Mirror/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2024-06-07 19:41:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,117 Commits 27 Branches 785 Tags 625 MiB
59c724f7a6
Commit Graph

3 Commits

Author SHA1 Message Date
Brad Davidson
239021e759 Consistently use constant-time comparison of password hashes 
As per https://github.com/golang/go/issues/47001 even subtle.ConstantTimeCompare should never be used with variable-length inputs, as it will return 0 if the lengths do not match. Switch to consistently using constant-time comparisons of hashes for password checks to avoid any possible side-channel leaks that could be combined with other vectors to discover password lengths.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-05-09 13:54:50 -07:00
Derek Nola
f2bde63eea
Kubernetes v1.27.1 (#7271) 
* Bump go version to 1.20.3 to match upstream
* Bump cri-dockerd
* Bump golanci-lint
* go generate
* Bump selinux in cgroup test
* Bump to v1.27.1 tags
* Release documentation improvements
* Only run upgrade e2e test on PR

Signed-off-by: Derek Nola <derek.nola@suse.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>
 2023-04-18 21:48:36 -07:00
Erik Wilson
acc42874d8
Add k8s.io/apiserver/plugins/pkg/authenticator from release-1.18 2020-08-28 17:18:34 -07:00