Skip to content

Commit

Permalink
vendor: google.golang.org/grpc v1.56.3
Browse files Browse the repository at this point in the history 
server: prohibit more than MaxConcurrentStreams handlers from running at once
(CVE-2023-44487).

In addition to this change, applications should ensure they do not leave running
tasks behind related to the RPC before returning from method handlers, or should
enforce appropriate limits on any such work.

- grpc/grpc-go@v1.56.2...v1.56.3

Signed-off-by: Sebastiaan van Stijn <[email protected]>
  • Loading branch information
@thaJeztah
thaJeztah committed Oct 24, 2023
1 parent 1434469 commit 9ae1b21
Show file tree
Hide file tree
Showing 6 changed files with 56 additions and 34 deletions.
2 changes: 1 addition & 1 deletion vendor.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,6 @@ require (
golang.org/x/time v0.3.0 // indirect
golang.org/x/tools v0.8.0 // indirect
google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect
google.golang.org/grpc v1.56.2 // indirect
google.golang.org/grpc v1.56.3 // indirect
google.golang.org/protobuf v1.31.0 // indirect
)
4 changes: 2 additions & 2 deletions vendor.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -358,8 +358,8 @@ golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8T
google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 h1:KpwkzHKEF7B9Zxg18WzOa7djJ+Ha5DzthMyZYQfEn2A=
google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1/go.mod h1:nKE/iIaLqn2bQwXBg8f1g2Ylh6r5MN5CmZvuzZCgsCU=
google.golang.org/grpc v1.0.5/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
google.golang.org/grpc v1.56.2 h1:fVRFRnXvU+x6C4IlHZewvJOVHoOv1TUuQyoRsYnB4bI=
google.golang.org/grpc v1.56.2/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s=
google.golang.org/grpc v1.56.3 h1:8I4C0Yq1EjstUzUJzpcRVbuYA2mODtEmpWiQoN/b2nc=
google.golang.org/grpc v1.56.3/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s=
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
Expand Down
11 changes: 3 additions & 8 deletions vendor/google.golang.org/grpc/internal/transport/http2_server.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

69 changes: 48 additions & 21 deletions vendor/google.golang.org/grpc/server.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion vendor/google.golang.org/grpc/version.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion vendor/modules.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -373,7 +373,7 @@ golang.org/x/tools/internal/typesinternal
# google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1
## explicit; go 1.19
google.golang.org/genproto/googleapis/rpc/status
# google.golang.org/grpc v1.56.2
# google.golang.org/grpc v1.56.3
## explicit; go 1.17
google.golang.org/grpc
google.golang.org/grpc/attributes
Expand Down

0 comments on commit 9ae1b21

Please sign in to comment.