Patch Metrics-Server to fix CVE-2023-42821 (#2426)

* Bump gomarkdown to fix CVE-2023-37264

* update CVE number

* Update checksums

projects/kubernetes-sigs/metrics-server/1-23/CHECKSUMS

@@ -1,2 +1,2 @@
-df99af4ae94da25b4ee08679ef676985b59f99a2a9a3cbf908deeff068d67e04  _output/1-23/bin/metrics-server/linux-amd64/metrics-server
-5f51045cbb1d34f84d556ee4cb94bd9c4cb2bc14a88f1d07693bf30a235cc599  _output/1-23/bin/metrics-server/linux-arm64/metrics-server
+7e75640f191a21245cda00586ce37fe42e87b1263c93f3b51dbfc0fdf7b3beff  _output/1-23/bin/metrics-server/linux-amd64/metrics-server
+eb0f54bd5c15ba29e64b2b9345059db6c41a3d2477f7a691e9da79532feb3ccb  _output/1-23/bin/metrics-server/linux-arm64/metrics-server

projects/kubernetes-sigs/metrics-server/1-23/patches/0001-Bump-Markdown-to-patch-version-to-fix-CVE-2023-42821.patch

@@ -0,0 +1,42 @@
+From 167679500c2abb5b1d7249e4f821f692c94d1199 Mon Sep 17 00:00:00 2001
+From: Sajia Zafreen <sajiazafreen@u.boisestate.edu>
+Date: Wed, 11 Oct 2023 13:07:37 -0700
+Subject: [PATCH] Bump Markdown to patch version to fix CVE-2023-42821
+
+Signed-off-by: Sajia Zafreen <sajiazafreen@u.boisestate.edu>
+---
+ go.mod | 2 +-
+ go.sum | 3 ++-
+ 2 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/go.mod b/go.mod
+index daebc1b..57e7437 100644
+--- a/go.mod
++++ b/go.mod
+@@ -49,7 +49,7 @@ require (
+ 	github.com/gogo/protobuf v1.3.2 // indirect
+ 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+ 	github.com/golang/protobuf v1.5.2 // indirect
+-	github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7 // indirect
++	github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee // indirect
+ 	github.com/google/gofuzz v1.2.0 // indirect
+ 	github.com/google/uuid v1.3.0 // indirect
+ 	github.com/googleapis/gnostic v0.5.5 // indirect
+diff --git a/go.sum b/go.sum
+index b0dfccd..a171f07 100644
+--- a/go.sum
++++ b/go.sum
+@@ -183,8 +183,9 @@ github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw
+ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+ github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+ github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
+-github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7 h1:oKYOfNR7Hp6XpZ4JqolL5u642Js5Z0n7psPVl+S5heo=
+ github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7/go.mod h1:aii0r/K0ZnHv7G0KF7xy1v0A7s2Ljrb5byB7MO5p6TU=
++github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee h1:gvsnG+uIVkOue7HrYAG2ZnOdLoJTqsLyuBFJaU0kX4M=
++github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA=
+ github.com/gonum/blas v0.0.0-20181208220705-f22b278b28ac/go.mod h1:P32wAyui1PQ58Oce/KYkOqQv8cVw1zAapXOl+dRFGbc=
+ github.com/gonum/floats v0.0.0-20181209220543-c233463c7e82/go.mod h1:PxC8OnwL11+aosOB5+iEPoV3picfs8tUpkVd0pDo+Kg=
+ github.com/gonum/internal v0.0.0-20181124074243-f884aa714029/go.mod h1:Pu4dmpkhSyOzRwuXkOgAvijx4o+4YMUJJo9OvPYMkks=
+-- 
+2.39.1
+

projects/kubernetes-sigs/metrics-server/1-24/CHECKSUMS

@@ -1,2 +1,2 @@
-df99af4ae94da25b4ee08679ef676985b59f99a2a9a3cbf908deeff068d67e04  _output/1-24/bin/metrics-server/linux-amd64/metrics-server
-5f51045cbb1d34f84d556ee4cb94bd9c4cb2bc14a88f1d07693bf30a235cc599  _output/1-24/bin/metrics-server/linux-arm64/metrics-server
+7e75640f191a21245cda00586ce37fe42e87b1263c93f3b51dbfc0fdf7b3beff  _output/1-24/bin/metrics-server/linux-amd64/metrics-server
+eb0f54bd5c15ba29e64b2b9345059db6c41a3d2477f7a691e9da79532feb3ccb  _output/1-24/bin/metrics-server/linux-arm64/metrics-server

projects/kubernetes-sigs/metrics-server/1-24/patches/0001-Bump-Markdown-to-patch-version-to-fix-CVE-2023-42821.patch

