Merge pull request #1558 from kubernetes-sigs/CVE-2023-3676-1.27

[release-1.27] fix: CVE-2023-3676

go.mod

@@ -23,13 +23,13 @@ require (
 	golang.org/x/net v0.17.0
 	google.golang.org/grpc v1.59.0
 	google.golang.org/protobuf v1.31.0
-	k8s.io/api v0.27.3
-	k8s.io/apimachinery v0.27.3
-	k8s.io/client-go v0.27.3
-	k8s.io/cloud-provider v0.27.3
-	k8s.io/component-base v0.27.3
+	k8s.io/api v0.27.5
+	k8s.io/apimachinery v0.27.5
+	k8s.io/client-go v0.27.5
+	k8s.io/cloud-provider v0.27.5
+	k8s.io/component-base v0.27.5
 	k8s.io/klog/v2 v2.90.1
-	k8s.io/kubernetes v1.27.3
+	k8s.io/kubernetes v1.27.5
 	k8s.io/mount-utils v0.0.0
 	k8s.io/utils v0.0.0-20230209194617-a36077c30491
 	sigs.k8s.io/cloud-provider-azure v1.27.1-0.20230424182702-d9d67257096a
@@ -41,7 +41,7 @@ require (
 	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.2.0
 	github.com/jongio/azidext/go/azidext v0.4.0
 	github.com/onsi/ginkgo/v2 v2.9.2
-	k8s.io/pod-security-admission v0.27.3
+	k8s.io/pod-security-admission v0.27.5
 )
 
 require (
@@ -146,13 +146,13 @@ require (
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/apiextensions-apiserver v0.0.0 // indirect
-	k8s.io/apiserver v0.27.3 // indirect
-	k8s.io/component-helpers v0.27.3 // indirect
-	k8s.io/controller-manager v0.27.3 // indirect
-	k8s.io/kms v0.27.3 // indirect
+	k8s.io/apiserver v0.27.5 // indirect
+	k8s.io/component-helpers v0.27.5 // indirect
+	k8s.io/controller-manager v0.27.5 // indirect
+	k8s.io/kms v0.27.5 // indirect
 	k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f // indirect
 	k8s.io/kubectl v0.0.0 // indirect
-	k8s.io/kubelet v0.27.3 // indirect
+	k8s.io/kubelet v0.27.5 // indirect
 	sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.2 // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
@@ -162,32 +162,32 @@ replace (
 	github.com/container-storage-interface/spec => github.com/container-storage-interface/spec v1.5.0
 	github.com/niemeyer/pretty => github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e
 	go.etcd.io/etcd => go.etcd.io/etcd v0.0.0-20200410171415-59f5fb25a533
-	k8s.io/api => k8s.io/api v0.27.3
-	k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.27.3
-	k8s.io/apimachinery => k8s.io/apimachinery v0.27.3
-	k8s.io/apiserver => k8s.io/apiserver v0.27.3
-	k8s.io/cli-runtime => k8s.io/cli-runtime v0.27.3
-	k8s.io/client-go => k8s.io/client-go v0.27.3
-	k8s.io/cloud-provider => k8s.io/cloud-provider v0.27.3
-	k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.27.3
-	k8s.io/code-generator => k8s.io/code-generator v0.27.3
-	k8s.io/component-base => k8s.io/component-base v0.27.3
-	k8s.io/component-helpers => k8s.io/component-helpers v0.27.3
-	k8s.io/controller-manager => k8s.io/controller-manager v0.27.3
-	k8s.io/cri-api => k8s.io/cri-api v0.27.3
-	k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.27.3
-	k8s.io/dynamic-resource-allocation => k8s.io/dynamic-resource-allocation v0.27.3
-	k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.27.3
