rpms / skopeo

Clone
Source Code
GIT

Files

  1.   c7b3249c488b11f41c6b1e5715da519a5dd09f0b
  2.   SOURCES
  3.   skopeo-CVE-2019-10214.patch
Blob Blame History Raw 
diff -up ./skopeo-e079f9d61b2508b57e9510752d7e893b544c3cb8/vendor/github.com/containers/image/docker/docker_client.go.CVE-2019-10214 ./skopeo-e079f9d61b2508b57e9510752d7e893b544c3cb8/vendor/github.com/containers/image/docker/docker_client.go
--- ./skopeo-e079f9d61b2508b57e9510752d7e893b544c3cb8/vendor/github.com/containers/image/docker/docker_client.go.CVE-2019-10214	2019-09-12 15:41:52.774748876 +0200
+++ ./skopeo-e079f9d61b2508b57e9510752d7e893b544c3cb8/vendor/github.com/containers/image/docker/docker_client.go	2019-09-12 15:41:52.775748889 +0200
@@ -523,11 +523,7 @@ func (c *dockerClient) getBearerToken(ct
 		authReq.SetBasicAuth(c.username, c.password)
 	}
 	logrus.Debugf("%s %s", authReq.Method, authReq.URL.String())
-	tr := tlsclientconfig.NewTransport()
-	// TODO(runcom): insecure for now to contact the external token service
-	tr.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
-	client := &http.Client{Transport: tr}
-	res, err := client.Do(authReq)
+	res, err := c.client.Do(authReq)
 	if err != nil {
 		return nil, err
 	}

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation