Skip to content

Commit 4dc6adb

Browse files
dandawgmprahl
dandawg
authored and
mprahl
committed
glog upgrade fix for CVE GO-2025-3372
Signed-off-by: Daniel Dowler <[email protected]>
1 parent bc2ec56 commit 4dc6adb

File tree

9 files changed

+242
-99
lines changed

9 files changed

+242
-99
lines changed

backend/third_party_licenses/apiserver.csv

Lines changed: 15 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -42,10 +42,10 @@ github.com/go-openapi/swag,https://github.com/go-openapi/swag/blob/v0.22.6/LICEN
4242
github.com/go-sql-driver/mysql,https://github.com/go-sql-driver/mysql/blob/v1.7.1/LICENSE,MPL-2.0
4343
github.com/go-stack/stack,https://github.com/go-stack/stack/blob/v1.8.0/LICENSE.md,MIT
4444
github.com/gogo/protobuf,https://github.com/gogo/protobuf/blob/v1.3.2/LICENSE,BSD-3-Clause
45-
github.com/golang/glog,https://github.com/golang/glog/blob/v1.2.0/LICENSE,Apache-2.0
45+
github.com/golang/glog,https://github.com/golang/glog/blob/v1.2.4/LICENSE,Apache-2.0
4646
github.com/golang/groupcache/lru,https://github.com/golang/groupcache/blob/41bb18bfe9da/LICENSE,Apache-2.0
47-
github.com/golang/protobuf,https://github.com/golang/protobuf/blob/v1.5.3/LICENSE,BSD-3-Clause
48-
github.com/google/cel-go,https://github.com/google/cel-go/blob/v0.12.6/LICENSE,Apache-2.0
47+
github.com/golang/protobuf,https://github.com/golang/protobuf/blob/v1.5.4/LICENSE,BSD-3-Clause
48+
github.com/google/cel-go,https://github.com/google/cel-go/blob/v0.12.7/LICENSE,Apache-2.0
4949
github.com/google/gnostic,https://github.com/google/gnostic/blob/v0.6.9/LICENSE,Apache-2.0
5050
github.com/google/go-cmp/cmp,https://github.com/google/go-cmp/blob/v0.6.0/LICENSE,BSD-3-Clause
5151
github.com/google/go-containerregistry/pkg/name,https://github.com/google/go-containerregistry/blob/v0.16.1/LICENSE,Apache-2.0
@@ -59,7 +59,7 @@ github.com/gorilla/mux,https://github.com/gorilla/mux/blob/v1.8.0/LICENSE,BSD-3-
5959
github.com/gorilla/websocket,https://github.com/gorilla/websocket/blob/v1.5.0/LICENSE,BSD-2-Clause
6060
github.com/grpc-ecosystem/go-grpc-middleware,https://github.com/grpc-ecosystem/go-grpc-middleware/blob/v1.3.0/LICENSE,Apache-2.0
6161
github.com/grpc-ecosystem/grpc-gateway,https://github.com/grpc-ecosystem/grpc-gateway/blob/v1.16.0/LICENSE.txt,BSD-3-Clause
62-
github.com/grpc-ecosystem/grpc-gateway/v2,https://github.com/grpc-ecosystem/grpc-gateway/blob/v2.11.3/LICENSE.txt,BSD-3-Clause
62+
github.com/grpc-ecosystem/grpc-gateway/v2,https://github.com/grpc-ecosystem/grpc-gateway/blob/v2.16.0/LICENSE.txt,BSD-3-Clause
6363
github.com/hashicorp/errwrap,https://github.com/hashicorp/errwrap/blob/v1.1.0/LICENSE,MPL-2.0
6464
github.com/hashicorp/go-multierror,https://github.com/hashicorp/go-multierror/blob/v1.1.1/LICENSE,MPL-2.0
6565
github.com/hashicorp/go-uuid,https://github.com/hashicorp/go-uuid/blob/v1.0.3/LICENSE,MPL-2.0
@@ -127,7 +127,7 @@ github.com/spf13/pflag,https://github.com/spf13/pflag/blob/v1.0.5/LICENSE,BSD-3-
127127
