Skip to content

Commit

Permalink
Disable HTTP/2 by updating knative/pkg
Browse files Browse the repository at this point in the history 
This disables HTTP/2 for webhook by updating to PR knative/pkg#2875
It fixes CVE-2023-44487.
  • Loading branch information
@khrm @tekton-robot
khrm authored and tekton-robot committed Nov 2, 2023
1 parent 7069889 commit c2b5f68
Show file tree
Hide file tree
Showing 4 changed files with 22 additions and 4 deletions.
2 changes: 1 addition & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ require (
k8s.io/code-generator v0.26.5
k8s.io/klog v1.0.0
k8s.io/kube-openapi v0.0.0-20230515203736-54b630e78af5
knative.dev/pkg v0.0.0-20231011193800-bd99f2f98be7
knative.dev/pkg v0.0.0-20231023150739-56bfe0dd9626
sigs.k8s.io/yaml v1.4.0
)

Expand Down
4 changes: 2 additions & 2 deletions go.sum
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

18 changes: 18 additions & 0 deletions vendor/knative.dev/pkg/webhook/webhook.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion vendor/modules.txt
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit c2b5f68

Please sign in to comment.