/cloud-provider v0.28.3 // indirect
152-
k8s.io/component-helpers v0.28.3 // indirect
153-
k8s.io/controller-manager v0.28.3 // indirect
154-
k8s.io/kms v0.28.3 // indirect
151+
k8s.io/cloud-provider v0.28.12 // indirect
152+
k8s.io/component-helpers v0.28.12 // indirect
153+
k8s.io/controller-manager v0.28.12 // indirect
154+
k8s.io/kms v0.28.12 // indirect
155155
k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect
156156
k8s.io/kubectl v0.0.0 // indirect
157-
k8s.io/kubelet v0.28.3 // indirect
157+
k8s.io/kubelet v0.28.12 // indirect
158158
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.2 // indirect
159159
sigs.k8s.io/cloud-provider-azure/pkg/azclient v0.0.0-20231101022055-5e1cc4addf97
160160
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
@@ -167,33 +167,33 @@ require (
167167
)
168168

169169
replace (
170-
k8s.io/api => k8s.io/api v0.28.3
171-
k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.28.3
172-
k8s.io/apimachinery => k8s.io/apimachinery v0.28.3
173-
k8s.io/apiserver => k8s.io/apiserver v0.28.3
174-
k8s.io/cli-runtime => k8s.io/cli-runtime v0.28.3
175-
k8s.io/client-go => k8s.io/client-go v0.28.3
176-
k8s.io/cloud-provider => k8s.io/cloud-provider v0.28.3
177-
k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.28.3
178-
k8s.io/code-generator => k8s.io/code-generator v0.28.3
179-
k8s.io/component-base => k8s.io/component-base v0.28.3
180-
k8s.io/component-helpers => k8s.io/component-helpers v0.28.3
181-
k8s.io/controller-manager => k8s.io/controller-manager v0.28.3
182-
k8s.io/cri-api => k8s.io/cri-api v0.28.3
183-
k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.28.3
184-
k8s.io/dynamic-resource-allocation => k8s.io/dynamic-resource-allocation v0.28.3
185-
k8s.io/endpointslice => k8s.io/endpointslice v0.28.3
186-
k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.28.3
187-
k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.28.3
188-
k8s.io/kube-proxy => k8s.io/kube-proxy v0.28.3
189-
k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.28.3
190-
k8s.io/kubectl => k8s.io/kubectl v0.28.3
191-
k8s.io/kubelet => k8s.io/kubelet v0.28.3
192-
k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.28.3
193-
k8s.io/metrics => k8s.io/metrics v0.28.3
194-
k8s.io/mount-utils => k8s.io/mount-utils v0.28.3
195-
k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.28.3
196-
k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.28.3
197-
k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.28.3
198-
k8s.io/sample-controller => k8s.io/sample-controller v0.28.3
170+
k8s.io/api => k8s.io/api v0.28.12
171+
k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.28.12
172+
k8s.io/apimachinery => k8s.io/apimachinery v0.28.12
173+
k8s.io/apiserver => k8s.io/apiserver v0.28.12
174+
k8s.io/cli-runtime => k8s.io/cli-runtime v0.28.12
175+
k8s.io/client-go => k8s.io/client-go v0.28.12
176+
k8s.io/cloud-provider => k8s.io/cloud-provider v0.28.12
177+
k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.28.12
178+
k8s.io/code-generator => k8s.io/code-generator v0.28.12
179+
k8s.io/component-base => k8s.io/component-base v0.28.12
180+
k8s.io/component-helpers => k8s.io/component-helpers v0.28.12
181+
k8s.io/controller-manager => k8s.io/controller-manager v0.28.12
182+
k8s.io/cri-api => k8s.io/cri-api v0.28.12
183+
k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.28.12
184+
k8s.io/dynamic-resource-allocation => k8s.io/dynamic-resource-allocation v0.28.12
185+
k8s.io/endpointslice => k8s.io/endpointslice v0.28.12
186+
k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.28.12
187+
k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.28.12
188+
k8s.io/kube-proxy => k8s.io/kube-proxy v0.28.12
189+
k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.28.12
190+
k8s.io/kubectl => k8s.io/kubectl v0.28.12
191+
k8s.io/kubelet => k8s.io/kubelet v0.28.12
192+
k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.28.12
193+
k8s.io/metrics => k8s.io/metrics v0.28.12
194+
k8s.io/mount-utils => k8s.io/mount-utils v0.28.12
195+
k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.28.12
196+
k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.28.12
197+
k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.28.12
198+
k8s.io/sample-controller => k8s.io/sample-controller v0.28.12
199199
)

