Skip to content

Commit c4bc0b0

Browse files
mugdha-adhavmugdha-adhav
authored
Fix high severity CVEs (#154)
* Upgrade EKS patch version to v1.25.16 * Upgrade containerd version to v1.6.18
1 parent ade923f commit c4bc0b0

File tree

2 files changed

+181
-141
lines changed

2 files changed

+181
-141
lines changed

go.mod

Lines changed: 67 additions & 68 deletions
Original file line numberDiff line numberDiff line change
@@ -5,26 +5,25 @@ go 1.19
55
require (
66
github.com/BurntSushi/toml v1.2.0
77
github.com/container-storage-interface/spec v1.6.0
8-
github.com/containerd/containerd v1.6.8
8+
github.com/containerd/containerd v1.6.18
99
github.com/containers/storage v1.43.0
10-
github.com/golang/protobuf v1.5.2
11-
github.com/google/uuid v1.2.0
10+
github.com/golang/protobuf v1.5.4
1211
github.com/mitchellh/go-ps v1.0.0
13-
github.com/opencontainers/image-spec v1.1.0-rc2
12+
github.com/opencontainers/image-spec v1.1.0
1413
github.com/pkg/errors v0.9.1
1514
github.com/prometheus/client_golang v1.12.1
1615
github.com/spf13/pflag v1.0.5
1716
github.com/stretchr/testify v1.8.4
1817
github.com/warm-metal/csi-drivers v0.5.0-alpha.0.0.20210404173852-9ec9cb097dd2
19-
golang.org/x/net v0.0.0-20221004154528-8021a29435af
20-
google.golang.org/grpc v1.50.0
21-
k8s.io/api v0.25.2
22-
k8s.io/apimachinery v0.25.2
23-
k8s.io/client-go v0.25.2
18+
golang.org/x/net v0.22.0
19+
google.golang.org/grpc v1.62.1
20+
k8s.io/api v0.25.16
21+
k8s.io/apimachinery v0.25.16
22+
k8s.io/client-go v0.25.16
2423
k8s.io/cri-api v0.25.2
2524
k8s.io/klog/v2 v2.70.1
26-
k8s.io/kubernetes v1.25.2
27-
k8s.io/mount-utils v0.25.2
25+
k8s.io/kubernetes v1.25.16
26+
k8s.io/mount-utils v0.25.16
2827
k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed
2928
sigs.k8s.io/yaml v1.2.0
3029
)
@@ -39,18 +38,18 @@ require (
3938
github.com/Azure/go-autorest/autorest/validation v0.1.0 // indirect
4039
github.com/Azure/go-autorest/logger v0.2.1 // indirect
4140
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
42-
github.com/Microsoft/go-winio v0.6.0 // indirect
43-
github.com/Microsoft/hcsshim v0.9.4 // indirect
41+
github.com/Microsoft/go-winio v0.6.1 // indirect
42+
github.com/Microsoft/hcsshim v0.11.0 // indirect
4443
github.com/PuerkitoBio/purell v1.1.1 // indirect
4544
github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
4645
github.com/aws/aws-sdk-go v1.38.49 // indirect
4746
github.com/beorn7/perks v1.0.1 // indirect
4847
github.com/blang/semver/v4 v4.0.0 // indirect
49-
github.com/cespare/xxhash/v2 v2.1.2 // indirect
50-
github.com/containerd/cgroups v1.0.4 // indirect
51-
github.com/containerd/continuity v0.3.0 // indirect
52-
github.com/containerd/fifo v1.0.0 // indirect
53-
github.com/containerd/ttrpc v1.1.0 // indirect
48+
github.com/cespare/xxhash/v2 v2.2.0 // indirect
49+
github.com/containerd/cgroups v1.1.0 // indirect
50+
github.com/containerd/continuity v0.4.3 // indirect
51+
github.com/containerd/fifo v1.1.0 // indirect
52+
github.com/containerd/ttrpc v1.2.3 // indirect
5453
github.com/containerd/typeurl v1.0.2 // indirect
5554
github.com/davecgh/go-spew v1.1.1 // indirect
5655
github.com/docker/distribution v2.8.1+incompatible // indirect
@@ -61,67 +60,68 @@ require (
6160
github.com/go-openapi/jsonpointer v0.19.5 // indirect
6261
github.com/go-openapi/jsonreference v0.19.5 // indirect
6362
github.com/go-openapi/swag v0.19.14 // indirect
64-
github.com/gogo/googleapis v1.4.0 // indirect
63+
github.com/gogo/googleapis v1.4.1 // indirect
6564
github.com/gogo/protobuf v1.3.2 // indirect
6665
github.com/golang-jwt/jwt/v4 v4.2.0 // indirect
6766
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
6867
github.com/google/gnostic v0.5.7-v3refs // indirect
69-
github.com/google/go-cmp v0.5.8 // indirect
68+
github.com/google/go-cmp v0.6.0 // indirect
7069
github.com/google/go-intervals v0.0.2 // indirect
7170
github.com/google/gofuzz v1.2.0 // indirect
71+
github.com/google/uuid v1.6.0 // indirect
7272
github.com/hashicorp/errwrap v1.1.0 // indirect
7373
github.com/hashicorp/go-multierror v1.1.1 // indirect
7474
github.com/imdario/mergo v0.3.12 // indirect
7575
github.com/inconshreveable/mousetrap v1.0.0 // indirect
7676
github.com/jmespath/go-jmespath v0.4.0 // indirect
7777
github.com/josharian/intern v1.0.0 // indirect
7878
github.com/json-iterator/go v1.1.12 // indirect
79-
github.com/klauspost/compress v1.15.11 // indirect
79+
github.com/klauspost/compress v1.17.7 // indirect
8080
github.com/klauspost/pgzip v1.2.5 // indirect
8181
github.com/kubernetes-csi/csi-lib-utils v0.9.1 // indirect
8282
github.com/mailru/easyjson v0.7.6 // indirect
8383
github.com/mattn/go-shellwords v1.0.12 // indirect
84-
github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
84+
github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
8585
github.com/mistifyio/go-zfs/v3 v3.0.0 // indirect
8686
github.com/moby/locker v1.0.1 // indirect
87-
github.com/moby/sys/mountinfo v0.6.2 // indirect
87+
github.com/moby/sys/mountinfo v0.7.1 // indirect
8888
github.com/moby/sys/signal v0.7.0 // indirect
8989
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
9090
github.com/modern-go/reflect2 v1.0.2 // indirect
9191
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
9292
github.com/opencontainers/go-digest v1.0.0 // indirect
93-
github.com/opencontainers/runc v1.1.4 // indirect
94-
github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 // indirect
95-
github.com/opencontainers/selinux v1.10.2 // indirect
93+
github.com/opencontainers/runc v1.1.12 // indirect
94+
github.com/opencontainers/runtime-spec v1.2.0 // indirect
95+
github.com/opencontainers/selinux v1.11.0 // indirect
9696
github.com/pmezard/go-difflib v1.0.0 // indirect
9797
github.com/prometheus/client_model v0.2.0 // indirect
9898
github.com/prometheus/common v0.32.1 // indirect
9999
github.com/prometheus/procfs v0.7.3 // indirect
100-
github.com/sirupsen/logrus v1.9.0 // indirect
100+
github.com/sirupsen/logrus v1.9.3 // indirect
101101
github.com/spf13/cobra v1.4.0 // indirect
102102
github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 // indirect
103103
github.com/tchap/go-patricia v2.3.0+incompatible // indirect
104104
github.com/ulikunitz/xz v0.5.10 // indirect
105105
github.com/vbatts/tar-split v0.11.2 // indirect
106-
go.opencensus.io v0.23.0 // indirect
107-
golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd // indirect
108-
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 // indirect
109-
golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect
110-
golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0 // indirect
111-
golang.org/x/sys v0.0.0-20221010170243-090e33056c14 // indirect
112-
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
113-
golang.org/x/text v0.3.7 // indirect
106+
go.opencensus.io v0.24.0 // indirect
107+
golang.org/x/crypto v0.21.0 // indirect
108+
golang.org/x/mod v0.16.0 // indirect
109+
golang.org/x/oauth2 v0.16.0 // indirect
110+
golang.org/x/sync v0.6.0 // indirect
111+
golang.org/x/sys v0.18.0 // indirect
112+
golang.org/x/term v0.18.0 // indirect
113+
golang.org/x/text v0.14.0 // indirect
114114
golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect
115-
golang.org/x/tools v0.1.12 // indirect
116-
google.golang.org/appengine v1.6.7 // indirect
117-
google.golang.org/genproto v0.0.0-20221010155953-15ba04fc1c0e // indirect
118-
google.golang.org/protobuf v1.28.1 // indirect
115+
golang.org/x/tools v0.19.0 // indirect
116+
google.golang.org/appengine v1.6.8 // indirect
117+
google.golang.org/genproto/googleapis/rpc v0.0.0-20240308144416-29370a3891b7 // indirect
118+
google.golang.org/protobuf v1.33.0 // indirect
119119
gopkg.in/inf.v0 v0.9.1 // indirect
120120
gopkg.in/yaml.v2 v2.4.0 // indirect
121121
gopkg.in/yaml.v3 v3.0.1 // indirect
122-
k8s.io/apiserver v0.25.2 // indirect
123-
k8s.io/cloud-provider v0.25.2 // indirect
124-
k8s.io/component-base v0.25.2 // indirect
122+
k8s.io/apiserver v0.25.16 // indirect
123+
k8s.io/cloud-provider v0.25.16 // indirect
124+
k8s.io/component-base v0.25.16 // indirect
125125
k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 // indirect
126126
k8s.io/kubelet v0.0.0 // indirect
127127
k8s.io/legacy-cloud-providers v0.0.0 // indirect
@@ -130,30 +130,29 @@ require (
130130
)
131131

132132
replace (
133-
github.com/googleapis/gnostic => github.com/googleapis/gnostic v0.4.1
134-
k8s.io/api => k8s.io/api v0.25.2
135-
k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.25.2
136-
k8s.io/apimachinery => k8s.io/apimachinery v0.25.2
137-
k8s.io/apiserver => k8s.io/apiserver v0.25.2
138-
k8s.io/cli-runtime => k8s.io/cli-runtime v0.25.2
139-
k8s.io/client-go => k8s.io/client-go v0.25.2
140-
k8s.io/cloud-provider => k8s.io/cloud-provider v0.25.2
141-
k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.25.2
142-
k8s.io/code-generator => k8s.io/code-generator v0.25.2
143-
k8s.io/component-base => k8s.io/component-base v0.25.2
144-
k8s.io/component-helpers => k8s.io/component-helpers v0.25.2
145-
k8s.io/controller-manager => k8s.io/controller-manager v0.25.2
146-
k8s.io/cri-api => k8s.io/cri-api v0.25.2
147-
k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.25.2
148-
k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.25.2
149-
k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.25.2
150-
k8s.io/kube-proxy => k8s.io/kube-proxy v0.25.2
151-
k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.25.2
152-
k8s.io/kubectl => k8s.io/kubectl v0.25.2
153-
k8s.io/kubelet => k8s.io/kubelet v0.25.2
154-
k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.25.2
155-
k8s.io/metrics => k8s.io/metrics v0.25.2
156-
k8s.io/mount-utils => k8s.io/mount-utils v0.25.2
157-
k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.25.2
158-
k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.25.2
133+
k8s.io/api => k8s.io/api v0.25.16
134+
k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.25.16
135+
k8s.io/apimachinery => k8s.io/apimachinery v0.25.16
136+
k8s.io/apiserver => k8s.io/apiserver v0.25.16
137+
k8s.io/cli-runtime => k8s.io/cli-runtime v0.25.16
138+
k8s.io/client-go => k8s.io/client-go v0.25.16
139+
k8s.io/cloud-provider => k8s.io/cloud-provider v0.25.16
140+
k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.25.16
141+
k8s.io/code-generator => k8s.io/code-generator v0.25.16
142+
k8s.io/component-base => k8s.io/component-base v0.25.16
143+
k8s.io/component-helpers => k8s.io/component-helpers v0.25.16
144+
k8s.io/controller-manager => k8s.io/controller-manager v0.25.16
145+
k8s.io/cri-api => k8s.io/cri-api v0.25.16
146+
k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.25.16
147+
k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.25.16
148+
k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.25.16
149+
k8s.io/kube-proxy => k8s.io/kube-proxy v0.25.16
150+
k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.25.16
151+
k8s.io/kubectl => k8s.io/kubectl v0.25.16
152+
k8s.io/kubelet => k8s.io/kubelet v0.25.16
153+
k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.25.16
154+
k8s.io/metrics => k8s.io/metrics v0.25.16
155+
k8s.io/mount-utils => k8s.io/mount-utils v0.25.16
156+
k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.25.16
157+
k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.25.16
159158
)

0 commit comments

Comments
 (0)