@@ -0,0 +1,42 @@
+From 167679500c2abb5b1d7249e4f821f692c94d1199 Mon Sep 17 00:00:00 2001
+From: Sajia Zafreen <sajiazafreen@u.boisestate.edu>
+Date: Wed, 11 Oct 2023 13:07:37 -0700
+Subject: [PATCH] Bump Markdown to patch version to fix CVE-2023-42821
+
+Signed-off-by: Sajia Zafreen <sajiazafreen@u.boisestate.edu>
+---
+ go.mod | 2 +-
+ go.sum | 3 ++-
+ 2 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/go.mod b/go.mod
+index daebc1b..57e7437 100644
+--- a/go.mod
++++ b/go.mod
+@@ -49,7 +49,7 @@ require (
+ 	github.com/gogo/protobuf v1.3.2 // indirect
+ 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+ 	github.com/golang/protobuf v1.5.2 // indirect
+-	github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7 // indirect
++	github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee // indirect
+ 	github.com/google/gofuzz v1.2.0 // indirect
+ 	github.com/google/uuid v1.3.0 // indirect
+ 	github.com/googleapis/gnostic v0.5.5 // indirect
+diff --git a/go.sum b/go.sum
+index b0dfccd..a171f07 100644
+--- a/go.sum
++++ b/go.sum
+@@ -183,8 +183,9 @@ github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw
+ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+ github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+ github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
+-github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7 h1:oKYOfNR7Hp6XpZ4JqolL5u642Js5Z0n7psPVl+S5heo=
+ github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7/go.mod h1:aii0r/K0ZnHv7G0KF7xy1v0A7s2Ljrb5byB7MO5p6TU=
++github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee h1:gvsnG+uIVkOue7HrYAG2ZnOdLoJTqsLyuBFJaU0kX4M=
++github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA=
+ github.com/gonum/blas v0.0.0-20181208220705-f22b278b28ac/go.mod h1:P32wAyui1PQ58Oce/KYkOqQv8cVw1zAapXOl+dRFGbc=
+ github.com/gonum/floats v0.0.0-20181209220543-c233463c7e82/go.mod h1:PxC8OnwL11+aosOB5+iEPoV3picfs8tUpkVd0pDo+Kg=
+ github.com/gonum/internal v0.0.0-20181124074243-f884aa714029/go.mod h1:Pu4dmpkhSyOzRwuXkOgAvijx4o+4YMUJJo9OvPYMkks=
+-- 
+2.39.1
+

projects/kubernetes-sigs/metrics-server/1-25/CHECKSUMS

@@ -1,2 +1,2 @@
-df99af4ae94da25b4ee08679ef676985b59f99a2a9a3cbf908deeff068d67e04  _output/1-25/bin/metrics-server/linux-amd64/metrics-server
-5f51045cbb1d34f84d556ee4cb94bd9c4cb2bc14a88f1d07693bf30a235cc599  _output/1-25/bin/metrics-server/linux-arm64/metrics-server
+7e75640f191a21245cda00586ce37fe42e87b1263c93f3b51dbfc0fdf7b3beff  _output/1-25/bin/metrics-server/linux-amd64/metrics-server
+eb0f54bd5c15ba29e64b2b9345059db6c41a3d2477f7a691e9da79532feb3ccb  _output/1-25/bin/metrics-server/linux-arm64/metrics-server

projects/kubernetes-sigs/metrics-server/1-25/patches/0001-Bump-Markdown-to-patch-version-to-fix-CVE-2023-42821.patch

