Sebastiaan van Stijn 450f6b9955 vendor: golang.org/x/crypto v0.31.0 ...

update to the latest version of this dependency, which has a fix for a
authorization bypass in the ssh package. We don't use this functionality,
so there's no need to backport this change (other than de-noising false positives).

This is CVE-2024-45337 and Go issue https://go.dev/issue/70779.

full diff: https://github.com/golang/crypto/compare/v0.29.0...v0.31.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

2024-12-16 22:59:33 +01:00

..

dario.cat/mergo

vendor: dario.cat/mergo v1.0.1

2024-09-12 18:18:47 +02:00

github.com

vendor: github.com/docker/docker b249c5ebd214 (master, v28.0.0-dev)

2024-12-09 21:56:05 +01:00

go.etcd.io/etcd/raft/v3

vendor: github.com/docker/swarmkit 616e8db4c3b0

2022-03-16 15:39:52 +01:00

go.opentelemetry.io

vendor: go.opentelemetry.io/contrib/instrumentation/xxx v0.53.0

2024-11-01 14:10:09 +01:00

golang.org/x

vendor: golang.org/x/sys v0.28.0

2024-12-16 22:56:51 +01:00

google.golang.org

vendor: google.golang.org/protobuf v1.35.2

2024-12-06 22:45:30 +01:00

gopkg.in/yaml.v2

vendor dependencies with go1.17

2022-03-26 19:48:14 +01:00

gotest.tools/v3

vendor: gotest.tools/v3 v3.5.1

2023-10-20 17:39:10 +02:00

tags.cncf.io/container-device-interface

Update container-device-interface to v0.6.2

2023-11-04 01:18:41 +01:00

modules.txt

vendor: golang.org/x/crypto v0.31.0

2024-12-16 22:59:33 +01:00