Skip to content

Commit 9343090

Browse files
infernus01anithapriyanatarajan
infernus01
authored and
anithapriyanatarajan
committed
fix: CVE-2025-66506 - upgrade cosign to 2.6.2
Signed-off-by: Shubham Bhardwaj <shubbhar@redhat.com>
1 parent 6c3448b commit 9343090

8,179 files changed

Lines changed: 1103584 additions & 420235 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

go.mod

Lines changed: 216 additions & 184 deletions
Large diffs are not rendered by default.

go.sum

Lines changed: 557 additions & 480 deletions
Large diffs are not rendered by default.

pkg/chains/signing/x509/x509.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -198,7 +198,7 @@ func cosignSigner(ctx context.Context, secretPath string, privateKey []byte) (*S
198198
if err != nil {
199199
return nil, errors.Wrap(err, "reading cosign.password file")
200200
}
201-
signer, err := cosign.LoadPrivateKey(privateKey, password)
201+
signer, err := cosign.LoadPrivateKey(privateKey, password, nil)
202202
if err != nil {
203203
return nil, err
204204
}

test/clients.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -236,7 +236,7 @@ func setupSecret(ctx context.Context, t *testing.T, c kubernetes.Interface, opts
236236
}
237237
s.StringData[p] = string(b)
238238
}
239-
cosignPriv, err := cosign.LoadPrivateKey([]byte(s.StringData["cosign.key"]), []byte(s.StringData["cosign.password"]))
239+
cosignPriv, err := cosign.LoadPrivateKey([]byte(s.StringData["cosign.key"]), []byte(s.StringData["cosign.password"]), nil)
240240
if err != nil {
241241
t.Fatal(err)
242242
}

vendor/cel.dev/expr/.bazelversion

Lines changed: 2 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/cel.dev/expr/.gitattributes

Lines changed: 2 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/cel.dev/expr/.gitignore

Lines changed: 2 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/cel.dev/expr/BUILD.bazel

Lines changed: 34 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/cel.dev/expr/CODE_OF_CONDUCT.md

Lines changed: 25 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/cel.dev/expr/CONTRIBUTING.md

Lines changed: 32 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)