-	k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.27.3
-	k8s.io/kube-proxy => k8s.io/kube-proxy v0.27.3
-	k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.27.3
-	k8s.io/kubectl => k8s.io/kubectl v0.27.3
-	k8s.io/kubelet => k8s.io/kubelet v0.27.3
-	k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.27.3
-	k8s.io/metrics => k8s.io/metrics v0.27.3
+	k8s.io/api => k8s.io/api v0.27.5
+	k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.27.5
+	k8s.io/apimachinery => k8s.io/apimachinery v0.27.5
+	k8s.io/apiserver => k8s.io/apiserver v0.27.5
+	k8s.io/cli-runtime => k8s.io/cli-runtime v0.27.5
+	k8s.io/client-go => k8s.io/client-go v0.27.5
+	k8s.io/cloud-provider => k8s.io/cloud-provider v0.27.5
+	k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.27.5
+	k8s.io/code-generator => k8s.io/code-generator v0.27.5
+	k8s.io/component-base => k8s.io/component-base v0.27.5
+	k8s.io/component-helpers => k8s.io/component-helpers v0.27.5
+	k8s.io/controller-manager => k8s.io/controller-manager v0.27.5
+	k8s.io/cri-api => k8s.io/cri-api v0.27.5
+	k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.27.5
+	k8s.io/dynamic-resource-allocation => k8s.io/dynamic-resource-allocation v0.27.5
+	k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.27.5
+	k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.27.5
+	k8s.io/kube-proxy => k8s.io/kube-proxy v0.27.5
+	k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.27.5
+	k8s.io/kubectl => k8s.io/kubectl v0.27.5
+	k8s.io/kubelet => k8s.io/kubelet v0.27.5
+	k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.27.5
+	k8s.io/metrics => k8s.io/metrics v0.27.5
 	k8s.io/mount-utils => k8s.io/mount-utils v0.0.0-20230103133730-1df1a57439e2
-	k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.27.3
-	k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.27.3
-	k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.27.3
-	k8s.io/sample-controller => k8s.io/sample-controller v0.27.3
+	k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.27.5
+	k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.27.5
+	k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.27.5
+	k8s.io/sample-controller => k8s.io/sample-controller v0.27.5
 )

go.sum

@@ -451,8 +451,8 @@ github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0ua
 github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
-github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
-github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
+github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
+github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA=
 github.com/rubiojr/go-vhd v0.0.0-20200706105327-02e210299021 h1:if3/24+h9Sq6eDx8UUz1SO9cT9tizyIsATfB7b4D3tc=
 github.com/rubiojr/go-vhd v0.0.0-20200706105327-02e210299021/go.mod h1:DM5xW0nvfNNm2uytzsvhI3OnX8uzaRAg8UX/CnDqbto=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
@@ -966,26 +966,26 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
 honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-k8s.io/api v0.27.3 h1:yR6oQXXnUEBWEWcvPWS0jQL575KoAboQPfJAuKNrw5Y=