@@ -0,0 +1,42 @@
+From 167679500c2abb5b1d7249e4f821f692c94d1199 Mon Sep 17 00:00:00 2001
+From: Sajia Zafreen <sajiazafreen@u.boisestate.edu>
+Date: Wed, 11 Oct 2023 13:07:37 -0700
+Subject: [PATCH] Bump Markdown to patch version to fix CVE-2023-42821
+
+Signed-off-by: Sajia Zafreen <sajiazafreen@u.boisestate.edu>
+---
+ go.mod | 2 +-
+ go.sum | 3 ++-
+ 2 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/go.mod b/go.mod
+index daebc1b..57e7437 100644
+--- a/go.mod
++++ b/go.mod
+@@ -49,7 +49,7 @@ require (
+ 	github.com/gogo/protobuf v1.3.2 // indirect
+ 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+ 	github.com/golang/protobuf v1.5.2 // indirect
+-	github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7 // indirect
++	github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee // indirect
+ 	github.com/google/gofuzz v1.2.0 // indirect
+ 	github.com/google/uuid v1.3.0 // indirect
+ 	github.com/googleapis/gnostic v0.5.5 // indirect
+diff --git a/go.sum b/go.sum
+index b0dfccd..a171f07 100644
+--- a/go.sum
++++ b/go.sum
+@@ -183,8 +183,9 @@ github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw
+ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+ github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+ github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
+-github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7 h1:oKYOfNR7Hp6XpZ4JqolL5u642Js5Z0n7psPVl+S5heo=
+ github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7/go.mod h1:aii0r/K0ZnHv7G0KF7xy1v0A7s2Ljrb5byB7MO5p6TU=
++github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee h1:gvsnG+uIVkOue7HrYAG2ZnOdLoJTqsLyuBFJaU0kX4M=
++github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA=
+ github.com/gonum/blas v0.0.0-20181208220705-f22b278b28ac/go.mod h1:P32wAyui1PQ58Oce/KYkOqQv8cVw1zAapXOl+dRFGbc=
+ github.com/gonum/floats v0.0.0-20181209220543-c233463c7e82/go.mod h1:PxC8OnwL11+aosOB5+iEPoV3picfs8tUpkVd0pDo+Kg=
+ github.com/gonum/internal v0.0.0-20181124074243-f884aa714029/go.mod h1:Pu4dmpkhSyOzRwuXkOgAvijx4o+4YMUJJo9OvPYMkks=
+-- 
+2.39.1
+

projects/kubernetes-sigs/metrics-server/1-26/CHECKSUMS

@@ -1,2 +1,2 @@
-df99af4ae94da25b4ee08679ef676985b59f99a2a9a3cbf908deeff068d67e04  _output/1-26/bin/metrics-server/linux-amd64/metrics-server
-5f51045cbb1d34f84d556ee4cb94bd9c4cb2bc14a88f1d07693bf30a235cc599  _output/1-26/bin/metrics-server/linux-arm64/metrics-server
+7e75640f191a21245cda00586ce37fe42e87b1263c93f3b51dbfc0fdf7b3beff  _output/1-26/bin/metrics-server/linux-amd64/metrics-server
+eb0f54bd5c15ba29e64b2b9345059db6c41a3d2477f7a691e9da79532feb3ccb  _output/1-26/bin/metrics-server/linux-arm64/metrics-server

projects/kubernetes-sigs/metrics-server/1-26/patches/0001-Bump-Markdown-to-patch-version-to-fix-CVE-2023-42821.patch

