Package: kubernetes | Debian Sources

Package: kubernetes / 1.20.5+really1.20.2-1.1+deb12u1

Metadata

Package	Version	Patches format
kubernetes	1.20.5+really1.20.2-1.1+deb12u1	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
0001 Hide long and multiline strings when printing.patch \| (download)	staging/src/k8s.io/cli-runtime/pkg/printers/tableprinter.go \| 25 24 + 1 - 0 ! staging/src/k8s.io/cli-runtime/pkg/printers/tableprinter_test.go \| 67 67 + 0 - 0 ! 2 files changed, 91 insertions(+), 1 deletion(-)	currently both long strings and multiline strings can potentially "break" printing. I'm adding extra formatting to ensure we cut strings either at newline or at 100 chars with information that more information is available.
0002 Restore ability to print long strings.patch \| (download)	staging/src/k8s.io/cli-runtime/pkg/printers/tableprinter.go \| 17 5 + 12 - 0 ! staging/src/k8s.io/cli-runtime/pkg/printers/tableprinter_test.go \| 6 3 + 3 - 0 ! 2 files changed, 8 insertions(+), 15 deletions(-)	remove arbitrary string length truncation in table printer This patch removes the 100-character limit (maxStringLength) that was previously applied to string values in kubectl table output. . Now strings are only truncated allowing full display of long strings without arbitrary length restrictions.
CVE 2021 25743.patch \| (download)	staging/src/k8s.io/cli-runtime/pkg/printers/tableprinter.go \| 13 7 + 6 - 0 ! staging/src/k8s.io/cli-runtime/pkg/printers/tableprinter_test.go \| 12 12 + 0 - 0 ! staging/src/k8s.io/cli-runtime/pkg/printers/terminal.go \| 39 39 + 0 - 0 ! staging/src/k8s.io/kubectl/pkg/cmd/get/customcolumn.go \| 2 1 + 1 - 0 ! staging/src/k8s.io/kubectl/pkg/cmd/get/customcolumn_test.go \| 16 16 + 0 - 0 ! staging/src/k8s.io/kubectl/pkg/describe/describe.go \| 7 5 + 2 - 0 ! staging/src/k8s.io/kubectl/pkg/describe/describe_test.go \| 19 19 + 0 - 0 ! 7 files changed, 99 insertions(+), 9 deletions(-)	escape terminal special characters in kubectl (#112553) * Escape terminal special characters in kubectl * Add escaping for kubectl alpha events Backported-by: Arthur Diniz <arthurbdiniz@gmail.com> This patch backports the upstream fix for CVE-2021-25743 from Kubernetes commit dad0e937c0f76344363eb691b2668490ffef8537 to kubectl version 1.20.2, authored by David Leadbeater <dgl@dgl.cx>, merged into upstream master. The vulnerability involved potential terminal escape sequence attacks in kubectl output, which could allow malicious input to execute unintended terminal behavior when rendered. References: * Security tracker: https://security-tracker.debian.org/tracker/CVE-2021-25743 * Upstream issue: https://github.com/kubernetes/kubernetes/issues/101695 * Upstream PR: https://github.com/kubernetes/kubernetes/pull/112553 * Commit: https://github.com/kubernetes/kubernetes/commit/dad0e937c0f76344363eb691b2668490ffef8537

Patch

File delta

Description

0001 Hide long and multiline strings when printing.patch | (download)

staging/src/k8s.io/cli-runtime/pkg/printers/tableprinter.go | 25 24 + 1 - 0 !
staging/src/k8s.io/cli-runtime/pkg/printers/tableprinter_test.go | 67 67 + 0 - 0 !
2 files changed, 91 insertions(+), 1 deletion(-)

currently both long strings and multiline strings can potentially
"break" printing. I'm adding extra formatting to ensure we cut strings either
at newline or at 100 chars with information that more information is available.

0002 Restore ability to print long strings.patch | (download)

staging/src/k8s.io/cli-runtime/pkg/printers/tableprinter.go | 17 5 + 12 - 0 !
staging/src/k8s.io/cli-runtime/pkg/printers/tableprinter_test.go | 6 3 + 3 - 0 !
2 files changed, 8 insertions(+), 15 deletions(-)

 remove arbitrary string length truncation in table printer
 This patch removes the 100-character limit (maxStringLength) that was
 previously applied to string values in kubectl table output.
 .
 Now strings are only truncated allowing full display of long strings without
 arbitrary length restrictions.

CVE 2021 25743.patch | (download)

staging/src/k8s.io/cli-runtime/pkg/printers/tableprinter.go | 13 7 + 6 - 0 !
staging/src/k8s.io/cli-runtime/pkg/printers/tableprinter_test.go | 12 12 + 0 - 0 !
staging/src/k8s.io/cli-runtime/pkg/printers/terminal.go | 39 39 + 0 - 0 !
staging/src/k8s.io/kubectl/pkg/cmd/get/customcolumn.go | 2 1 + 1 - 0 !
staging/src/k8s.io/kubectl/pkg/cmd/get/customcolumn_test.go | 16 16 + 0 - 0 !
staging/src/k8s.io/kubectl/pkg/describe/describe.go | 7 5 + 2 - 0 !
staging/src/k8s.io/kubectl/pkg/describe/describe_test.go | 19 19 + 0 - 0 !
7 files changed, 99 insertions(+), 9 deletions(-)

 escape terminal special characters in kubectl (#112553)

* Escape terminal special characters in kubectl

* Add escaping for kubectl alpha events

Backported-by: Arthur Diniz <arthurbdiniz@gmail.com>

This patch backports the upstream fix for CVE-2021-25743 from Kubernetes commit
dad0e937c0f76344363eb691b2668490ffef8537 to kubectl version 1.20.2, authored by
David Leadbeater <dgl@dgl.cx>, merged into upstream master.

The vulnerability involved potential terminal escape sequence attacks in
kubectl output, which could allow malicious input to execute unintended
terminal behavior when rendered.

References:
* Security tracker: https://security-tracker.debian.org/tracker/CVE-2021-25743
* Upstream issue: https://github.com/kubernetes/kubernetes/issues/101695
* Upstream PR: https://github.com/kubernetes/kubernetes/pull/112553
* Commit: https://github.com/kubernetes/kubernetes/commit/dad0e937c0f76344363eb691b2668490ffef8537