-k8s.io/api v0.27.3/go.mod h1:C4BNvZnQOF7JA/0Xed2S+aUyJSfTGkGFxLXz9MnpIpg=
-k8s.io/apiextensions-apiserver v0.27.3 h1:xAwC1iYabi+TDfpRhxh4Eapl14Hs2OftM2DN5MpgKX4=
-k8s.io/apiextensions-apiserver v0.27.3/go.mod h1:BH3wJ5NsB9XE1w+R6SSVpKmYNyIiyIz9xAmBl8Mb+84=
-k8s.io/apimachinery v0.27.3 h1:Ubye8oBufD04l9QnNtW05idcOe9Z3GQN8+7PqmuVcUM=
-k8s.io/apimachinery v0.27.3/go.mod h1:XNfZ6xklnMCOGGFNqXG7bUrQCoR04dh/E7FprV6pb+E=
-k8s.io/apiserver v0.27.3 h1:AxLvq9JYtveYWK+D/Dz/uoPCfz8JC9asR5z7+I/bbQ4=
-k8s.io/apiserver v0.27.3/go.mod h1:Y61+EaBMVWUBJtxD5//cZ48cHZbQD+yIyV/4iEBhhNA=
-k8s.io/client-go v0.27.3 h1:7dnEGHZEJld3lYwxvLl7WoehK6lAq7GvgjxpA3nv1E8=
-k8s.io/client-go v0.27.3/go.mod h1:2MBEKuTo6V1lbKy3z1euEGnhPfGZLKTS9tiJ2xodM48=
-k8s.io/cloud-provider v0.27.3 h1:YylqJpKCB3O2MRnNXshxSVOQTOZE4I0G+cnyOfLwkGA=
-k8s.io/cloud-provider v0.27.3/go.mod h1:+C4rgsL3O0pxXdjoxRDOjCzNTj4C6jYUmK2OyogK1Jw=
-k8s.io/code-generator v0.27.3/go.mod h1:DPung1sI5vBgn4AGKtlPRQAyagj/ir/4jI55ipZHVww=
-k8s.io/component-base v0.27.3 h1:g078YmdcdTfrCE4fFobt7qmVXwS8J/3cI1XxRi/2+6k=
-k8s.io/component-base v0.27.3/go.mod h1:JNiKYcGImpQ44iwSYs6dysxzR9SxIIgQalk4HaCNVUY=
-k8s.io/component-helpers v0.27.3 h1:oK7+AlwBKsSUIIRC5Vv8/4HEtmgzXNQD+zLbsOUwVso=
-k8s.io/component-helpers v0.27.3/go.mod h1:uxhXqoWHh4eBVcPj+LKWjtQq0V/vP5ihn4xmf5xNZso=
-k8s.io/controller-manager v0.27.3 h1:tw1zoCi8ylYXoyImThlPkmdo9wQDtyhAojrjWdfBv/E=
-k8s.io/controller-manager v0.27.3/go.mod h1:dH5WQMqZOTHZdY8sTQRv1RkZRibaaDx7sncvejUUICc=
-k8s.io/csi-translation-lib v0.27.3 h1:iqN8RL41xaZVIbss6hqoMImYnWp7+tkZhoUWyOwLz/4=
+k8s.io/api v0.27.5 h1:49hIzqJNSuOQpA53MMihgAS4YDcQitTy58B9PMFthLc=
+k8s.io/api v0.27.5/go.mod h1:zjBZB+c0KDU55Wxb9Bob9WZGxu9zdKHitzHxBtaIVoA=
+k8s.io/apiextensions-apiserver v0.27.5 h1:YiDDsH8irDOsFiGoezJAU7pqq4avoFcCIQ2/DghZgsY=
+k8s.io/apiextensions-apiserver v0.27.5/go.mod h1:ihpozWiLbNytEGiHQbgrEkkyTKWhIhchy0SHX+aY1eU=
+k8s.io/apimachinery v0.27.5 h1:6Q5HBXYJJPisd6yDVAprLe6FQsmw7a7Cu69dcrpQET8=
+k8s.io/apimachinery v0.27.5/go.mod h1:XNfZ6xklnMCOGGFNqXG7bUrQCoR04dh/E7FprV6pb+E=
+k8s.io/apiserver v0.27.5 h1:HUP50yjA+X8YiXzxaz6hpFc7cfsx17bAreOZKbpChLo=
+k8s.io/apiserver v0.27.5/go.mod h1:HYUembDZJMisyctQRJzQFxRKEGzL+IKeD2UdTcy4OIM=
+k8s.io/client-go v0.27.5 h1:sH/fkqzk35kuf0GPx+dZuN7fhEswBSAVCrWFq3E1km0=
+k8s.io/client-go v0.27.5/go.mod h1:u+IKnqPZSPw51snIMKiIAV8LQQ+hya5bvxpOOPTUXPI=
+k8s.io/cloud-provider v0.27.5 h1:J+1tBv/uBDbR/gPO+wjAHO6yRv7aDyxqA0LRwEsv0IE=
+k8s.io/cloud-provider v0.27.5/go.mod h1:UCClQnTeCqbDcXlK/5+QnHSI1uJfj5jvYpuEhVI7kDs=
+k8s.io/code-generator v0.27.5/go.mod h1:DPung1sI5vBgn4AGKtlPRQAyagj/ir/4jI55ipZHVww=
+k8s.io/component-base v0.27.5 h1:IXo80yOVx7qXG2g1loPpo2g1HUK3CnxNpq9LtGmXAmM=
+k8s.io/component-base v0.27.5/go.mod h1:AGJyFHmaxplY4C4lu18UrJBNHcxdv0o6jOL/+HcC0S0=
+k8s.io/component-helpers v0.27.5 h1:V966SPo7cVdxkKs0tfuHao7GNSM8H+krlg3rKGiKjeo=
+k8s.io/component-helpers v0.27.5/go.mod h1:DysJsLaHI3yPgDi1KF7dROTf7gm7BPQgxIbuXYd8sQk=
