-
Notifications
You must be signed in to change notification settings - Fork 39.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update gogo/protobuf to v1.3.2 #98477
Merged
k8s-ci-robot
merged 1 commit into
kubernetes:master
from
palnabarun:update-gogo/protobuf
Feb 2, 2021
Merged
Update gogo/protobuf to v1.3.2 #98477
k8s-ci-robot
merged 1 commit into
kubernetes:master
from
palnabarun:update-gogo/protobuf
Feb 2, 2021
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
k8s-ci-robot
added
release-note-none
Denotes a PR that doesn't merit a release note.
kind/cleanup
Categorizes issue or PR as related to cleaning up code, process, or technical debt.
size/M
Denotes a PR that changes 30-99 lines, ignoring generated files.
labels
Jan 27, 2021
k8s-ci-robot
added
sig/architecture
Categorizes an issue or PR as relevant to SIG Architecture.
sig/api-machinery
Categorizes an issue or PR as relevant to SIG API Machinery.
area/code-organization
Issues or PRs related to kubernetes code organization
cncf-cla: yes
Indicates the PR's author has signed the CNCF CLA.
needs-triage
Indicates an issue or PR lacks a `triage/foo` label and requires one.
needs-priority
Indicates a PR lacks a `priority/foo` label and requires one.
labels
Jan 27, 2021
/wip |
k8s-ci-robot
added
priority/critical-urgent
Highest priority. Must be actively worked on as someone's top priority right now.
area/apiserver
area/cloudprovider
area/code-generation
area/dependency
Issues or PRs related to dependency changes
area/kubectl
sig/cli
Categorizes an issue or PR as relevant to SIG CLI.
sig/cloud-provider
Categorizes an issue or PR as relevant to SIG Cloud Provider.
sig/cluster-lifecycle
Categorizes an issue or PR as relevant to SIG Cluster Lifecycle.
sig/instrumentation
Categorizes an issue or PR as relevant to SIG Instrumentation.
sig/node
Categorizes an issue or PR as relevant to SIG Node.
and removed
needs-priority
Indicates a PR lacks a `priority/foo` label and requires one.
labels
Jan 27, 2021
/retitle WIP: update gogo/protobuf to v1.3.2 |
k8s-ci-robot
changed the title
update gogo/protobuf to v1.3.2
WIP: update gogo/protobuf to v1.3.2
Jan 27, 2021
k8s-ci-robot
added
the
do-not-merge/work-in-progress
Indicates that a PR should not merge because it is a work in progress.
label
Jan 27, 2021
palnabarun
force-pushed
the
update-gogo/protobuf
branch
from
January 27, 2021 13:07
4441b00
to
43e9257
Compare
SchSeba
added a commit
to SchSeba/linuxptp-daemon
that referenced
this pull request
Feb 9, 2021
Update gogo/protobuf to v1.3.2 to fix https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121. The related k8s fix is here: kubernetes/kubernetes#98477 Signed-off-by: Sebastian Sch <sebassch@gmail.com>
SchSeba
added a commit
to SchSeba/ptp-operator
that referenced
this pull request
Feb 10, 2021
Update gogo/protobuf to v1.3.2 to fix https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121. The related k8s fix is here: kubernetes/kubernetes#98477 Signed-off-by: Sebastian Sch <sebassch@gmail.com>
SchSeba
added a commit
to SchSeba/linuxptp-daemon
that referenced
this pull request
Feb 10, 2021
Update gogo/protobuf to v1.3.2 to fix https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121. The related k8s fix is here: kubernetes/kubernetes#98477 Signed-off-by: Sebastian Sch <sebassch@gmail.com>
vpickard
added a commit
to vpickard/sdn
that referenced
this pull request
Feb 19, 2021
The k/k fix is here: kubernetes/kubernetes#98477 Resolves CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121 Here are the steps I used: go list -m all |grep gogo/protobuf go get github.com/gogo/protobuf@v1.3.2 go mod vendor go mod tidy make Signed-off-by: vpickard <vpickard@redhat.com>
periklis
added a commit
to periklis/elasticsearch-proxy
that referenced
this pull request
Feb 24, 2021
The k/k fix is here: kubernetes/kubernetes#98477 Resolves CVE: cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121 Here are the steps I used: go list -m all |grep gogo/protobuf go get github.com/gogo/protobuf@v1.3.2 go mod vendor go mod tidy make
periklis
added a commit
to periklis/elasticsearch-operator
that referenced
this pull request
Feb 24, 2021
The k/k fix is here: kubernetes/kubernetes#98477 Resolves CVE: cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121 Here are the steps I used: go list -m all |grep gogo/protobuf go get github.com/gogo/protobuf@v1.3.2 go mod vendor go mod tidy make
periklis
added a commit
to periklis/elasticsearch-operator
that referenced
this pull request
Feb 24, 2021
The k/k fix is here: kubernetes/kubernetes#98477 Resolves CVE: cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121 Here are the steps I used: go list -m all |grep gogo/protobuf go get github.com/gogo/protobuf@v1.3.2 go mod vendor go mod tidy make
periklis
added a commit
to periklis/elasticsearch-operator
that referenced
this pull request
Mar 1, 2021
The k/k fix is here: kubernetes/kubernetes#98477 Resolves CVE: cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121 Here are the steps I used: go list -m all |grep gogo/protobuf go get github.com/gogo/protobuf@v1.3.2 go mod vendor go mod tidy make
periklis
added a commit
to periklis/elasticsearch-operator
that referenced
this pull request
Mar 1, 2021
