[Security] Bump k8s.io/apimachinery from 0.0.0-20181128191346-49ce2735e507 to 0.15.7 #14

Merged

argoyle merged 1 commits from dependabot-go_modules-k8s.io-apimachinery-0.15.7 into master 2023-05-09 06:16:07 +00:00

Conversation 2 Commits 1 Files Changed 2

+69 -47

argoyle commented 2023-05-08 18:39:16 +00:00 (Migrated from gitlab.com)

Copy Link

Copy Source

Bumps k8s.io/apimachinery from 0.0.0-20181128191346-49ce2735e507 to 0.15.7. This update includes a security fix.

Vulnerabilities fixed

Kubernetes apimachinery packages vulnerable to unbounded recursion in JSON parsing Unbounded recursion in JSON parsing allows malicious JSON input to cause excessive memory consumption or panics.

Patched versions: 0.0.0-20190927203648-9ce6eca90e73 Affected versions: < 0.0.0-20190927203648-9ce6eca90e73

Commits

• See full diff in compare view

---

Dependabot commands

You can trigger Dependabot actions by commenting on this MR

• $dependabot rebase will rebase this MR
• $dependabot recreate will recreate this MR rewriting all the manual changes and resolving conflicts

Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.0.0-20181128191346-49ce2735e507 to 0.15.7. **This update includes a security fix.** <details> <summary>Vulnerabilities fixed</summary> <blockquote> <p><strong>Kubernetes apimachinery packages vulnerable to unbounded recursion in JSON parsing</strong> Unbounded recursion in JSON parsing allows malicious JSON input to cause excessive memory consumption or panics.</p> <p>Patched versions: 0.0.0-20190927203648-9ce6eca90e73 Affected versions: &lt; 0.0.0-20190927203648-9ce6eca90e73</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/kubernetes/apimachinery/commits/v0.15.7">compare view</a></li> </ul> </details> <br /> --- <details> <summary>Dependabot commands</summary> <br /> You can trigger Dependabot actions by commenting on this MR - `$dependabot rebase` will rebase this MR - `$dependabot recreate` will recreate this MR rewriting all the manual changes and resolving conflicts </details>

argoyle commented 2023-05-09 05:46:34 +00:00 (Migrated from gitlab.com)

Copy Link

Copy Source

added 5 commits

• c830bc59...121276f6 - 4 commits from branch master
• e71cdc5c - [Security] Bump k8s.io/apimachinery

Compare with previous version

added 5 commits <ul><li>c830bc59...121276f6 - 4 commits from branch <code>master</code></li><li>e71cdc5c - [Security] Bump k8s.io/apimachinery</li></ul> [Compare with previous version](/unboundsoftware/default-request-adder/-/merge_requests/11/diffs?diff_id=675558439&start_sha=c830bc5953b9329375c04cc28af0d25a14ee48b2)

argoyle commented 2023-05-09 06:09:50 +00:00 (Migrated from gitlab.com)

Copy Link

Copy Source

added 1 commit

• 3c4ac182 - [Security] Bump k8s.io/apimachinery

Compare with previous version

added 1 commit <ul><li>3c4ac182 - [Security] Bump k8s.io/apimachinery</li></ul> [Compare with previous version](/unboundsoftware/default-request-adder/-/merge_requests/11/diffs?diff_id=675570976&start_sha=e71cdc5c0f379f3b206cb4ef8446f3864e60f8fd)

argoyle (Migrated from gitlab.com) scheduled this pull request to auto merge when all checks succeed 2023-05-09 06:15:25 +00:00

argoyle (Migrated from gitlab.com) merged commit into master 2023-05-09 06:16:07 +00:00

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

dependencies

Pull requests that update a dependency file

docker

go

security

Pull requests that address a security vulnerability

severity:moderate

No Label dependencies go security

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

acctest (Shiny Acctest) argoyle (Joakim Olsson) buildtools (Buildtools) kubernetes (Kubernetes) peter releaser (Unbound Releaser) renovate (Renovate Bot)

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: unboundsoftware/default-request-adder#14