@@ -0,0 +1,42 @@
+From 167679500c2abb5b1d7249e4f821f692c94d1199 Mon Sep 17 00:00:00 2001
+From: Sajia Zafreen <sajiazafreen@u.boisestate.edu>
+Date: Wed, 11 Oct 2023 13:07:37 -0700
+Subject: [PATCH] Bump Markdown to patch version to fix CVE-2023-42821
+
+Signed-off-by: Sajia Zafreen <sajiazafreen@u.boisestate.edu>
+---
+ go.mod | 2 +-
+ go.sum | 3 ++-
+ 2 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/go.mod b/go.mod
+index daebc1b..57e7437 100644
+--- a/go.mod
++++ b/go.mod
+@@ -49,7 +49,7 @@ require (
+ 	github.com/gogo/protobuf v1.3.2 // indirect
+ 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+ 	github.com/golang/protobuf v1.5.2 // indirect
+-	github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7 // indirect
++	github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee // indirect
+ 	github.com/google/gofuzz v1.2.0 // indirect
+ 	github.com/google/uuid v1.3.0 // indirect
+ 	github.com/googleapis/gnostic v0.5.5 // indirect
+diff --git a/go.sum b/go.sum
+index b0dfccd..a171f07 100644
+--- a/go.sum
++++ b/go.sum
+@@ -183,8 +183,9 @@ github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw
+ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+ github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+ github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
+-github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7 h1:oKYOfNR7Hp6XpZ4JqolL5u642Js5Z0n7psPVl+S5heo=
+ github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7/go.mod h1:aii0r/K0ZnHv7G0KF7xy1v0A7s2Ljrb5byB7MO5p6TU=
++github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee h1:gvsnG+uIVkOue7HrYAG2ZnOdLoJTqsLyuBFJaU0kX4M=
++github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA=
+ github.com/gonum/blas v0.0.0-20181208220705-f22b278b28ac/go.mod h1:P32wAyui1PQ58Oce/KYkOqQv8cVw1zAapXOl+dRFGbc=
+ github.com/gonum/floats v0.0.0-20181209220543-c233463c7e82/go.mod h1:PxC8OnwL11+aosOB5+iEPoV3picfs8tUpkVd0pDo+Kg=
+ github.com/gonum/internal v0.0.0-20181124074243-f884aa714029/go.mod h1:Pu4dmpkhSyOzRwuXkOgAvijx4o+4YMUJJo9OvPYMkks=
+-- 
+2.39.1
+

projects/kubernetes-sigs/metrics-server/1-27/CHECKSUMS

@@ -1,2 +1,2 @@
-df99af4ae94da25b4ee08679ef676985b59f99a2a9a3cbf908deeff068d67e04  _output/1-27/bin/metrics-server/linux-amd64/metrics-server
-5f51045cbb1d34f84d556ee4cb94bd9c4cb2bc14a88f1d07693bf30a235cc599  _output/1-27/bin/metrics-server/linux-arm64/metrics-server
+7e75640f191a21245cda00586ce37fe42e87b1263c93f3b51dbfc0fdf7b3beff  _output/1-27/bin/metrics-server/linux-amd64/metrics-server
+eb0f54bd5c15ba29e64b2b9345059db6c41a3d2477f7a691e9da79532feb3ccb  _output/1-27/bin/metrics-server/linux-arm64/metrics-server

projects/kubernetes-sigs/metrics-server/1-27/patches/0001-Bump-Markdown-to-patch-version-to-fix-CVE-2023-42821.patch

@@ -0,0 +1,42 @@
+From 167679500c2abb5b1d7249e4f821f692c94d1199 Mon Sep 17 00:00:00 2001
+From: Sajia Zafreen <sajiazafreen@u.boisestate.edu>
+Date: Wed, 11 Oct 2023 13:07:37 -0700
+Subject: [PATCH] Bump Markdown to patch version to fix CVE-2023-42821
+
+Signed-off-by: Sajia Zafreen <sajiazafreen@u.boisestate.edu>
+---
+ go.mod | 2 +-
+ go.sum | 3 ++-
+ 2 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/go.mod b/go.mod
+index daebc1b..57e7437 100644
+--- a/go.mod
++++ b/go.mod
+@@ -49,7 +49,7 @@ require (
+ 	github.com/gogo/protobuf v1.3.2 // indirect
+ 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+ 	github.com/golang/protobuf v1.5.2 // indirect
+-	github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7 // indirect
++	github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee // indirect
+ 	github.com/google/gofuzz v1.2.0 // indirect
+ 	github.com/google/uuid v1.3.0 // indirect
+ 	github.com/googleapis/gnostic v0.5.5 // indirect
+diff --git a/go.sum b/go.sum
+index b0dfccd..a171f07 100644
+--- a/go.sum
++++ b/go.sum
+@@ -183,8 +183,9 @@ github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw
+ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+ github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+ github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
+-github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7 h1:oKYOfNR7Hp6XpZ4JqolL5u642Js5Z0n7psPVl+S5heo=
+ github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7/go.mod h1:aii0r/K0ZnHv7G0KF7xy1v0A7s2Ljrb5byB7MO5p6TU=
++github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee h1:gvsnG+uIVkOue7HrYAG2ZnOdLoJTqsLyuBFJaU0kX4M=
++github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA=
+ github.com/gonum/blas v0.0.0-20181208220705-f22b278b28ac/go.mod h1:P32wAyui1PQ58Oce/KYkOqQv8cVw1zAapXOl+dRFGbc=
+ github.com/gonum/floats v0.0.0-20181209220543-c233463c7e82/go.mod h1:PxC8OnwL11+aosOB5+iEPoV3picfs8tUpkVd0pDo+Kg=
+ github.com/gonum/internal v0.0.0-20181124074243-f884aa714029/go.mod h1:Pu4dmpkhSyOzRwuXkOgAvijx4o+4YMUJJo9OvPYMkks=
+-- 
+2.39.1
+

