Closes #1152 by upgrading yaml.v2 to v2.3.0 #1153

seanprince · 2020-07-09T09:49:44Z

Upgrade to yaml.v2 v2.3.0 to fix vulnerability reported here - kubernetes/kubernetes#89535

CLAassistant · 2020-07-09T09:49:52Z

All committers have signed the CLA.

jpmcb · 2020-07-09T14:50:29Z

Hi @seanprince thanks so much for this PR and letting us know about this CVE - would you be able to sign the CLA so we can get this merged?

seanprince · 2020-07-10T11:35:23Z

Apologies - I have now signed the CLA. Anything else you need from me? Sean

On Thu, 9 Jul 2020 at 15:50, John McBride ***@***.***> wrote: Hi @seanprince <https://github.com/seanprince> thanks so much for this PR and letting us know about this CVE - would you be able to sign the CLA so we can get this merged? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#1153 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABZPC7DJ5TPCKPKH3C45HBDR2XKMJANCNFSM4OVNTKMQ> .

umarcor · 2020-07-11T12:05:31Z

Ref #1012 😕

Close spf13#1152 by upgrading yaml.v2 to v2.3.0

353e505

eparis merged commit 207dc47 into spf13:master Jul 10, 2020

umarcor mentioned this pull request Jul 11, 2020

update viper, pflag and yaml #1012

Merged

eddiezane mentioned this pull request Oct 15, 2020

Update cobra dependency to v1.1.1 kubernetes/kubernetes#95571

Merged

marckhouzam mentioned this pull request Oct 16, 2020

Don't use yaml.v2 2.3.0 which has a breaking change #1259

Merged

Provide feedback