vouch-proxy icon indicating copy to clipboard operation
vouch-proxy copied to clipboard
verified publisher icon vouch

Version bump in order to fix security issues in Go libraries

Open rodrigodealer opened this issue 2 years ago • 1 comments

This PR fixes vulnerabilities issues both in golang.org/x/net and golang.org/x/text

Link for the vulnerabilities CVEs:

cve-2022-41717 cve-2022-32149 cve-2022-41723

The propose of this change is to correct vulnerabilities in both golang text and net packages. I've got this issue when I was running trivy against a source code and it flagged them as high risk vulnerabilities and thought would make sense to propose this change, since it wasn't already proposed.

rodrigodealer avatar May 08 '23 07:05 rodrigodealer

@bnfinet Could you have a look at this PR?

rodrigodealer avatar Jul 07 '23 09:07 rodrigodealer