go.sum

+32-32
Original file line numberDiff line numberDiff line change
@@ -421,42 +421,42 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C
421421
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
422422
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
423423
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
424-
k8s.io/api v0.28.3 h1:Gj1HtbSdB4P08C8rs9AR94MfSGpRhJgsS+GF9V26xMM=
425-
k8s.io/api v0.28.3/go.mod h1:MRCV/jr1dW87/qJnZ57U5Pak65LGmQVkKTzf3AtKFHc=
426-
k8s.io/apiextensions-apiserver v0.28.3 h1:Od7DEnhXHnHPZG+W9I97/fSQkVpVPQx2diy+2EtmY08=
427-
k8s.io/apiextensions-apiserver v0.28.3/go.mod h1:NE1XJZ4On0hS11aWWJUTNkmVB03j9LM7gJSisbRt8Lc=
428-
k8s.io/apimachinery v0.28.3 h1:B1wYx8txOaCQG0HmYF6nbpU8dg6HvA06x5tEffvOe7A=
429-
k8s.io/apimachinery v0.28.3/go.mod h1:uQTKmIqs+rAYaq+DFaoD2X7pcjLOqbQX2AOiO0nIpb8=
430-
k8s.io/apiserver v0.28.3 h1:8Ov47O1cMyeDzTXz0rwcfIIGAP/dP7L8rWbEljRcg5w=
431-
k8s.io/apiserver v0.28.3/go.mod h1:YIpM+9wngNAv8Ctt0rHG4vQuX/I5rvkEMtZtsxW2rNM=
432-
k8s.io/client-go v0.28.3 h1:2OqNb72ZuTZPKCl+4gTKvqao0AMOl9f3o2ijbAj3LI4=
433-
k8s.io/client-go v0.28.3/go.mod h1:LTykbBp9gsA7SwqirlCXBWtK0guzfhpoW4qSm7i9dxo=
434-
k8s.io/cloud-provider v0.28.3 h1:9u+JjA3zIn0nqLOOa8tWnprFkffguSAhfBvo8p7LhBQ=
435-
k8s.io/cloud-provider v0.28.3/go.mod h1:shAJxdrKu+SwwGUhkodxByPjaH8KBFZqXo6jU1F0ehI=
436-
k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI=
437-
k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8=
438-
k8s.io/component-helpers v0.28.3 h1:te9ieTGzcztVktUs92X53P6BamAoP73MK0qQP0WmDqc=
439-
k8s.io/component-helpers v0.28.3/go.mod h1:oJR7I9ist5UAQ3y/CTdbw6CXxdMZ1Lw2Ua/EZEwnVLs=
440-
k8s.io/controller-manager v0.28.3 h1:2s0wBvrGuRwMYEnl5Ed+qkK1kAfZR6H+0Ut1R2tHLRg=
441-
k8s.io/controller-manager v0.28.3/go.mod h1:lYu5hxBVmfK5NrpmeVrioPH4ROnE4OxmUM3xx6JWlLs=
442-
k8s.io/csi-translation-lib v0.28.3 h1:7deV+HZjV418AGikSDPW8dyzTpm4K3tNbQUp3KmR7cs=
443-
k8s.io/csi-translation-lib v0.28.3/go.mod h1:zlrYwakCz2yji9/8EaJk+afIKPrYXPNXXLDO8DVuuTk=
424+
k8s.io/api v0.28.12 h1:C2hpsaso18pqn0Dmkfnbv/YCctozTC3KGGuZ6bF7zhQ=
425+
k8s.io/api v0.28.12/go.mod h1:qjswI+whxvf9LAKD4sEYHfy+WgHGWeH+H5sCRQMwZAQ=
426+
k8s.io/apiextensions-apiserver v0.28.12 h1:6GA64rylk5q0mbXfHHFVgfL1jx/4p6RU+Y+ni2DUuZc=