github.com/spf13/viper,https://github.com/spf13/viper/blob/v1.15.0/LICENSE,MIT
128128
github.com/stoewer/go-strcase,https://github.com/stoewer/go-strcase/blob/v1.2.0/LICENSE,MIT
129129
github.com/subosito/gotenv,https://github.com/subosito/gotenv/blob/v1.4.2/LICENSE,MIT
130-
github.com/tektoncd/pipeline/pkg,https://github.com/tektoncd/pipeline/blob/v0.53.2/LICENSE,Apache-2.0
130+
github.com/tektoncd/pipeline/pkg,https://github.com/tektoncd/pipeline/blob/v0.53.6/LICENSE,Apache-2.0
131131
github.com/valyala/bytebufferpool,https://github.com/valyala/bytebufferpool/blob/v1.0.0/LICENSE,MIT
132132
github.com/valyala/fasttemplate,https://github.com/valyala/fasttemplate/blob/v1.2.2/LICENSE,MIT
133133
go.mongodb.org/mongo-driver,https://github.com/mongodb/mongo-go-driver/blob/v1.7.5/LICENSE,Apache-2.0
@@ -141,14 +141,14 @@ go.uber.org/atomic,https://github.com/uber-go/atomic/blob/v1.10.0/LICENSE.txt,MI
141141
go.uber.org/multierr,https://github.com/uber-go/multierr/blob/v1.10.0/LICENSE.txt,MIT
142142
go.uber.org/zap,https://github.com/uber-go/zap/blob/v1.26.0/LICENSE.txt,MIT
143143
gocloud.dev,https://github.com/google/go-cloud/blob/v0.22.0/LICENSE,Apache-2.0
144-
golang.org/x/crypto,https://cs.opensource.google/go/x/crypto/+/v0.22.0:LICENSE,BSD-3-Clause
144+
golang.org/x/crypto,https://cs.opensource.google/go/x/crypto/+/v0.31.0:LICENSE,BSD-3-Clause
145145
golang.org/x/exp/maps,https://cs.opensource.google/go/x/exp/+/92128663:LICENSE,BSD-3-Clause
146-
golang.org/x/net,https://cs.opensource.google/go/x/net/+/v0.21.0:LICENSE,BSD-3-Clause
146+
golang.org/x/net,https://cs.opensource.google/go/x/net/+/v0.33.0:LICENSE,BSD-3-Clause
147147
golang.org/x/oauth2,https://cs.opensource.google/go/x/oauth2/+/v0.16.0:LICENSE,BSD-3-Clause
148-
golang.org/x/sync/semaphore,https://cs.opensource.google/go/x/sync/+/v0.6.0:LICENSE,BSD-3-Clause
149-
golang.org/x/sys,https://cs.opensource.google/go/x/sys/+/v0.19.0:LICENSE,BSD-3-Clause
150-
golang.org/x/term,https://cs.opensource.google/go/x/term/+/v0.19.0:LICENSE,BSD-3-Clause
151-
golang.org/x/text,https://cs.opensource.google/go/x/text/+/v0.14.0:LICENSE,BSD-3-Clause
148+
golang.org/x/sync/semaphore,https://cs.opensource.google/go/x/sync/+/v0.10.0:LICENSE,BSD-3-Clause
149+
golang.org/x/sys,https://cs.opensource.google/go/x/sys/+/v0.28.0:LICENSE,BSD-3-Clause
150+
golang.org/x/term,https://cs.opensource.google/go/x/term/+/v0.27.0:LICENSE,BSD-3-Clause
151+
golang.org/x/text,https://cs.opensource.google/go/x/text/+/v0.21.0:LICENSE,BSD-3-Clause
152152
golang.org/x/time/rate,https://cs.opensource.google/go/x/time/+/v0.5.0:LICENSE,BSD-3-Clause
153153
golang.org/x/xerrors,https://cs.opensource.google/go/x/xerrors/+/04be3eba:LICENSE,BSD-3-Clause
154154
gomodules.xyz/jsonpatch/v2,https://github.com/gomodules/jsonpatch/blob/v2.4.0/v2/LICENSE,Apache-2.0
@@ -158,23 +158,22 @@ google.golang.org/genproto,https://github.com/googleapis/go-genproto/blob/995d67
158158
google.golang.org/genproto/googleapis/api,https://github.com/googleapis/go-genproto/blob/995d672761c0/googleapis/api/LICENSE,Apache-2.0
