Trang chủ Khám phá Trợ giúp
Đăng nhập
akillibulut
/
cost-model
mirror of https://github.com/kubecost/cost-model
2
0
Fork 0
Các tập tin Các vấn đề 0 Wiki
Browse Source

CVE-2025-30204 Update golang jwt v4 and v5 (#3320)

Signed-off-by: Leonardo Rodrigues de Mello <lrodriguesdemello@zendesk.com>
Leonardo Rodrigues de Mello 8 tháng trước cách đây
mục cha
8b8e905f5b
commit
e0590172f2
6 tập tin đã thay đổi với 12 bổ sung8 xóa
Split View Hiển thị tình trạng sai khác
  1. 1 1
      core/go.mod
  2. 2 0
      core/go.sum
  3. 2 2
      go.mod
  4. 4 4
      go.sum
  5. 1 1
      modules/collector-source/go.mod
  6. 2 0
      modules/collector-source/go.sum

+ 1 - 1
core/go.mod
Xem Tập Tin 

@@ -81,7 +81,7 @@ require (
 
 	github.com/go-openapi/jsonreference v0.20.2 // indirect
 
 	github.com/go-openapi/swag v0.23.0 // indirect
 
 	github.com/gogo/protobuf v1.3.2 // indirect
 
-	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
 
+	github.com/golang-jwt/jwt/v5 v5.3.0 // indirect
 
 	github.com/golang/protobuf v1.5.4 // indirect
 
 	github.com/google/gnostic-models v0.6.9 // indirect
 
 	github.com/google/s2a-go v0.1.9 // indirect

+ 2 - 0
core/go.sum
Xem Tập Tin 

@@ -203,6 +203,8 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
 
 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
 
 github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
 
 github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 
+github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
 
+github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
 
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 
 github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 
 github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=

+ 2 - 2
go.mod
Xem Tập Tin 

@@ -140,8 +140,8 @@ require (
 
 	github.com/goccy/go-json v0.10.5 // indirect
 
 	github.com/gofrs/uuid v4.2.0+incompatible // indirect
 
 	github.com/gogo/protobuf v1.3.2 // indirect
 
-	github.com/golang-jwt/jwt/v4 v4.5.1 // indirect
 
-	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
 
+	github.com/golang-jwt/jwt/v4 v4.5.2 // indirect
 
+	github.com/golang-jwt/jwt/v5 v5.3.0 // indirect
 
 	github.com/golang/protobuf v1.5.4 // indirect
 
 	github.com/google/flatbuffers v23.5.26+incompatible // indirect
 
 	github.com/google/gnostic-models v0.6.9 // indirect

+ 4 - 4
go.sum
Xem Tập Tin 

@@ -272,10 +272,10 @@ github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69
 
 github.com/goji/httpauth v0.0.0-20160601135302-2da839ab0f4d/go.mod h1:nnjvkQ9ptGaCkuDUx6wNykzzlUixGxvkme+H/lnzb+A=
 
 github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
 
 github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
 
-github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
 
-github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 
-github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
 
-github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 
+github.com/golang-jwt/jwt/v4 v4.5.2 h1:YtQM7lnr8iZ+j5q71MGKkNw9Mn7AjHM68uc9g5fXeUI=
 
+github.com/golang-jwt/jwt/v4 v4.5.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 
+github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
 
+github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
 
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 
 github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 
 github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=

+ 1 - 1
modules/collector-source/go.mod
Xem Tập Tin 

@@ -58,7 +58,7 @@ require (
 
 	github.com/go-logr/stdr v1.2.2 // indirect
 
 	github.com/goccy/go-json v0.10.5 // indirect
 
 	github.com/gogo/protobuf v1.3.2 // indirect
 
-	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
 
+	github.com/golang-jwt/jwt/v5 v5.3.0 // indirect
 
 	github.com/google/s2a-go v0.1.9 // indirect
 
 	github.com/google/uuid v1.6.0 // indirect
 
 	github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect

+ 2 - 0
modules/collector-source/go.sum
Xem Tập Tin 

@@ -193,6 +193,8 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
 
 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
 
 github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
 
 github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
 
+github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
 
+github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
 
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 
 github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
 
 github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=