427+
k8s.io/apiextensions-apiserver v0.28.12/go.mod h1:Len29ySvb/fnrXvioTxg2l6iFi97B53Bm3/jBMBllCE=
428+
k8s.io/apimachinery v0.28.12 h1:VepMEVOi9o7L/4wMAXJq+3BK9tqBIeerTB+HSOTKeo0=
429+
k8s.io/apimachinery v0.28.12/go.mod h1:zUG757HaKs6Dc3iGtKjzIpBfqTM4yiRsEe3/E7NX15o=
430+
k8s.io/apiserver v0.28.12 h1:fvZItMw20ySP/QAU5//Ov1pJFyvrr8abeUsh3ZyF8FI=
431+
k8s.io/apiserver v0.28.12/go.mod h1:46S3UWu620UhP5skPJ+WQWC3iWCrl1AiYJPyHxVueE4=
432+
k8s.io/client-go v0.28.12 h1:li7iRPRQF3vDki6gTxT/kXWJvw3BkJSdjVPVhDTZQec=
433+
k8s.io/client-go v0.28.12/go.mod h1:yEzH2Z+nEGlrnKyHJWcJsbOr5tGdIj04dj1TVQOg0wE=
434+
k8s.io/cloud-provider v0.28.12 h1:AJd4BgDjagX6WSm5fMRA/V0rH9rteIkx7j6Jg2z9yNQ=
435+
k8s.io/cloud-provider v0.28.12/go.mod h1:SFM1GGNoLGXROMWyuU+ovUzqVUmUk0Y8Y7O4yYnhf/M=
436+
k8s.io/component-base v0.28.12 h1:ZNq6QFFGCPjaAzWqYHaQRoAY5seoK3vP0pZOjgxOzNc=
437+
k8s.io/component-base v0.28.12/go.mod h1:8zI5TmGuHX6R5Lay61Ox7wb+dsEENl0NBmVSiHMQu1c=
438+
k8s.io/component-helpers v0.28.12 h1:tHF4FcM/CxviA684futgMXhQeC2NOFPvHVKseixc7Cs=
439+
k8s.io/component-helpers v0.28.12/go.mod h1:VbQ5E9qnr8alyAS3b3pqXKvkEOJKoj6z6PA8S+6Wlws=
440+
k8s.io/controller-manager v0.28.12 h1:A/A14ErMuTuBW8myUCSfDr2QG5qS90ZV2DohyueAN8A=
441+
k8s.io/controller-manager v0.28.12/go.mod h1:SEIMkdUzB4saf4sdTU2wzST6PU9zHGsTDwhoM/pVoko=
442+
k8s.io/csi-translation-lib v0.28.12 h1:lrWqfa3AiOg3EIw/q0xPWg1ZqQyDfD1rGe5J4QFx+hA=
443+
k8s.io/csi-translation-lib v0.28.12/go.mod h1:SXEFryzUH27XNbiI46Qz5IhfG68Pyiah8/zGrnKNrn8=
444444
k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg=
445445
k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
446-
k8s.io/kms v0.28.3 h1:jYwwAe96XELNjYWv1G4kNzizcFoZ50OOElvPansbw70=
447-
k8s.io/kms v0.28.3/go.mod h1:kSMjU2tg7vjqqoWVVCcmPmNZ/CofPsoTbSxAipCvZuE=
446+
k8s.io/kms v0.28.12 h1:YEcJWelR7ChLI7le/slHpeIkx7v6MoPkITo3JyL8s1M=
447+
k8s.io/kms v0.28.12/go.mod h1:EZtSJo9PoqEe/aB/X5sXPRl5LHukSuXlDrDnY76lJjY=
448448
k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ=
449449
k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM=
450-
k8s.io/kubectl v0.28.3 h1:H1Peu1O3EbN9zHkJCcvhiJ4NUj6lb88sGPO5wrWIM6k=
451-
k8s.io/kubectl v0.28.3/go.mod h1:RDAudrth/2wQ3Sg46fbKKl4/g+XImzvbsSRZdP2RiyE=
452-