159159
google.golang.org/genproto/googleapis/rpc,https://github.com/googleapis/go-genproto/blob/50ed04b92917/googleapis/rpc/LICENSE,Apache-2.0
160160
google.golang.org/grpc,https://github.com/grpc/grpc-go/blob/v1.60.1/LICENSE,Apache-2.0
161-
google.golang.org/protobuf,https://github.com/protocolbuffers/protobuf-go/blob/v1.32.0/LICENSE,BSD-3-Clause
161+
google.golang.org/protobuf,https://github.com/protocolbuffers/protobuf-go/blob/v1.33.0/LICENSE,BSD-3-Clause
162162
gopkg.in/inf.v0,https://github.com/go-inf/inf/blob/v0.9.1/LICENSE,BSD-3-Clause
163163
gopkg.in/ini.v1,https://github.com/go-ini/ini/blob/v1.67.0/LICENSE,Apache-2.0
164164
gopkg.in/yaml.v2,https://github.com/go-yaml/yaml/blob/v2.4.0/LICENSE,Apache-2.0
165165
gopkg.in/yaml.v3,https://github.com/go-yaml/yaml/blob/v3.0.1/LICENSE,MIT
166166
k8s.io/api,https://github.com/kubernetes/api/blob/v0.25.9/LICENSE,Apache-2.0
167-
k8s.io/apimachinery/pkg,https://github.com/kubernetes/apimachinery/blob/v0.26.5/LICENSE,Apache-2.0
168-
k8s.io/apimachinery/third_party/forked/golang,https://github.com/kubernetes/apimachinery/blob/v0.26.5/third_party/forked/golang/LICENSE,BSD-3-Clause
167+
k8s.io/apimachinery/pkg,https://github.com/kubernetes/apimachinery/blob/v0.26.15/LICENSE,Apache-2.0
168+
k8s.io/apimachinery/third_party/forked/golang,https://github.com/kubernetes/apimachinery/blob/v0.26.15/third_party/forked/golang/LICENSE,BSD-3-Clause
169169
k8s.io/client-go,https://github.com/kubernetes/client-go/blob/v0.25.9/LICENSE,Apache-2.0
170170
k8s.io/klog/v2,https://github.com/kubernetes/klog/blob/v2.100.1/LICENSE,Apache-2.0
171171
k8s.io/kube-openapi/pkg,https://github.com/kubernetes/kube-openapi/blob/54b630e78af5/LICENSE,Apache-2.0
172172
k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json,https://github.com/kubernetes/kube-openapi/blob/54b630e78af5/pkg/internal/third_party/go-json-experiment/json/LICENSE,BSD-3-Clause
173173
k8s.io/kube-openapi/pkg/validation/spec,https://github.com/kubernetes/kube-openapi/blob/54b630e78af5/pkg/validation/spec/LICENSE,Apache-2.0
174-
k8s.io/kubernetes/pkg/apis/core,https://github.com/kubernetes/kubernetes/blob/v1.11.1/LICENSE,Apache-2.0
175174
k8s.io/utils,https://github.com/kubernetes/utils/blob/9f6742963106/LICENSE,Apache-2.0
176175
k8s.io/utils/internal/third_party/forked/golang/net,https://github.com/kubernetes/utils/blob/9f6742963106/internal/third_party/forked/golang/LICENSE,BSD-3-Clause
177-
knative.dev/pkg,https://github.com/knative/pkg/blob/df28feae6d34/LICENSE,Apache-2.0
176+
knative.dev/pkg,https://github.com/knative/pkg/blob/56bfe0dd9626/LICENSE,Apache-2.0
178177
sigs.k8s.io/json,https://github.com/kubernetes-sigs/json/blob/bc3834ca7abd/LICENSE,Apache-2.0
179178
sigs.k8s.io/structured-merge-diff/v4,https://github.com/kubernetes-sigs/structured-merge-diff/blob/v4.2.3/LICENSE,Apache-2.0
180179
sigs.k8s.io/yaml,https://github.com/kubernetes-sigs/yaml/blob/v1.3.0/LICENSE,MIT

