luxolus/open-consul
2
0
Fork 0
Code Issues 1 Pull requests Packages Releases Wiki Activity
open-consul/.changelog/19840.txt
hc-github-team-consul-core c279233d2b
Backport of [NET-6650] Bump go version to 1.20.12 into release/1.16.x (#19845) 
backport of commit af6045cdf1bfe8589d4ff5f03ffd327a39b62ced

Co-authored-by: Ronald Ekambi <ronekambi@gmail.com>
Co-authored-by: Ronald <roncodingenthusiast@users.noreply.github.com>
2023-12-07 14:00:25 -05:00

7 lines
593 B
Plaintext
Raw Blame History

```release-note:security
Upgrade to use Go 1.20.12. This resolves CVEs
[CVE-2023-45283](https://nvd.nist.gov/vuln/detail/CVE-2023-45283): (`path/filepath`) recognize \??\ as a Root Local Device path prefix (Windows)
[CVE-2023-45284](https://nvd.nist.gov/vuln/detail/CVE-2023-45285): recognize device names with trailing spaces and superscripts (Windows)
[CVE-2023-39326](https://nvd.nist.gov/vuln/detail/CVE-2023-39326): (`net/http`) limit chunked data overhead
[CVE-2023-45285](https://nvd.nist.gov/vuln/detail/CVE-2023-45285): (`cmd/go`) go get may unexpectedly fallback to insecure git
```
Reference in a new issue View git blame Copy permalink