The k/k fix is here: kubernetes/kubernetes#98477 Resolves CVE: cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121 Here are the steps I used: go list -m all |grep gogo/protobuf go get github.com/gogo/protobuf@v1.3.2 go mod vendor go mod tidy make
openshift-cherrypick-robot
pushed a commit
to openshift-cherrypick-robot/sdn
that referenced
this pull request
Mar 4, 2021
The k/k fix is here: kubernetes/kubernetes#98477 Resolves CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121 Here are the steps I used: go list -m all |grep gogo/protobuf go get github.com/gogo/protobuf@v1.3.2 go mod vendor go mod tidy make Signed-off-by: vpickard <vpickard@redhat.com>
periklis
added a commit
to periklis/elasticsearch-operator
that referenced
this pull request
Mar 5, 2021
The k/k fix is here: kubernetes/kubernetes#98477 Resolves CVE: cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121 Here are the steps I used: go list -m all |grep gogo/protobuf go get github.com/gogo/protobuf@v1.3.2 go mod vendor go mod tidy make
This was referenced Mar 23, 2021
k8s-ci-robot
added a commit
that referenced
this pull request
Mar 29, 2021
[1.18] Cherry pick of #98477: update gogo/protobuf to v1.3.2
k8s-ci-robot
added a commit
that referenced
this pull request
Mar 29, 2021
…8477-upstream-release-1.20 [1.20] Automated cherry pick of #98477: update gogo/protobuf to v1.3.2
k8s-ci-robot
added a commit
that referenced
this pull request
Mar 29, 2021
[1.19] Cherry pick of #98477: update gogo/protobuf to v1.3.2
rfranzke
added a commit
to rfranzke/gardener
that referenced
this pull request
Apr 26, 2021
ialidzhikov
pushed a commit
to gardener/gardener
that referenced
this pull request
Apr 27, 2021
…1-3121 (#3945) * Update gogo/protobuf to v1.3.2 Similar to kubernetes/kubernetes#98477 * Manually apply kubernetes/kubernetes#101326 * Update k8s.io/* to v0.20.6 * Remove go.mod replacement for sigs.k8s.io/structured-merge-diff/v4
krgostev
pushed a commit
to krgostev/gardener
that referenced
this pull request
Apr 21, 2022
…1-3121 (gardener#3945) * Update gogo/protobuf to v1.3.2 Similar to kubernetes/kubernetes#98477 * Manually apply kubernetes/kubernetes#101326 * Update k8s.io/* to v0.20.6 * Remove go.mod replacement for sigs.k8s.io/structured-merge-diff/v4
krgostev
pushed a commit
to krgostev/gardener
that referenced
this pull request
Jul 5, 2022
…1-3121 (gardener#3945) * Update gogo/protobuf to v1.3.2 Similar to kubernetes/kubernetes#98477 * Manually apply kubernetes/kubernetes#101326 * Update k8s.io/* to v0.20.6 * Remove go.mod replacement for sigs.k8s.io/structured-merge-diff/v4
josephdrichard
pushed a commit
to k8snetworkplumbingwg/ptp-operator
that referenced
this pull request
May 23, 2023
Update gogo/protobuf to v1.3.2 to fix https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121. The related k8s fix is here: kubernetes/kubernetes#98477 Signed-off-by: Sebastian Sch <sebassch@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
approved
Indicates a PR has been approved by an approver from all required OWNERS files.
area/apiserver
area/cloudprovider
area/code-generation
area/code-organization
Issues or PRs related to kubernetes code organization
area/dependency
Issues or PRs related to dependency changes
area/kubectl
area/kubelet
cncf-cla: yes
Indicates the PR's author has signed the CNCF CLA.
kind/api-change
Categorizes issue or PR as related to adding, removing, or otherwise changing an API
kind/cleanup
Categorizes issue or PR as related to cleaning up code, process, or technical debt.
lgtm
"Looks good to me", indicates that a PR is ready to be merged.
priority/critical-urgent
Highest priority. Must be actively worked on as someone's top priority right now.
release-note-none
Denotes a PR that doesn't merit a release note.
sig/api-machinery
Categorizes an issue or PR as relevant to SIG API Machinery.
sig/architecture
Categorizes an issue or PR as relevant to SIG Architecture.
sig/auth
Categorizes an issue or PR as relevant to SIG Auth.
sig/cli
Categorizes an issue or PR as relevant to SIG CLI.
sig/cloud-provider
Categorizes an issue or PR as relevant to SIG Cloud Provider.
sig/cluster-lifecycle
Categorizes an issue or PR as relevant to SIG Cluster Lifecycle.
sig/instrumentation
Categorizes an issue or PR as relevant to SIG Instrumentation.
sig/node
Categorizes an issue or PR as relevant to SIG Node.
sig/storage
Categorizes an issue or PR as relevant to SIG Storage.
size/XXL
Denotes a PR that changes 1000+ lines, ignoring generated files.
triage/accepted
Indicates an issue or PR is ready to be actively worked on.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
/kind cleanup
What this PR does / why we need it:
gogo/protobuf@v1.3.2
fixes https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121Changes in the dependency between v1.3.1 and v1.3.2: gogo/protobuf@v1.3.1...v1.3.2
Which issue(s) this PR fixes:
Fixes: kubernetes/client-go#927
Special notes for your reviewer:
The change is tentative and is pending on the merge of gogo/protobuf#721 and a new version to be pushed after that merges.
This is needed because
gogo/protobuf@v1.3.2
includes an unnecessary version update forgolang.org/x/tools
as well.Does this PR introduce a user-facing change?:
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:
/assign
/cc @dims @nikhita @liggitt
/sig architecture
/sig api-machinery
/area code-organization