backend/third_party_licenses/cache_server.csv

Lines changed: 15 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -31,18 +31,18 @@ github.com/go-openapi/swag,https://github.com/go-openapi/swag/blob/v0.22.6/LICEN
3131
github.com/go-sql-driver/mysql,https://github.com/go-sql-driver/mysql/blob/v1.7.1/LICENSE,MPL-2.0
3232
github.com/go-stack/stack,https://github.com/go-stack/stack/blob/v1.8.0/LICENSE.md,MIT
3333
github.com/gogo/protobuf,https://github.com/gogo/protobuf/blob/v1.3.2/LICENSE,BSD-3-Clause
34-
github.com/golang/glog,https://github.com/golang/glog/blob/v1.2.0/LICENSE,Apache-2.0
34+
github.com/golang/glog,https://github.com/golang/glog/blob/v1.2.4/LICENSE,Apache-2.0
3535
github.com/golang/groupcache/lru,https://github.com/golang/groupcache/blob/41bb18bfe9da/LICENSE,Apache-2.0
36-
github.com/golang/protobuf,https://github.com/golang/protobuf/blob/v1.5.3/LICENSE,BSD-3-Clause
37-
github.com/google/cel-go,https://github.com/google/cel-go/blob/v0.12.6/LICENSE,Apache-2.0
36+
github.com/golang/protobuf,https://github.com/golang/protobuf/blob/v1.5.4/LICENSE,BSD-3-Clause
37+
github.com/google/cel-go,https://github.com/google/cel-go/blob/v0.12.7/LICENSE,Apache-2.0
3838
github.com/google/gnostic,https://github.com/google/gnostic/blob/v0.6.9/LICENSE,Apache-2.0
3939
github.com/google/go-cmp/cmp,https://github.com/google/go-cmp/blob/v0.6.0/LICENSE,BSD-3-Clause
4040
github.com/google/go-containerregistry/pkg/name,https://github.com/google/go-containerregistry/blob/v0.16.1/LICENSE,Apache-2.0
4141
github.com/google/gofuzz,https://github.com/google/gofuzz/blob/v1.2.0/LICENSE,Apache-2.0
4242
github.com/google/uuid,https://github.com/google/uuid/blob/v1.5.0/LICENSE,BSD-3-Clause
4343
github.com/gorilla/websocket,https://github.com/gorilla/websocket/blob/v1.5.0/LICENSE,BSD-2-Clause
4444
github.com/grpc-ecosystem/grpc-gateway,https://github.com/grpc-ecosystem/grpc-gateway/blob/v1.16.0/LICENSE.txt,BSD-3-Clause
45-
github.com/grpc-ecosystem/grpc-gateway/v2,https://github.com/grpc-ecosystem/grpc-gateway/blob/v2.11.3/LICENSE.txt,BSD-3-Clause
45+
github.com/grpc-ecosystem/grpc-gateway/v2,https://github.com/grpc-ecosystem/grpc-gateway/blob/v2.16.0/LICENSE.txt,BSD-3-Clause
4646
github.com/hashicorp/errwrap,https://github.com/hashicorp/errwrap/blob/v1.1.0/LICENSE,MPL-2.0
4747
github.com/hashicorp/go-multierror,https://github.com/hashicorp/go-multierror/blob/v1.1.1/LICENSE,MPL-2.0
4848
github.com/hashicorp/go-uuid,https://github.com/hashicorp/go-uuid/blob/v1.0.3/LICENSE,MPL-2.0
@@ -89,45 +89,44 @@ github.com/sirupsen/logrus,https://github.com/sirupsen/logrus/blob/v1.9.3/LICENS
8989
github.com/spf13/cast,https://github.com/spf13/cast/blob/v1.5.0/LICENSE,MIT
9090
github.com/spf13/pflag,https://github.com/spf13/pflag/blob/v1.0.5/LICENSE,BSD-3-Clause
9191
github.com/stoewer/go-strcase,https://github.com/stoewer/go-strcase/blob/v1.2.0/LICENSE,MIT
