diff options
| author | Lokesh Mandvekar <lsm5@fedoraproject.org> | 2022-05-31 13:01:50 -0400 |
|---|---|---|
| committer | Lokesh Mandvekar <lsm5@fedoraproject.org> | 2022-05-31 13:01:50 -0400 |
| commit | cef044d859edf255d146ce1a07b7bc735b045a1f (patch) | |
| tree | 7c3aa1c42f16e961cd57d664648e66e0ba9be683 /vendor/modules.txt | |
| parent | dc67e6a182a09c8b65ef139fb9f15ddfdecae70f (diff) | |
| download | podman-cef044d859edf255d146ce1a07b7bc735b045a1f.tar.gz podman-cef044d859edf255d146ce1a07b7bc735b045a1f.tar.bz2 podman-cef044d859edf255d146ce1a07b7bc735b045a1f.zip | |
Bump gopkg.in/yaml.v3 to v3.0.1
v3.0.1 resolves GHSA-hp87-p4gw-j4gq - CVE-2022-28948.
While podman doesn't appear to be vulnerable to the CVE as the concerned
code isn't being called, this update should silence a dependabot alert.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Diffstat (limited to 'vendor/modules.txt')
| -rw-r--r-- | vendor/modules.txt | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/vendor/modules.txt b/vendor/modules.txt index e28d91bde..9bd500ee8 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -864,7 +864,8 @@ gopkg.in/tomb.v1 # gopkg.in/yaml.v2 v2.4.0 ## explicit gopkg.in/yaml.v2 -# gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b +# gopkg.in/yaml.v3 v3.0.1 +## explicit gopkg.in/yaml.v3 # sigs.k8s.io/yaml v1.3.0 sigs.k8s.io/yaml |