You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by ki...@apache.org on 2022/07/19 17:21:07 UTC
[trafficserver-ingress-controller] branch master updated: Security fixes (#135)
This is an automated email from the ASF dual-hosted git repository.
kichan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver-ingress-controller.git
The following commit(s) were added to refs/heads/master by this push:
new 65d869f Security fixes (#135)
65d869f is described below
commit 65d869fe120a52ef625f1dfc0c484d43230f69bb
Author: Kit Chan <ki...@apache.org>
AuthorDate: Tue Jul 19 10:21:02 2022 -0700
Security fixes (#135)
* Security fixes
* run go mod tidy
---
Dockerfile | 11 +++++++----
go.mod | 2 +-
go.sum | 4 ++--
3 files changed, 10 insertions(+), 7 deletions(-)
diff --git a/Dockerfile b/Dockerfile
index d67e37c..15ec4b8 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -18,11 +18,12 @@
FROM alpine:3.14.6 as builder
RUN apk add --no-cache --virtual .tools \
- bzip2 curl git automake libtool autoconf make sed file perl openrc openssl
+ bzip2 curl git automake libtool autoconf make sed file perl openrc openssl=1.1.1q-r0 \
+ libssl1.1=1.1.1q-r0 libcrypto1.1=1.1.1q-r0
# ATS dependencies
RUN apk add --no-cache --virtual .ats-build-deps \
- build-base openssl-dev tcl-dev pcre-dev zlib-dev \
+ build-base openssl-dev=1.1.1q-r0 tcl-dev pcre-dev zlib-dev \
libexecinfo-dev linux-headers libunwind-dev \
brotli-dev jansson-dev luajit-dev readline-dev geoip-dev
@@ -67,7 +68,7 @@ RUN wget https://github.com/nrk/redis-lua/archive/v2.0.4.tar.gz \
# ingress-ats
RUN apk add --no-cache --virtual .ingress-build-deps \
- bash gcc musl-dev openssl go
+ bash gcc musl-dev openssl=1.1.1q-r0 libssl1.1=1.1.1q-r0 libcrypto1.1=1.1.1q-r0 go
# Installing Golang https://github.com/CentOS/CentOS-Dockerfiles/blob/master/golang/centos7/Dockerfile
COPY GO_VERSION /
@@ -127,7 +128,9 @@ RUN apk add --no-cache -U \
curl ca-certificates \
pcre \
zlib \
- openssl \
+ openssl=1.1.1q-r0 \
+ libssl1.1=1.1.1q-r0 \
+ libcrypto1.1=1.1.1q-r0 \
brotli \
jansson \
luajit \
diff --git a/go.mod b/go.mod
index 5e03a71..beab8ef 100644
--- a/go.mod
+++ b/go.mod
@@ -30,7 +30,7 @@ require (
github.com/yuin/gopher-lua v0.0.0-20191220021717-ab39c6098bdb // indirect
golang.org/x/net v0.0.0-20211209124913-491a49abca63 // indirect
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d // indirect
- golang.org/x/sys v0.0.0-20211019181941-9d821ace8654 // indirect
+ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect
golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d // indirect
golang.org/x/text v0.3.7 // indirect
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
diff --git a/go.sum b/go.sum
index b27da5b..284bcac 100644
--- a/go.sum
+++ b/go.sum
@@ -290,8 +290,8 @@ golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20211019181941-9d821ace8654 h1:id054HUawV2/6IGm2IV8KZQjqtwAOo2CYlOToYqa0d0=
-golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 h1:0A+M6Uqn+Eje4kHMK80dtF3JCXC4ykBgQG4Fe06QRhQ=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d h1:SZxvLBoTP5yHO3Frd4z4vrF+DBX9vMVanchswa69toE=