Oliver Gould cb276032f5 Require go 1.12.9 for controller builds (#3297) ... Netflix recently announced a security advisory that identified several Denial of Service attack vectors that can affect server implementations of the HTTP/2 protocol, and has issued eight CVEs. [1] Go is affected by two of the vulnerabilities (CVE-2019-9512 and CVE-2019-9514) and so Linkerd components that serve HTTP/2 traffic are also affected. [2] These vulnerabilities allow untrusted clients to allocate an unlimited amount of memory, until the server crashes. The Kubernetes Product Security Committee has assigned this set of vulnerabilities with a CVSS score of 7.5. [3] [1] https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md [2] https://golang.org/doc/devel/release.html#go1.12 [3] https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H		2019-08-21 10:03:29 -07:00
..
api	Cleanup: fix some typos in code comment (#3296)	2019-08-21 09:40:43 -07:00
cmd	Remove gRPC tap server listener from controller (#3276)	2019-08-16 16:38:50 -04:00
gen	Remove tap from public API and associated test infrastructure (#3240)	2019-08-14 17:27:37 -04:00
heartbeat	Add container cpu and mem to heartbeat requests (#3238)	2019-08-14 12:04:08 -07:00
identity	Introduce the Identity controller implementation (#2521)	2019-03-19 13:58:45 -07:00
k8s	Introduce `linkerd --as` flag for impersonation (#3173)	2019-07-31 16:05:33 -07:00
proxy-injector	Add a flag to install-cni command to configure iptables wait flag (#3066)	2019-08-15 12:58:18 -07:00
script	Have `linkerd endpoints` use `Destination.Get` (#2990)	2019-07-03 09:11:03 -05:00
sp-validator	Install MWC and VWC During Installation (#2806)	2019-05-20 12:43:50 -07:00
tap	Remove gRPC tap server listener from controller (#3276)	2019-08-16 16:38:50 -04:00
webhook	Install MWC and VWC During Installation (#2806)	2019-05-20 12:43:50 -07:00
Dockerfile	Require go 1.12.9 for controller builds (#3297)	2019-08-21 10:03:29 -07:00