+k8s.io/controller-manager v0.27.5 h1:rYBwln2iEWQHgx+f6FhDzGg6wnmItgfSMnSPpNlNJJQ=
+k8s.io/controller-manager v0.27.5/go.mod h1:p3CTvzcMQeyI/Gb3AaP9Vjz2Pi7XV4ChOuHIKAMATQg=
+k8s.io/csi-translation-lib v0.27.5 h1:dJHNF3dBNqaw/8Cy22w0l3uwFvMGItTYCuERhRBUuAA=
 k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
 k8s.io/gengo v0.0.0-20220902162205-c0856e24416d/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
 k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
@@ -994,20 +994,20 @@ k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
 k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
 k8s.io/klog/v2 v2.90.1 h1:m4bYOKall2MmOiRaR1J+We67Do7vm9KiQVlT96lnHUw=
 k8s.io/klog/v2 v2.90.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
-k8s.io/kms v0.27.3 h1:O6mZqi647ZLmxxkEv5Q9jMlmcXOh42CBD+A3MxI6zaQ=
-k8s.io/kms v0.27.3/go.mod h1:VDfnSIK0dk5J+jasbe+kKpb3CQVwlcDeBLyq59P2KyY=
+k8s.io/kms v0.27.5 h1:PQzDfcjv6kpsCDrqB9ZjsNviB9xI8LlUwr9AitrPWmg=
+k8s.io/kms v0.27.5/go.mod h1:myBrteyByscWU+6yJUSwP7111C4afVaScZtpmG4lTyg=
 k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f h1:2kWPakN3i/k81b0gvD5C5FJ2kxm1WrQFanWchyKuqGg=
 k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f/go.mod h1:byini6yhqGC14c3ebc/QwanvYwhuMWF6yz2F8uwW8eg=
-k8s.io/kubectl v0.27.3 h1:HyC4o+8rCYheGDWrkcOQHGwDmyLKR5bxXFgpvF82BOw=
-k8s.io/kubectl v0.27.3/go.mod h1:g9OQNCC2zxT+LT3FS09ZYqnDhlvsKAfFq76oyarBcq4=
-k8s.io/kubelet v0.27.3 h1:5WhTV1iiBu9q/rr+gvy65LQ+K/e7dmgcaYjys5ipLqY=
-k8s.io/kubelet v0.27.3/go.mod h1:Mz42qgZZgWgPmOJEYaR5evmh+EoSwFzEvPBozA2y9mg=
-k8s.io/kubernetes v1.27.3 h1:gwufSj7y6X18Q2Gl8v4Ev+AJHdzWkG7A8VNFffS9vu0=
-k8s.io/kubernetes v1.27.3/go.mod h1:U8ZXeKBAPxeb4J4/HOaxjw1A9K6WfSH+fY2SS7CR6IM=
+k8s.io/kubectl v0.27.5 h1:ATIs0KAhKaExzLzm38j2uHTo6TeJ6qHJyajGktTXBCA=
+k8s.io/kubectl v0.27.5/go.mod h1:aT54VMjuGQqKqpgkxAL3+ZDCyYkGalSQToYWjyhMYq8=
+k8s.io/kubelet v0.27.5 h1:uysO9NozKUi5zAde+hMXfCU1dWNjL/UBhRGVZk8uUJQ=
+k8s.io/kubelet v0.27.5/go.mod h1:xwIXdhJReWW2GuFQpAlj1qbaxD1O7JpGueItvc47tXg=
+k8s.io/kubernetes v1.27.5 h1:qnkrNAPz2jm/k+oWBNOJ6q+kCQ7OXkO8v3WWU9jumwo=
+k8s.io/kubernetes v1.27.5/go.mod h1:MbYZxAacYS6HjZ6VJuvKaKTilbzp0B0atzW3J8TFBEo=
 k8s.io/mount-utils v0.0.0-20230103133730-1df1a57439e2 h1:kfACKquxtsEA7XXDy+iC92lg/1stK0UtzAhf7R2Y8Fc=
 k8s.io/mount-utils v0.0.0-20230103133730-1df1a57439e2/go.mod h1:au99w4FWU5ZWelLb3Yx6kJc8RZ387IyWVM9tN65Yhxo=
-k8s.io/pod-security-admission v0.27.3 h1:4iAjMK09XkCj2DMa1tqUoOQZD2gGnkhKApQGPAyq9gs=
-k8s.io/pod-security-admission v0.27.3/go.mod h1:IoCHgLURPt8wJyqsJ7H3+xvY23ps/c61/cTnq6pSOi0=
+k8s.io/pod-security-admission v0.27.5 h1:4C+mjr22T5mPVcXal1ZM67i/rhEwuquUF0h709pcLHs=
+k8s.io/pod-security-admission v0.27.5/go.mod h1:pGTkulc+Cm0k1xyayNjVoan6bJjVoZCGQgR17CnQLYQ=
 k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
 k8s.io/utils v0.0.0-20230209194617-a36077c30491 h1:r0BAOLElQnnFhE/ApUsg3iHdVYYPBjNSSOMowRZxxsY=
 k8s.io/utils v0.0.0-20230209194617-a36077c30491/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=