Update dependencies to resolve vulnerabilities #2

corhere · 2024-04-05T14:30:17Z

Bump golang.org/x/[email protected] to resolve CVE-2023-48795
Bump golang.org/x/[email protected] to resolve CVE-2023-45288

Resolves GO-2023-2402, a.k.a. CVE-2023-48795 $ go get golang.org/x/[email protected] go: upgraded golang.org/x/crypto v0.14.0 => v0.17.0 go: upgraded golang.org/x/sys v0.13.0 => v0.15.0 go: upgraded golang.org/x/term v0.13.0 => v0.15.0 go: upgraded golang.org/x/text v0.13.0 => v0.14.0 Signed-off-by: Cory Snider <[email protected]>

Resolves GO-2024-2687, a.k.a. CVE-2023-45288 $ go get golang.org/x/[email protected] go: upgraded golang.org/x/crypto v0.17.0 => v0.21.0 go: upgraded golang.org/x/net v0.17.0 => v0.23.0 go: upgraded golang.org/x/sys v0.15.0 => v0.18.0 go: upgraded golang.org/x/term v0.15.0 => v0.18.0 Signed-off-by: Cory Snider <[email protected]>

corhere added 2 commits April 5, 2024 10:21

corhere requested a review from dperny April 5, 2024 14:30

dperny approved these changes Apr 11, 2024

View reviewed changes

corhere merged commit 92006ee into Mirantis:mcr23.0 Apr 15, 2024
60 checks passed

corhere deleted the deps/20240405 branch April 15, 2024 16:21

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependencies to resolve vulnerabilities #2

Update dependencies to resolve vulnerabilities #2

corhere commented Apr 5, 2024

Update dependencies to resolve vulnerabilities #2

Update dependencies to resolve vulnerabilities #2

Conversation

corhere commented Apr 5, 2024