92-
github.com/tektoncd/pipeline/pkg,https://github.com/tektoncd/pipeline/blob/v0.53.2/LICENSE,Apache-2.0
92+
github.com/tektoncd/pipeline/pkg,https://github.com/tektoncd/pipeline/blob/v0.53.6/LICENSE,Apache-2.0
9393
github.com/valyala/bytebufferpool,https://github.com/valyala/bytebufferpool/blob/v1.0.0/LICENSE,MIT
9494
github.com/valyala/fasttemplate,https://github.com/valyala/fasttemplate/blob/v1.2.2/LICENSE,MIT
9595
go.mongodb.org/mongo-driver,https://github.com/mongodb/mongo-go-driver/blob/v1.7.5/LICENSE,Apache-2.0
9696
go.opencensus.io,https://github.com/census-instrumentation/opencensus-go/blob/v0.24.0/LICENSE,Apache-2.0
9797
go.uber.org/atomic,https://github.com/uber-go/atomic/blob/v1.10.0/LICENSE.txt,MIT
9898
go.uber.org/multierr,https://github.com/uber-go/multierr/blob/v1.10.0/LICENSE.txt,MIT
9999
go.uber.org/zap,https://github.com/uber-go/zap/blob/v1.26.0/LICENSE.txt,MIT
100-
golang.org/x/crypto,https://cs.opensource.google/go/x/crypto/+/v0.22.0:LICENSE,BSD-3-Clause
100+
golang.org/x/crypto,https://cs.opensource.google/go/x/crypto/+/v0.31.0:LICENSE,BSD-3-Clause
101101
golang.org/x/exp/maps,https://cs.opensource.google/go/x/exp/+/92128663:LICENSE,BSD-3-Clause
102-
golang.org/x/net,https://cs.opensource.google/go/x/net/+/v0.21.0:LICENSE,BSD-3-Clause
102+
golang.org/x/net,https://cs.opensource.google/go/x/net/+/v0.33.0:LICENSE,BSD-3-Clause
103103
golang.org/x/oauth2,https://cs.opensource.google/go/x/oauth2/+/v0.16.0:LICENSE,BSD-3-Clause
104-
golang.org/x/sync/semaphore,https://cs.opensource.google/go/x/sync/+/v0.6.0:LICENSE,BSD-3-Clause
105-
golang.org/x/sys/unix,https://cs.opensource.google/go/x/sys/+/v0.19.0:LICENSE,BSD-3-Clause
106-
golang.org/x/term,https://cs.opensource.google/go/x/term/+/v0.19.0:LICENSE,BSD-3-Clause
107-
golang.org/x/text,https://cs.opensource.google/go/x/text/+/v0.14.0:LICENSE,BSD-3-Clause
104+
golang.org/x/sync/semaphore,https://cs.opensource.google/go/x/sync/+/v0.10.0:LICENSE,BSD-3-Clause
105+
golang.org/x/sys/unix,https://cs.opensource.google/go/x/sys/+/v0.28.0:LICENSE,BSD-3-Clause
106+
golang.org/x/term,https://cs.opensource.google/go/x/term/+/v0.27.0:LICENSE,BSD-3-Clause
107+
golang.org/x/text,https://cs.opensource.google/go/x/text/+/v0.21.0:LICENSE,BSD-3-Clause
108108
golang.org/x/time/rate,https://cs.opensource.google/go/x/time/+/v0.5.0:LICENSE,BSD-3-Clause
109109
gomodules.xyz/jsonpatch/v2,https://github.com/gomodules/jsonpatch/blob/v2.4.0/v2/LICENSE,Apache-2.0
110110
google.golang.org/api/support/bundler,https://github.com/googleapis/google-api-go-client/blob/v0.156.0/LICENSE,BSD-3-Clause
111111
google.golang.org/genproto/googleapis/api,https://github.com/googleapis/go-genproto/blob/995d672761c0/googleapis/api/LICENSE,Apache-2.0
112112
google.golang.org/genproto/googleapis/rpc/status,https://github.com/googleapis/go-genproto/blob/50ed04b92917/googleapis/rpc/LICENSE,Apache-2.0