k8s.io/kubelet v0.28.3 h1:bp/uIf1R5F61BlFvFtzc4PDEiK7TtFcw3wFJlc0V0LM=
453-
k8s.io/kubelet v0.28.3/go.mod h1:E3NHYbp/v45Ao6AD0EOZnqO3L0R6Haks6Nm0+bnFwtU=
454-
k8s.io/kubernetes v1.28.4 h1:aRNxs5jb8FVTtlnxeA4FSDBVKuFwA8Gw40/U2zReBYA=
455-
k8s.io/kubernetes v1.28.4/go.mod h1:BTzDCKYAlu6LL9ITbfjwgwIrJ30hlTgbv0eXDoA/WoA=
456-
k8s.io/mount-utils v0.28.3 h1:1p6Dk2QhoK0IYOee2MOec/90a7fC0yUqlWPfQy/4JFE=
457-
k8s.io/mount-utils v0.28.3/go.mod h1:ceMAZ+Nzlk8zOwN205YXXGJRGmf1o0/XIwsKnG44p0I=
458-
k8s.io/pod-security-admission v0.28.3 h1:CtVVG36YwniCH4d18wAoFW6n0Qm5Z1uUVfDIiO4kY0I=
459-
k8s.io/pod-security-admission v0.28.3/go.mod h1:qm+gZ8FdnxBgVVTZfSjlK/oeBosmvECBdl92RWuWxhI=
450+
k8s.io/kubectl v0.28.12 h1:CyGVOUO83jYxwLI5XtBFNoerAQj47fnEDrCPKWxlAi8=
451+
k8s.io/kubectl v0.28.12/go.mod h1:KzG7ROxXnUqfS6S+xJIIbd6WMpFYNByyxqNkIhxS6Qs=
452+
k8s.io/kubelet v0.28.12 h1:ACRS1b6XxIxAJoOJ95bsy0qm0DoxD6h/Dwi4U6Pot74=
453+
k8s.io/kubelet v0.28.12/go.mod h1:DYlF/KqAA4WoiBElCjeDKGv2K37FLTUmTWyxMDv9s8A=
454+
k8s.io/kubernetes v1.28.12 h1:DtWB8ZjoYiN/PXD4qDXFppf9IouVUavn6r3S+3NMUkU=
455+
k8s.io/kubernetes v1.28.12/go.mod h1:chlmcCDBnOA/y+572cw8dO0Rci1wiA8bm5+zhPdFLCk=
456+
k8s.io/mount-utils v0.28.12 h1:AUHMf700dF+Oes67uVTPU60Z4mtqtyIRNEJl08fWiQU=
457+
k8s.io/mount-utils v0.28.12/go.mod h1:ZxAFXgKzcAyi3VTd2pKFlZFswl9Q/cveJ5aptdjQOuc=
458+
k8s.io/pod-security-admission v0.28.12 h1:v6kTu1bYj95uAUyuAbkGbRpw4iN+kRL3jTxIXJzofrk=
459+
k8s.io/pod-security-admission v0.28.12/go.mod h1:CZq1eSToAggIIojQ7GEa77TEJMH5g7B5R22rI9KlfAU=
460460
k8s.io/utils v0.0.0-20230505201702-9f6742963106 h1:EObNQ3TW2D+WptiYXlApGNLVy0zm/JIBVY9i+M4wpAU=
461461
k8s.io/utils v0.0.0-20230505201702-9f6742963106/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
462462
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.2 h1:trsWhjU5jZrx6UvFu4WzQDrN7Pga4a7Qg+zcfcj64PA=

vendor/k8s.io/apiserver/pkg/admission/plugin/cel/composition.go

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/k8s.io/apiserver/pkg/endpoints/discovery/aggregated/handler.go

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/k8s.io/apiserver/pkg/features/kube_features.go

+17
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/k8s.io/apiserver/pkg/server/config.go

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)