New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

updates to go122, patches CVEs in pkgs #62

Closed

tonytheleg wants to merge 2 commits into project-kessel:main from tonytheleg:go122-plus-patches

tonytheleg commented Feb 12, 2025 •

edited

Loading

Bumps the Go version from 1.19 to 1.22.9 which can be built using go-toolset currently
Explicitly Bumps golang.org/x/crypto v0.14.0 --> 0.31.0 to remediate a Critical CVE
Explicitly Bumps golang.org/x/net v0.17.0 --> 0.33.0 to remediate a High CVE
Explicitly Bumps go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.45.0 --> 0.46.0
Dependency updates related to above patched pkgs

tonytheleg force-pushed the go122-plus-patches branch 2 times, most recently from 23880be to fd24822 Compare

February 13, 2025 15:11


          updates to go122, patches CVEs in pkgs

97f9941

tonytheleg force-pushed the go122-plus-patches branch 3 times, most recently from 414e141 to 1e0c99b Compare

February 13, 2025 18:39


          updates mage go version

9b33c4f

tonytheleg force-pushed the go122-plus-patches branch from 1e0c99b to 9b33c4f Compare

February 13, 2025 18:46

tonytheleg closed this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet