Skip to content

Commit

Permalink
Bump dependencies to patch security advisories
Browse files Browse the repository at this point in the history 
Advisories fixed:
github.com/opencontainers/runc: CVE-2021-43784 GO-2021-0085 GO-2021-0087
github.com/containerd/containerd: CVE-2021-32760

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
  • Loading branch information
Paulo Gomes committed Dec 9, 2021
1 parent cfa72ad commit 914fc0d
Show file tree
Hide file tree
Showing 2 changed files with 108 additions and 12 deletions.
9 changes: 6 additions & 3 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@ require (
github.com/bugsnag/bugsnag-go v2.1.2+incompatible // indirect
github.com/bugsnag/panicwrap v1.3.4 // indirect
github.com/cyphar/filepath-securejoin v0.2.2
github.com/docker/go-metrics v0.0.1 // indirect
github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7 // indirect
github.com/fluxcd/pkg/apis/meta v0.10.1
github.com/fluxcd/pkg/gittestserver v0.4.2
Expand Down Expand Up @@ -68,10 +67,14 @@ replace github.com/docker/cli => github.com/docker/cli v20.10.9+incompatible

// Fix CVE-2021-41103
// Fix CVE-2021-41190
replace github.com/containerd/containerd => github.com/containerd/containerd v1.4.12
// Fix CVE-2021-32760
replace github.com/containerd/containerd => github.com/containerd/containerd v1.5.8

// Fix CVE-2021-30465
replace github.com/opencontainers/runc => github.com/opencontainers/runc v1.0.2
// Fix CVE-2021-43784
// Fix GO-2021-0085
// Fix GO-2021-0087
replace github.com/opencontainers/runc => github.com/opencontainers/runc v1.0.3

// Fix CVE-2021-41190
replace github.com/opencontainers/image-spec => github.com/opencontainers/image-spec v1.0.2
Loading

0 comments on commit 914fc0d

Please sign in to comment.