summaryrefslogtreecommitdiff
path: root/vendor/modules.txt
diff options
context:
space:
mode:
authorLokesh Mandvekar <lsm5@fedoraproject.org>2022-04-12 09:29:36 -0400
committerLokesh Mandvekar <lsm5@fedoraproject.org>2022-04-12 10:24:32 -0400
commit5e680d54e9e8b849b90047d2d87bc7664edaaa1d (patch)
tree4f9b314d7211bd04d030f6aa6563ddd8628a60b8 /vendor/modules.txt
parent9822c46981226c3296b5ad7833d8937cfc3ece49 (diff)
downloadpodman-5e680d54e9e8b849b90047d2d87bc7664edaaa1d.tar.gz
podman-5e680d54e9e8b849b90047d2d87bc7664edaaa1d.tar.bz2
podman-5e680d54e9e8b849b90047d2d87bc7664edaaa1d.zip
Bump golang.org/x/crypto to 7b82a4e
Resolves: GHSA-8c26-wmh5-6g9v - CVE-2022-27191 Podman doesn't seem to be directly affected as the logic in question is not called. golang.org/x/crypto@1baeb1ce contains the actual CVE fix. Using the latest upstream commit to also include support for SHA-2. Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Diffstat (limited to 'vendor/modules.txt')
-rw-r--r--vendor/modules.txt3
1 files changed, 1 insertions, 2 deletions
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 541e78b78..9bb30b5b3 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -699,7 +699,7 @@ go.opencensus.io/internal
go.opencensus.io/trace
go.opencensus.io/trace/internal
go.opencensus.io/trace/tracestate
-# golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce
+# golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4
## explicit
golang.org/x/crypto/blowfish
golang.org/x/crypto/cast5
@@ -707,7 +707,6 @@ golang.org/x/crypto/chacha20
golang.org/x/crypto/curve25519
golang.org/x/crypto/curve25519/internal/field
golang.org/x/crypto/ed25519
-golang.org/x/crypto/ed25519/internal/edwards25519
golang.org/x/crypto/internal/poly1305
golang.org/x/crypto/internal/subtle
golang.org/x/crypto/openpgp
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-10-12 04:26:17 +0000