113113
google.golang.org/genproto/protobuf/field_mask,https://github.com/googleapis/go-genproto/blob/995d672761c0/LICENSE,Apache-2.0
114114
google.golang.org/grpc,https://github.com/grpc/grpc-go/blob/v1.60.1/LICENSE,Apache-2.0
115-
google.golang.org/protobuf,https://github.com/protocolbuffers/protobuf-go/blob/v1.32.0/LICENSE,BSD-3-Clause
115+
google.golang.org/protobuf,https://github.com/protocolbuffers/protobuf-go/blob/v1.33.0/LICENSE,BSD-3-Clause
116116
gopkg.in/inf.v0,https://github.com/go-inf/inf/blob/v0.9.1/LICENSE,BSD-3-Clause
117117
gopkg.in/yaml.v2,https://github.com/go-yaml/yaml/blob/v2.4.0/LICENSE,Apache-2.0
118118
gopkg.in/yaml.v3,https://github.com/go-yaml/yaml/blob/v3.0.1/LICENSE,MIT
119119
k8s.io/api,https://github.com/kubernetes/api/blob/v0.25.9/LICENSE,Apache-2.0
120-
k8s.io/apimachinery/pkg,https://github.com/kubernetes/apimachinery/blob/v0.26.5/LICENSE,Apache-2.0
121-
k8s.io/apimachinery/third_party/forked/golang,https://github.com/kubernetes/apimachinery/blob/v0.26.5/third_party/forked/golang/LICENSE,BSD-3-Clause
120+
k8s.io/apimachinery/pkg,https://github.com/kubernetes/apimachinery/blob/v0.26.15/LICENSE,Apache-2.0
121+
k8s.io/apimachinery/third_party/forked/golang,https://github.com/kubernetes/apimachinery/blob/v0.26.15/third_party/forked/golang/LICENSE,BSD-3-Clause
122122
k8s.io/client-go,https://github.com/kubernetes/client-go/blob/v0.25.9/LICENSE,Apache-2.0
123123
k8s.io/klog/v2,https://github.com/kubernetes/klog/blob/v2.100.1/LICENSE,Apache-2.0
124124
k8s.io/kube-openapi/pkg,https://github.com/kubernetes/kube-openapi/blob/54b630e78af5/LICENSE,Apache-2.0
125125
k8s.io/kube-openapi/pkg/internal/third_party/go-json-experiment/json,https://github.com/kubernetes/kube-openapi/blob/54b630e78af5/pkg/internal/third_party/go-json-experiment/json/LICENSE,BSD-3-Clause
126126
k8s.io/kube-openapi/pkg/validation/spec,https://github.com/kubernetes/kube-openapi/blob/54b630e78af5/pkg/validation/spec/LICENSE,Apache-2.0
127-
k8s.io/kubernetes/pkg/apis/core,https://github.com/kubernetes/kubernetes/blob/v1.11.1/LICENSE,Apache-2.0
128127
k8s.io/utils,https://github.com/kubernetes/utils/blob/9f6742963106/LICENSE,Apache-2.0
129128
k8s.io/utils/internal/third_party/forked/golang/net,https://github.com/kubernetes/utils/blob/9f6742963106/internal/third_party/forked/golang/LICENSE,BSD-3-Clause
130-
knative.dev/pkg,https://github.com/knative/pkg/blob/df28feae6d34/LICENSE,Apache-2.0
129+
knative.dev/pkg,https://github.com/knative/pkg/blob/56bfe0dd9626/LICENSE,Apache-2.0
131130
sigs.k8s.io/json,https://github.com/kubernetes-sigs/json/blob/bc3834ca7abd/LICENSE,Apache-2.0
132131
sigs.k8s.io/structured-merge-diff/v4,https://github.com/kubernetes-sigs/structured-merge-diff/blob/v4.2.3/LICENSE,Apache-2.0
133132
sigs.k8s.io/yaml,https://github.com/kubernetes-sigs/yaml/blob/v1.3.0/LICENSE,MIT

0 commit comments

Comments
 (0)