Skip to content

Commit a51bca9

Browse files
andyzhangxandyzhangx
authoredMar 18, 2025
Merge pull request #1887 from andyzhangx/CVE-2025-22870
[release-1.24] fix: CVE-2025-22870
2 parents 4bdb2e5 + 4d23b3e commit a51bca9

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

69 files changed

+1293
-1037
lines changed
 

‎deploy/example/nginx-pod-blob.yaml

+5-1
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,10 @@ apiVersion: v1
44
metadata:
55
name: nginx-blob
66
spec:
7+
securityContext: # optional just to make sure user is non-root
8+
runAsUser: 0
9+
runAsGroup: 0
10+
fsGroup: 0
711
nodeSelector:
812
"kubernetes.io/os": linux
913
containers:
@@ -20,4 +24,4 @@ spec:
2024
volumes:
2125
- name: blob01
2226
persistentVolumeClaim:
23-
claimName: pvc-blob
27+
claimName: persistent-storage-statefulset-blob-nonroot-nfs-0

‎go.mod

+6-6
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ require (
2323
github.com/satori/go.uuid v1.2.0
2424
github.com/stretchr/testify v1.9.0
2525
go.uber.org/mock v0.4.0
26-
golang.org/x/net v0.33.0
26+
golang.org/x/net v0.37.0
2727
google.golang.org/grpc v1.65.0
2828
google.golang.org/protobuf v1.34.2
2929
k8s.io/api v0.30.3
@@ -123,13 +123,13 @@ require (
123123
go.opentelemetry.io/proto/otlp v1.3.1 // indirect
124124
go.uber.org/multierr v1.11.0 // indirect
125125
go.uber.org/zap v1.26.0 // indirect
126-
golang.org/x/crypto v0.31.0 // indirect
126+
golang.org/x/crypto v0.36.0 // indirect
127127
golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
128128
golang.org/x/oauth2 v0.20.0 // indirect
129-
golang.org/x/sync v0.10.0
130-
golang.org/x/sys v0.28.0 // indirect
131-
golang.org/x/term v0.27.0 // indirect
132-
golang.org/x/text v0.21.0 // indirect
129+
golang.org/x/sync v0.12.0
130+
golang.org/x/sys v0.31.0 // indirect
131+
golang.org/x/term v0.30.0 // indirect
132+
golang.org/x/text v0.23.0 // indirect
133133
golang.org/x/time v0.5.0 // indirect
134134
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
135135
google.golang.org/genproto v0.0.0-20231030173426-d783a09b4405 // indirect

0 commit comments

Comments
 (0)