empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-06 17:05:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
52b298ff69
fleet/ee
History
Lucas Manuel Rodriguez 832b29f8c7
Update go-tuf to v0.5.0 (bis) (#8112) 
* Update go-tuf to v0.5.0

This was triggered by the security advisory
[GHSA-3633-5h82-39pq](https://github.com/theupdateframework/go-tuf/security/advisories/GHSA-3633-5h82-39pq).
Fleet's use of go-tuf is not vulnerable to this issue due to not using
key thresholds greater than 1.

There were some API changes that necessitate changing the initialization
code for the TUF client. See
https://github.com/theupdateframework/go-tuf/issues/379 for further
discussion.

* Add changes file

* Update default root metadata

* Add review changes to update-go-tuf branch

* Update tests

* Add more checks to roots output

Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2022-10-07 17:03:39 -03:00
..
fleetctl Update go-tuf to v0.5.0 (bis) (#8112) 2022-10-07 17:03:39 -03:00
server Keep created_at timestamp of existing enroll secrets (#8062) 2022-10-05 08:35:36 -04:00
tools/license Bump ansi-regex from 5.0.0 to 5.0.1 in /ee/tools/license (#4839) 2022-04-04 11:48:31 -07:00
LICENSE Introduce ee directory and license (#460) 2021-03-12 15:20:50 -08:00