[
https://issues.apache.org/jira/browse/YUNIKORN-3161?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Peter Bacsko resolved YUNIKORN-3161.
------------------------------------
Fix Version/s: 1.8.0
Resolution: Fixed
> Update Go depenedencies for CVE fixes
> -------------------------------------
>
> Key: YUNIKORN-3161
> URL: https://issues.apache.org/jira/browse/YUNIKORN-3161
> Project: Apache YuniKorn
> Issue Type: Task
> Components: core - common, release, scheduler-interface, shim -
> kubernetes, webapp
> Reporter: Wilfred Spiegelenburg
> Assignee: Peter Bacsko
> Priority: Major
> Labels: pull-request-available
> Fix For: 1.8.0
>
>
> In preparation for the next release and branch we need to upgrade the
> dependencies to CVE free versions (x/crypto) and or the latest versions.
> available.
>
> Looking at dependencies like these in all repositories:
> * golang.org/x/crypto
> * golang.org/x/exp
> * golang.org/x/net
> * golang.org/x/oauth2
> * golang.org/x/sync
> * golang.org/x/sys
> * golang.org/x/term
> * golang.org/x/text
> * golang.org/x/time
> * golang.org/x/tools
> Need to consider this in combination with the update of the go-repro version
> via [YUNIKORN-3144|https://github.com/apache/yunikorn-k8shim/pull/991] to
> 1.25.x which could be 3, 4 or 5 depending one when exactly we change.
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
