github-actions[bot]
commented
6 days ago :mag: Vulnerabilities of ghcr.io/uniget-org/tools/k3d:5.7.0
:package: Image Reference ghcr.io/uniget-org/tools/k3d:5.7.0
| digest | sha256:7f2ab089d7d9d31a38da1ea79d24534979ce3d2239036b92e46ca1d4f9c5f9d4 |
| vulnerabilities |      |
| platform | linux/amd64 |
| size | 9.0 MB |
| packages | 110 |
pkg:golang/stdlib@1.22.4
DescriptionThe net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. |
stdlib
This PR contains the following updates:
5.6.3->5.7.0Release Notes
k3d-io/k3d (k3d-io/k3d)
### [`v5.7.0`](https://togithub.com/k3d-io/k3d/blob/HEAD/CHANGELOG.md#v570---04072024) [Compare Source](https://togithub.com/k3d-io/k3d/compare/v5.6.3...v5.7.0) ##### Added - feat: support config embedded and external files ([#1417](https://togithub.com/k3d-io/k3d/issues/1417)) - docs: add examples for config embedded and external files ([#1432](https://togithub.com/k3d-io/k3d/issues/1432)) - feat: compatibility with docker userns-remap ([#1442](https://togithub.com/k3d-io/k3d/issues/1442)) - docs: mention ipam when creating multiserver cluster ([#1451](https://togithub.com/k3d-io/k3d/issues/1451)) ##### Changed - docs: Update CUDA docs to use k3s suggested method ([#1430](https://togithub.com/k3d-io/k3d/issues/1430)) - chore: upgrade go + dependencies + address all golangci-lint issues + fix deprecations ([#1459](https://togithub.com/k3d-io/k3d/issues/1459)) - chore: upgrade docker dependency and adjust for deprecations ([#1460](https://togithub.com/k3d-io/k3d/issues/1460)) ##### Fixed - fix: close output file ([#1436](https://togithub.com/k3d-io/k3d/issues/1436)) - fix: Script exits fatally when resolv.conf is missing Docker nameserver ([#1441](https://togithub.com/k3d-io/k3d/issues/1441)) - test: fix translate.go test following userns merge ([#1444](https://togithub.com/k3d-io/k3d/issues/1444)) - fix: respect ~/.kube/config as a symlink ([#1455](https://togithub.com/k3d-io/k3d/issues/1455)) - fix: preserve coredns config during cluster restart ([#1453](https://togithub.com/k3d-io/k3d/issues/1453)) - **IMPORTANT** This makes use of the `coredns-custom` configmap, so please consider this in case you're using this configmap yourself! - fix: make drain ignore DaemonSets & bypass PodDisruptionBudgets ([#1414](https://togithub.com/k3d-io/k3d/issues/1414))Configuration
π Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.