projects/kubernetes-sigs/metrics-server/1-28/CHECKSUMS

@@ -1,2 +1,2 @@
-df99af4ae94da25b4ee08679ef676985b59f99a2a9a3cbf908deeff068d67e04  _output/1-28/bin/metrics-server/linux-amd64/metrics-server
-5f51045cbb1d34f84d556ee4cb94bd9c4cb2bc14a88f1d07693bf30a235cc599  _output/1-28/bin/metrics-server/linux-arm64/metrics-server
+7e75640f191a21245cda00586ce37fe42e87b1263c93f3b51dbfc0fdf7b3beff  _output/1-28/bin/metrics-server/linux-amd64/metrics-server
+eb0f54bd5c15ba29e64b2b9345059db6c41a3d2477f7a691e9da79532feb3ccb  _output/1-28/bin/metrics-server/linux-arm64/metrics-server

projects/kubernetes-sigs/metrics-server/1-28/patches/0001-Bump-Markdown-to-patch-version-to-fix-CVE-2023-42821.patch

@@ -0,0 +1,42 @@
+From 167679500c2abb5b1d7249e4f821f692c94d1199 Mon Sep 17 00:00:00 2001
+From: Sajia Zafreen <sajiazafreen@u.boisestate.edu>
+Date: Wed, 11 Oct 2023 13:07:37 -0700
+Subject: [PATCH] Bump Markdown to patch version to fix CVE-2023-42821
+
+Signed-off-by: Sajia Zafreen <sajiazafreen@u.boisestate.edu>
+---
+ go.mod | 2 +-
+ go.sum | 3 ++-
+ 2 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/go.mod b/go.mod
+index daebc1b..57e7437 100644
+--- a/go.mod
++++ b/go.mod
+@@ -49,7 +49,7 @@ require (
+ 	github.com/gogo/protobuf v1.3.2 // indirect
+ 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+ 	github.com/golang/protobuf v1.5.2 // indirect
+-	github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7 // indirect
++	github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee // indirect
+ 	github.com/google/gofuzz v1.2.0 // indirect
+ 	github.com/google/uuid v1.3.0 // indirect
+ 	github.com/googleapis/gnostic v0.5.5 // indirect
+diff --git a/go.sum b/go.sum
+index b0dfccd..a171f07 100644
+--- a/go.sum
++++ b/go.sum
+@@ -183,8 +183,9 @@ github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw
+ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+ github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+ github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
+-github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7 h1:oKYOfNR7Hp6XpZ4JqolL5u642Js5Z0n7psPVl+S5heo=
+ github.com/gomarkdown/markdown v0.0.0-20210514010506-3b9f47219fe7/go.mod h1:aii0r/K0ZnHv7G0KF7xy1v0A7s2Ljrb5byB7MO5p6TU=
++github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee h1:gvsnG+uIVkOue7HrYAG2ZnOdLoJTqsLyuBFJaU0kX4M=
++github.com/gomarkdown/markdown v0.0.0-20230922105210-14b16010c2ee/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA=
+ github.com/gonum/blas v0.0.0-20181208220705-f22b278b28ac/go.mod h1:P32wAyui1PQ58Oce/KYkOqQv8cVw1zAapXOl+dRFGbc=
+ github.com/gonum/floats v0.0.0-20181209220543-c233463c7e82/go.mod h1:PxC8OnwL11+aosOB5+iEPoV3picfs8tUpkVd0pDo+Kg=
+ github.com/gonum/internal v0.0.0-20181124074243-f884aa714029/go.mod h1:Pu4dmpkhSyOzRwuXkOgAvijx4o+4YMUJJo9OvPYMkks=
+-- 
+2.39.1
+