7c101c27c3
* update go version to 1.20.3 * add changelog * rename changelog file to remove underscore * update to use 1.20.4 * update change log entry to reflect 1.20.4
13 lines
712 B
Plaintext
13 lines
712 B
Plaintext
```release-note:security
|
|
Upgrade to use Go 1.20.4.
|
|
This resolves vulnerabilities [CVE-2023-24537](https://github.com/advisories/GHSA-9f7g-gqwh-jpf5)(`go/scanner`),
|
|
[CVE-2023-24538](https://github.com/advisories/GHSA-v4m2-x4rp-hv22)(`html/template`),
|
|
[CVE-2023-24534](https://github.com/advisories/GHSA-8v5j-pwr7-w5f8)(`net/textproto`) and
|
|
[CVE-2023-24536](https://github.com/advisories/GHSA-9f7g-gqwh-jpf5)(`mime/multipart`).
|
|
Also, `golang.org/x/net` has been updated to v0.7.0 to resolve CVEs [CVE-2022-41721
|
|
](https://github.com/advisories/GHSA-fxg5-wq6x-vr4w
|
|
), [CVE-2022-27664](https://github.com/advisories/GHSA-69cg-p879-7622) and [CVE-2022-41723
|
|
](https://github.com/advisories/GHSA-vvpx-j8f3-3w6h
|
|
.)
|
|
```
|