Update coredns to 1.12.0

[unguiculus]

Proposed Changes

Update coredns to 1.12.0

This fixes the following CVS from 1.11.3:

┌─────────┬────────────────┬──────────┬────────┬───────────────────┬────────────────┬─────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version  │                            Title                            │
├─────────┼────────────────┼──────────┼────────┼───────────────────┼────────────────┼─────────────────────────────────────────────────────────────┤
│ stdlib  │ CVE-2024-34156 │ HIGH     │ fixed  │ 1.22.5            │ 1.22.7, 1.23.1 │ encoding/gob: golang: Calling Decoder.Decode on a message   │
│         │                │          │        │                   │                │ which contains deeply nested structures...                  │
│         │                │          │        │                   │                │ https://avd.aquasec.com/nvd/cve-2024-34156                  │
│         ├────────────────┼──────────┤        │                   │                ├─────────────────────────────────────────────────────────────┤
│         │ CVE-2024-34155 │ MEDIUM   │        │                   │                │ go/parser: golang: Calling any of the Parse functions       │
│         │                │          │        │                   │                │ containing deeply nested literals...                        │
│         │                │          │        │                   │                │ https://avd.aquasec.com/nvd/cve-2024-34155                  │
│         ├────────────────┤          │        │                   │                ├─────────────────────────────────────────────────────────────┤
│         │ CVE-2024-34158 │          │        │                   │                │ go/build/constraint: golang: Calling Parse on a "// +build" │
│         │                │          │        │                   │                │ build tag line with...                                      │
│         │                │          │        │                   │                │ https://avd.aquasec.com/nvd/cve-2024-34158                  │
└─────────┴────────────────┴──────────┴────────┴───────────────────┴────────────────┴─────────────────────────────────────────────────────────────┘

[muicoder]

It needs to be updated here as well.
https://github.com/k3s-io/k3s/blob/master/scripts/airgap/image-list.txt#L4

[manuelbuil]

thanks! What about moving to v1.12.0 directly?

[unguiculus]

thanks! What about moving to v1.12.0 directly?

Ideally, we'd move to v1.12.0, but that's not yet mirrored by Rancher. So, I thought that would be a quicker fix to get rid of the CVEs.

[unguiculus]

@manuelbuil PR for coredns 1.12.0 rancher/image-mirror#779

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 42.37%. Comparing base (0e15269) to head (6376b5b).
Report is 1 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #11387      +/-   ##
==========================================
- Coverage   46.73%   42.37%   -4.37%     
==========================================
  Files         179      179              
  Lines       18600    18610      +10     
==========================================
- Hits         8693     7886     -807     
- Misses       8553     9522     +969     
+ Partials     1354     1202     -152     

Flag	Coverage Δ
e2etests	34.07% <ø> (-7.86%)	⬇️
inttests	34.67% <ø> (+15.85%)	⬆️
unittests	13.82% <ø> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[unguiculus]

@manuelbuil Thanks for quickly merging the PR for 1.12.0. I updated this PR now.