kubernetes
/
kube-controller-manager
mirror of https://github.com/kubernetes/kube-controller-manager.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
kube-controller-manager component configs
302 Commits 24 Branches 1,328 Tags 3.9 MiB
Go 100%
Go to file
Robert Van Voorhees 1f9c16310a [security] Vulnerability in golang.org/x/text/encoding/unicode v0.3.2 
Hello gophers,

Version v0.3.3 of golang.org/x/text fixes a vulnerability in the golang.org/x/text/encoding/unicode package which could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory.

An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.

transform.String has also been hardened not to enter an infinite loop if a Transformer keeps returning ErrShortSrc even if atEOF is true.

This issue was first filed as Issue 39491 by GitHub user abacabadabacaba and reported to the security team by Anton Gyllenberg. It is tracked as CVE-2020-14040.

Cheers,

Katie for the Go team

Kubernetes-commit: 3cef97e8b5f67b4a350ee7a51e68604732e46f58
 		2020-06-17 07:57:05 -04:00
.github delete all duplicate empty blanks 2019-02-22 09:43:51 +08:00
Godeps Merge pull request #92069 from tapih/update-json-patch 2020-06-17 05:30:18 +00:00
config Implement simple endpoint slice batching 2020-03-02 21:00:06 +01:00
CONTRIBUTING.md Update deprecated links 2019-02-04 13:28:31 -05:00
LICENSE [kube-controller-manager] create package to hold kube-controller-manager component api 2018-09-04 19:02:08 +08:00
OWNERS Updated OWNERS files to include link to docs 2019-01-30 20:05:00 +01:00
README.md [kube-controller-manager] create package to hold kube-controller-manager component api 2018-09-04 19:02:08 +08:00
SECURITY_CONTACTS Update SECURITY_CONTACTS with current PSC 2019-05-29 15:22:35 +05:30
code-of-conduct.md [kube-controller-manager] create package to hold kube-controller-manager component api 2018-09-04 19:02:08 +08:00
go.mod [security] Vulnerability in golang.org/x/text/encoding/unicode v0.3.2 2020-06-17 07:57:05 -04:00
go.sum [security] Vulnerability in golang.org/x/text/encoding/unicode v0.3.2 2020-06-17 07:57:05 -04:00

README.md

Kube-controller-manager

Purpose

This library contains code to expose kube-controller-manager API.

Compatibility

There are NO compatibility guarantees for this repository, yet. It is in direct support of Kubernetes, so branches will track Kubernetes and be compatible with that repo. As we more cleanly separate the layers, we will review the compatibility guarantee. We have a goal to make this easier to use in the future.

Where does it come from?

kube-controller-manager is synced from https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/kube-controller-manager. Code changes are made in that location, merged into k8s.io/kubernetes and later synced here.

Things you should NOT do

  1. Directly modify any files under pkg in this repo. Those are driven from k8s.io/kubernetes/staging/src/k8s.io/kube-controller-manager.
  2. Expect compatibility. This repo is changing quickly in direct support of Kubernetes and the kube-controller-manager API.