diff -up ./buildah-00eb895d6f2f13d658a9cb78714382e494974afc/vendor/github.com/containers/image/docker/docker_client.go.CVE-2019-10214 ./buildah-00eb895d6f2f13d658a9cb78714382e494974afc/vendor/github.com/containers/image/docker/docker_client.go
--- buildah-00eb895d6f2f13d658a9cb78714382e494974afc/vendor/github.com/containers/image/docker/docker_client.go.CVE-2019-10214 2019-09-12 16:01:08.889098180 +0200
+++ buildah-00eb895d6f2f13d658a9cb78714382e494974afc/vendor/github.com/containers/image/docker/docker_client.go 2019-09-12 16:01:08.890098192 +0200
@@ -523,11 +523,7 @@ func (c *dockerClient) getBearerToken(ct
authReq.SetBasicAuth(c.username, c.password)
}
logrus.Debugf("%s %s", authReq.Method, authReq.URL.String())
- tr := tlsclientconfig.NewTransport()
- // TODO(runcom): insecure for now to contact the external token service
- tr.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
- client := &http.Client{Transport: tr}
- res, err := client.Do(authReq)
+ res, err := c.client.Do(authReq)
if err != nil {
return nil, err
}