Skip to content

Patching 3 vulnerable go packages

Matthew Haag requested to merge dutchhaag/secrets:patch_vulnerable_packages into master

What does this MR do?

Patches CVEs for multiple vulnerable GO packages.

Package Vulnerabilities Installed Version Fixed Version
github.com/go-git/go-git/v5 CVE-2023-49569, CVE-2023-49568 v5.4.2 v5.11.0
golang.org/x/net CVE-2022-27664, CVE-2022-41721, CVE-2022-41723, CVE-2023-39325 v0.0.0-20220708220712-1185a9018129 v0.17.0

What are the relevant issue numbers?

Will follow up once created.

Does this MR meet the acceptance criteria?

Edited by Matthew Haag

Merge request reports